urlscan.io logo urlscan.io
SecurityTrails logo

www.spectrumcu.org Open in urlscan Pro
2606:4700::6810:b655  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.spectrumcu.org/
Submission: On August 12 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 2 countries across 22 domains to perform 104 HTTP transactions. The main IP is 2606:4700::6810:b655, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.spectrumcu.org.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 25th 2024. Valid for: a year.
This is the only time www.spectrumcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
52 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
2 20.80.195.131 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 108.138.106.101 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.82.222.147 14618 (AMAZON-AES)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.164.96.90 16509 (AMAZON-02)
1 2 209.85.201.149 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.217.197.95 15169 (GOOGLE)
1 157.240.229.1 32934 (FACEBOOK)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 63.35.139.128 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 13.226.38.199 16509 (AMAZON-02)
1 52.5.82.174 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
104 25
52    2606:4700::6810:b655 (United States)

ASN13335 (CLOUDFLARENET, US)
www.spectrumcu.org
1    2600:1408:c400:26::17da:d916 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    20.80.195.131 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
01334locator.wave2.io
3    2607:f8b0:400d:c1d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2600:1408:c400:26::17da:d92a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
snap.licdn.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com
3    2607:f8b0:400d:c01::65 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.82.222.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-222-147.compute-1.amazonaws.com
tags.srv.stackadapt.com
5    2606:4700:20::ac43:48b0 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.signalintent.com
1    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
2    209.85.201.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f149.1e100.net
11547724.fls.doubleclick.net
2    2607:f8b0:4004:c1f::66 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c09::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net
maps.googleapis.com
1    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
4    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    63.35.139.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-139-128.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net
cdn.segment.com
1    52.5.82.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-82-174.compute-1.amazonaws.com
calc-backend-prod.herokuapp.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
52 spectrumcu.org
www.spectrumcu.org
8 MB
5 signalintent.com
embed.signalintent.com — Cisco Umbrella Rank: 146221
142 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 567
222 KB
3 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3005
39 KB
3 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
21 KB
3 doubleclick.net
11547724.fls.doubleclick.net
ad.doubleclick.net Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
985 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
79 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
304 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
767 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
61 KB
2 wave2.io
01334locator.wave2.io
1 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
1 herokuapp.com
calc-backend-prod.herokuapp.com — Cisco Umbrella Rank: 163556
968 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
171 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669 Failed
px4.ads.linkedin.com Failed
747 B
1 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688
7 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
0 google.ca Failed
www.google.ca Failed
0 mouseflow.com Failed
cdn.mouseflow.com Failed
104 22
Domain Requested by
52 www.spectrumcu.org www.spectrumcu.org
5 embed.signalintent.com www.googletagmanager.com
embed.signalintent.com
4 www.facebook.com www.spectrumcu.org
4 maps.googleapis.com www.spectrumcu.org
maps.googleapis.com
3 cdn.segment.com embed.signalintent.com
3 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
3 www.google-analytics.com www.googletagmanager.com
www.spectrumcu.org
www.google-analytics.com
3 connect.facebook.net www.spectrumcu.org
connect.facebook.net
3 www.googletagmanager.com www.spectrumcu.org
www.googletagmanager.com
2 analytics.google.com 1 redirects www.googletagmanager.com
2 11547724.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 01334locator.wave2.io www.spectrumcu.org
01334locator.wave2.io
1 code.jquery.com cdn.cookielaw.org
1 calc-backend-prod.herokuapp.com embed.signalintent.com
1 content.hotjar.io script.hotjar.com
1 px.ads.linkedin.com snap.licdn.com
www.spectrumcu.org
1 stats.g.doubleclick.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 tags.srv.stackadapt.com www.spectrumcu.org
tags.srv.stackadapt.com
1 snap.licdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 use.typekit.net www.spectrumcu.org
0 px4.ads.linkedin.com Failed www.spectrumcu.org
0 www.google.ca Failed www.spectrumcu.org
0 ad.doubleclick.net Failed www.spectrumcu.org
0 cdn.mouseflow.com Failed www.googletagmanager.com
104 27
Subject Issuer Validity Valid
www.spectrumcu.org
DigiCert EV RSA CA G2		 2024-03-25 -
2025-04-25		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.wave2.io
GeoTrust TLS RSA CA G1		 2024-07-08 -
2025-07-23		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2024-08-09 -
2025-09-06		 a year crt.sh
signalintent.com
E5		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.herokuapp.com
Amazon RSA 2048 M02		 2024-03-02 -
2025-03-31		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.spectrumcu.org/
Frame ID: 6E7FE36103A9291C1EA5EE685D2D61A0
Requests: 105 HTTP requests in this frame

Frame: https://11547724.fls.doubleclick.net/activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F
Frame ID: 2F179FAEDAF5A211AE49976695ADBC50
Requests: 1 HTTP requests in this frame

Frame: https://01334locator.wave2.io/full.html?ref=xxx/tqfdusvndv/psh&
Frame ID: FC9FA63477139C673AEC10C7408B64D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spectrum Credit Union

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

90 %
HTTPS

58 %
IPv6

22
Domains

27
Subdomains

25
IPs

2
Countries

8945 kB
Transfer

12083 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://11547724.fls.doubleclick.net/activityi;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F HTTP 302
  • https://11547724.fls.doubleclick.net/activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F
Request Chain 68
  • https://analytics.google.com/g/collect?v=2&tid=G-FTNGCF4D1X&gtm=45je4880v871184640za200zb812229747&_p=1723473466754&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=969403722.1723473467&ul=en-ca&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1723473467&sct=1&seg=0&dl=https%3A%2F%2Fwww.spectrumcu.org%2F&dt=Spectrum%20Credit%20Union&cu=USD&en=digital_banking___visit&_c=1&epn.value=0&_et=4&tfd=1809 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=969403722.1723473467&dbk=13647720282451400753&dma=0&en=digital_banking___visit&gtm=45je4880v871184640za200zb812229747&npa=0&tid=G-FTNGCF4D1X&dl=https%3A%2F%2Fwww.spectrumcu.org%3F
Request Chain 80
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F HTTP 0
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F&e_ipv6=AQK7mJmKllwpogAAAZFHBhl6CQlBZPsM3BfLCcO6Jachvpjwi1-YWwAuyHNOSfAX8DIFx9Cf

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.spectrumcu.org/ 		145 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e66e6fb4241569e1d6069981d4f2b527fd1ac326ce8bc0ea7d9db18ab063d8c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b21348a8d8fa28c-YUL
content-encoding
gzip
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 14:37:46 GMT
expires
-1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
font-awesome.min.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		30 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/font-awesome.min.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b941b18061a9af2f83017b30566a1fc6bebab57e8c00a06656a7f28660aec31
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
8342
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f3a28c-YUL
animate.min.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/animate.min.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
6158
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f4a28c-YUL
bootstrap.min.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		118 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/bootstrap.min.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
27637
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f6a28c-YUL
owl.carousel.min.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/owl.carousel.min.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a6d0cd30fdfc5df5a53b45367f58dd2bc55e0b8c03f9c8accf2f4e797d7defe3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
1318
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f7a28c-YUL
jquery.mCustomScrollbar.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/jquery.mCustomScrollbar.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1730d27c265a4c7eea723e44a5152c6fdf0a3e8c03d1a94b47b2e1a594917ea5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
8909
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f8a28c-YUL
fonts-typography.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eac629bdc742ae5d0badaaf4a45bcbe82fe2175d0ea791750373cfcd5f02caa8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
2782
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8f9a28c-YUL
master.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/spectrum/ 		155 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/spectrum/master.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
08bb261452945fe2f6dd24e5263e9dfd5c5277c1a18a2eb1b0913c2dc083a8d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
34942
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8faa28c-YUL
responsive.css
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/spectrum/ 		130 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/spectrum/responsive.css?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3d5716e618d727566735ff6c76d9fbaf4d56d29284e322a9f82f0116418b0dd4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
30164
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8fca28c-YUL
sitefinity-webservices-sdk.min.js
www.spectrumcu.org/Scripts/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/Scripts/sitefinity-webservices-sdk.min.js?v=12.2.7232.0-7
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ec39b460a27f6c3ac807b6502a7fa2d069b90ddf887e6e929c7c2b680baf1420
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
15267
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:04 GMT
server
cloudflare
etag
"0887df1c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ec8fda28c-YUL
ctz7glc.css
use.typekit.net/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ctz7glc.css
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:26::17da:d916 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fa610aec494b817d5a9f42900cd62fe99dfdd6afdc3e5f66ddf316e2563a15bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 12 Aug 2024 14:37:46 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1569
ScriptResource.axd
www.spectrumcu.org/ 		87 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3qItYpYayoAQvogiZnHhBVrFutMaIYyE-IZbhnOMz-v_GgYKRuDt3wxmSLqJ5mxgYNdsq82XEpIB2MgpggGbz7Tg2Me_xpAm6glG54KYgldrN9IkhhN33AAzJjK5AgXWvrgLH5SpqTZjxe3RW8bTR3DdrmCXXT8IQzq24asmTuKj0&t=9721f93
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
39735
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 02 Aug 2024 20:21:02 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8b21348ec8fea28c-YUL
expires
Sat, 02 Aug 2025 20:21:02 GMT
ScriptResource.axd
www.spectrumcu.org/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESE0ooZa7SPn3Y5Qx1A3oQ3NrKukIjiWcIepUmkJ6Dr-UPeG54NLSN7Y7Pt7h1x0Rg0jGeoZ4EyCKyQ0PUk9eOo0paJfRl_n7Lk3cTzPMhZzZuclObjvlraxxbMI84IYKhv7BgatjOWeUHYq__EsxHhbfrLEFgncO1Jp0TQfDpfwI0&t=9721f93
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
3836
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 03 Aug 2024 05:51:15 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8b21348ed90fa28c-YUL
expires
Sun, 03 Aug 2025 05:51:15 GMT
ScriptResource.axd
www.spectrumcu.org/ 		248 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ScriptResource.axd?d=VKaJmfFWDpQxp1_HxsR1qKI-G6vH0_jaJ7I6TCZ996YeC7meBTZ__lg_0-Q10uEder0Yr2Hxge7S7Lsc8tQ49CLkqnegIsJBM-sEhEGeFemm0gcu4LYtopRUkOPBMLf_RvmKZXHyETzTCG0-IQ1StvPyJoU3FQtCm03coNBZeqW4JL8nFi-NP7FbsBG0NYZ7SBjTpCJr0jcIWf6mh8gpBw2&t=9721f93
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5b812760cc9a246b2582b8f2bc643da2e769965e15c83a3502bb46263ae50726
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 03 Aug 2024 05:49:57 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8b21348ed911a28c-YUL
expires
Sun, 03 Aug 2025 05:49:57 GMT
spectrum-logo.svg
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/ 		7 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum-logo.svg
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2772d97e9062ce012938c4896ed9e61c648b5835c3caea943840a81ddd4c6289
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
W/"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8b21348ed913a28c-YUL
about-icon.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		855 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/about-icon.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
78d28fdd2c6a7d50f00fa6e68fc763777bedc81b0fa2c6eb30c5057fc708e0cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
855
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348ed914a28c-YUL
phone-icon.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		462 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/phone-icon.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f6aed3eaa9d8d8f03c67af67399fa4b1ddd7eb32bb9c9e0f7cc469a68e2a161
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
462
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f2954a28c-YUL
gps-icon.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		503 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/gps-icon.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
39722664c9483f4ecb8d95a73bb93d95ff95f6f0f4312853f6a807ccd0fc4717
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
503
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f2959a28c-YUL
rates-icon.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		761 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/rates-icon.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1168a51464ee058326519e163a57bc7b8a048db5a4e0c7d0cd58486ab5ed2d24
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62296
x-powered-by
ASP.NET
content-length
761
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f496ea28c-YUL
search.svg
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/ 		509 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/search.svg
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d8f6a942018d02a3f961786f929012a8dab5fd6a607024af0965d6c446aecc0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
W/"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8b21348f4970a28c-YUL
lists
www.spectrumcu.org/api/default/ 		135 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/api/default/lists?$filter=(Title%20eq%20%27AllowedDomains%27)&$select=Id
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/Scripts/sitefinity-webservices-sdk.min.js?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4013769755f6beead237b03cdd788ea8c8302b12944fd115ad31997bba198146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectrumcu.org/
X-SF-Service-Request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
247
odata-version
4.0
last-modified
Mon, 12 Aug 2024 11:56:48 GMT
server
cloudflare
etag
"b3cd7767-2a52-4543-9ece-ad0d4d40f342"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; odata.metadata=minimal
cache-control
public, must-revalidate, max-age=120
cf-ray
8b21348f496da28c-YUL
expires
Mon, 12 Aug 2024 14:39:46 GMT
gtm.js
www.googletagmanager.com/ 		393 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13b60caade82faac86ebaff33b17aaf6f9e36014cf12ffa5a356d786a936207c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126470
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 14:37:46 GMT
heroimage_savingsrates_may1_spectrum.jpg
www.spectrumcu.org/images/default-source/main-link-banners/ 		855 KB
859 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/default-source/main-link-banners/heroimage_savingsrates_may1_spectrum.jpg?sfvrsn=2324f637_3
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6446f8ec4d12e9d25589661fe6fa7a4bac3aef12c5bde6aef376774b8ec1ec6b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=HeroImage_SavingsRates_May1_Spectrum.jpg
content-length
875447
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Thu, 01 Aug 2024 20:29:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f5979a28c-YUL
expires
Sun, 11 Aug 2024 18:45:20 GMT
2024summerauto_website_heroimage_spectrum.jpg
www.spectrumcu.org/images/default-source/main-link-banners/ 		386 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/default-source/main-link-banners/2024summerauto_website_heroimage_spectrum.jpg?sfvrsn=1e15f537_3
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8bbbff2e1d973e608ede705e94d75f167bb40e081aab3b8fa3525aa5c1dda61
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=2024SummerAuto_Website_HeroImage_Spectrum.jpg
content-length
394962
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Thu, 01 Aug 2024 20:28:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f597aa28c-YUL
expires
Sun, 11 Aug 2024 18:45:20 GMT
2024-mysavings-wsj-award---web-hero---spectrum.jpg
www.spectrumcu.org/images/default-source/main-link-banners/ 		694 KB
698 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/default-source/main-link-banners/2024-mysavings-wsj-award---web-hero---spectrum.jpg?sfvrsn=b26f537_3
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
db1ec3c8fcfbefe29cb8726e8bc03b559a3bd2a6950c28185f46d4fe913b740b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=2024-MySavings-WSJ-Award---Web-Hero---Spectrum.jpg
content-length
710792
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Thu, 01 Aug 2024 20:27:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f597ba28c-YUL
expires
Mon, 12 Aug 2024 11:46:41 GMT
owl.carousel.min.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/owl.carousel.min.js
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
15056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f5978a28c-YUL
rates-image.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		923 KB
926 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/rates-image.png?sfvrsn=9bee137_2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
60391c648a4f66c2f59ddc4f3214a8f7474f30e0329476e9934557b92448f19f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=rates-image.png
content-length
944727
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Aug 2024 20:47:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f5986a28c-YUL
expires
Sun, 11 Aug 2024 18:45:21 GMT
storycard_savingsrates_may2024_spectrum.jpg
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		719 KB
722 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/storycard_savingsrates_may2024_spectrum.jpg?sfvrsn=f477f637_2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fb798dc2c77984c9eea52b5ba5bfb6a4825b5c7f7c481e00ae42d9fec37c3f15
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=storycard_savingsrates_may2024_spectrum.jpg
content-length
735797
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Aug 2024 20:20:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f5987a28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
testimonialsevergreen_storycard_spectrum-(1).jpg
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		102 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/testimonialsevergreen_storycard_spectrum-(1).jpg?sfvrsn=a5eff737_1
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea1db511dd0cc732b4fffa04dafbbc7536abd921a069f520b613d131aa50a642
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=testimonialsevergreen_storycard_spectrum-(1).jpg
content-length
104218
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Mon, 20 Nov 2023 19:04:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f5989a28c-YUL
expires
Mon, 12 Aug 2024 06:08:56 GMT
youthstorycard-spectrum-colleging-(1).jpg
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		661 KB
665 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/youthstorycard-spectrum-colleging-(1).jpg?sfvrsn=e07f037_1
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d109de51483919beb3e2213eb5839964d6189805381b3a0a417de9a35bdf67bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=youthstorycard-spectrum-colleging-(1).jpg
content-length
677141
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Mon, 20 Nov 2023 19:04:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f598aa28c-YUL
expires
Sun, 11 Aug 2024 10:36:42 GMT
speach_magenta.png
www.spectrumcu.org/images/librariesprovider6/new-site-library/ 		46 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/new-site-library/speach_magenta.png?sfvrsn=3c58e637_3
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ad4637bdf61c2c151459712793cdcb316bc123777868a5c2d31ca8c395b77ebf
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=speach_magenta.png
content-length
47214
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Aug 2024 20:48:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f598ca28c-YUL
expires
Mon, 12 Aug 2024 06:08:56 GMT
speach_yellow.png
www.spectrumcu.org/images/librariesprovider6/new-site-library/ 		36 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/new-site-library/speach_yellow.png?sfvrsn=1b58e637_3
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a0cbc1396de80a630b48f85172e62bfe9eabbbe195d5f310ac2d9230e2c6067f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=speach_yellow.png
content-length
37332
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Aug 2024 20:49:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f598da28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
location-gps.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		790 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/location-gps.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23ab55e048a8951dcdde40ece4a579f131ebfa70d5dae7f29ff152855105139f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
790
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f598ea28c-YUL
load.min.js
01334locator.wave2.io/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://01334locator.wave2.io/load.min.js
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.80.195.131 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c86c14c3bbd6a66f9197722196cfc4b918f508472e586200b76be858f173a8b

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 13:57:45 GMT
server
Microsoft-IIS/10.0
etag
"b4c1ec75d1ddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1220
bank_1.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		39 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/bank_1.png?sfvrsn=a36e537_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1595e8719f2beb22f50868aa0815e406883930567445da72c3014d10acff3c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=bank_1.png
content-length
40256
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 19:27:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f598fa28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
bank_2.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		35 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/bank_2.png?sfvrsn=e36e537_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f35834a17fb920003e6a58d6f3d9939f353d8e4787be4723dcd0c27f26b1e27f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=bank_2.png
content-length
35928
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 19:27:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6990a28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
spectrum_mobile.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		75 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/spectrum_mobile.png?sfvrsn=cb34e537_2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ec64e902a8da6c84033f86bdf1c419e88e4f17d7a56a2c640a7a3e5ab516bc50
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=spectrum_mobile.png
content-length
76764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 20:31:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6991a28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
app-store.png
www.spectrumcu.org/images/librariesprovider7/default-album/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider7/default-album/app-store.png?sfvrsn=82c4e237_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
139c00a852addfe92dcf15f793beac9704843c281f0a68a90386a255432fe9cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=app-store.png
content-length
2879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 06:37:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6992a28c-YUL
expires
Mon, 12 Aug 2024 18:37:47 GMT
google-store.png
www.spectrumcu.org/images/librariesprovider7/default-album/ 		3 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider7/default-album/google-store.png?sfvrsn=56c3e237_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4a5252975643cbe20cb27c6c7fe18fc74a31a68473f45207df7c8f5f7c023eff
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=google-store.png
content-length
3465
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 06:25:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6993a28c-YUL
expires
Sun, 11 Aug 2024 18:45:21 GMT
bank_3.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		37 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/bank_3.png?sfvrsn=1636e537_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6fed9ea4d335ec4814892cc2257f979557c41c77ba8382b6d4bfc3718a2a620a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=bank_3.png
content-length
38078
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 19:28:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6996a28c-YUL
expires
Mon, 12 Aug 2024 17:54:24 GMT
bank_4.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		45 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/bank_4.png?sfvrsn=1236e537_4
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
43e8bf7705494b02f0a1764aed4931623a3a941c7552c88bbfa367e74995d572
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=bank_4.png
content-length
45607
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 19:28:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6997a28c-YUL
expires
Mon, 12 Aug 2024 06:08:56 GMT
readytobecomemember.png
www.spectrumcu.org/images/librariesprovider6/spectrum-images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/images/librariesprovider6/spectrum-images/readytobecomemember.png?sfvrsn=469e137_2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a832feeb5a75c3114d8f294cb1149150ab0fb06b51f344868fb367749a142d7b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-disposition
inline; filename=readytobecomemember.png
content-length
2641086
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Aug 2024 20:48:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400, s-maxage=14400
accept-ranges
bytes
cf-ray
8b21348f6998a28c-YUL
expires
Sun, 11 Aug 2024 13:45:00 GMT
gps-footer.png
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/ 		468 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/gps-footer.png
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b280419da19d3a5b6e34d733e856fa548e587b69c3c9a06edeadad30b27335e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
468
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f6999a28c-YUL
bootstrap.min.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/bootstrap.min.js?v=12.2.7232.0-7&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
13045
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f597ea28c-YUL
owl.carousel.min.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/owl.carousel.min.js?v=12.2.7232.0-7&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
15056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f5980a28c-YUL
js
maps.googleapis.com/maps/api/ 		316 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAhgv6MvwPlZclLLaOYHBkdGworAe6yBrg&libraries=places&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
e2d3d1e4a4102d8e263275b7d27d5d6cf49f09b06ccf44f3e303c8194383d859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105449
x-xss-protection
0
tabcollapse.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/tabcollapse.js?v=12.2.7232.0-7&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00905911d87c7f92acf9200aa15000497fa828d6a589b98d0c8812018b26fb34
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
2163
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f5981a28c-YUL
custom.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/custom.js?v=12.2.7232.0-7&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8ef6ca515e83c075568be9d78a39ebd1a8cbec2967df5b3369cc286ea321bac7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
8224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 13:24:10 GMT
server
cloudflare
etag
"0b9426750e5d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f5982a28c-YUL
custom.js
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/spectrum/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/js/spectrum/custom.js?v=12.2.7232.0-7&package=CFCUSpectrum
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
06dc80b2fcc0ad1a85839a94a2cfd596139b5c7e18218878dd124a191b86b958
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
2786
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
"05b4cf0c4ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b21348f5984a28c-YUL
Search-box.min.js
www.spectrumcu.org/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/Frontend-Assembly/Telerik.Sitefinity.Frontend.Search/Mvc/Scripts/SearchBox/Search-box.min.js?package=CFCUSpectrum&v=MTQuMC43NzMwLjA%3d
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
31f476fc0451c65ca179552b37cf5ccc6a55f6d808fd36d4986f220e7a7dd8fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
62297
x-powered-by
ASP.NET
content-length
1224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 09:50:26 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8b21348f5985a28c-YUL
expires
Sun, 18 Aug 2024 09:45:00 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ctz7glc&ht=tk&f=137.138.139.140.169.170.173.174.175.176.5474.5475.25136.25137.1980.1981.1982.1983.1984.8541.8542.8543.8544.8545&a=4779839&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ctz7glc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:26::17da:d92a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/ctz7glc.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:46 GMT
last-modified
Thu, 21 Mar 2024 06:24:37 GMT
server
nginx
etag
"65fbd2a5-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
listitems
www.spectrumcu.org/api/default/ 		90 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/api/default/listitems?$filter=(ParentId%20eq%20e1b09353-859f-6b05-ad7c-ff00006f9061)&$select=Title
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/Scripts/sitefinity-webservices-sdk.min.js?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
155916b9bdf6ce328dca52f7b3c5c0d42ca12ca3d79ab599558facc72842d60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.spectrumcu.org/
X-SF-Service-Request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
202
odata-version
4.0
last-modified
Mon, 12 Aug 2024 11:56:22 GMT
server
cloudflare
etag
"4b58ceab-fde8-49ea-885b-68c2517a70af"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; odata.metadata=minimal
cache-control
public, max-age=38
cf-ray
8b2134906a9ca28c-YUL
expires
Mon, 12 Aug 2024 14:38:25 GMT
Helvetica.woff
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/ 		158 KB
158 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/Helvetica.woff
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
722f8c42f9db928cead8037d97f0d1f6fe55c86ed432b7961633d51fb4264849
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Origin
https://www.spectrumcu.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
W/"01eaedc4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff
cache-control
max-age=2678400
cf-ray
8b213490fb0da28c-YUL
js
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FTNGCF4D1X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
332960015463ea98650f704e5287c8ac20931cce7d9c6c8d61f9e40ad5260a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106184
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 14:37:47 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 14:37:47 GMT
document-policy
force-load-at-top
x-fb-server-load
76
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=12, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
MKJndrdd5qbw7GPuicnGM+L7yzFCoYONlolwtSxih+RQT9tnToX2hyz1y5QvLV7r519mKNIrAN1ZliYs5Sj54Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1806952.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1806952.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
2b317720f7581aa2a56a4b1a4f7f3d36c88b9d2bce1bf2f742b47fe347478b58
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 14:37:47 GMT
via
1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/d82c4468f028ae885c24013376c8545a
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0X2c_Ek4K-7pAtK0kjB9jzHq72PulAktF1n7AcvA2ysd1SA_c6A1Gg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 12:46:46 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6661
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 12 Aug 2024 14:46:46 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:26::17da:d92a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 28 Jul 2024 07:35:22 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=16798
accept-ranges
bytes
content-length
14597
destination
www.googletagmanager.com/gtag/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-11547724&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37f0cbbb763256e6a6746de5e459cc9d2a246e3cbf793cbb50f3e0a14398c9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78439
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 14:37:47 GMT
9471cce8-df37-4ae8-9232-c46b0b56cf83.js
cdn.mouseflow.com/projects/ 		0
0
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.222.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-222-147.compute-1.amazonaws.com
Software
/
Resource Hash
65338acfb71de0f4fe97ee6f5df9224237dd5e9e1628fa275b2f1820659f962a

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Aug 2024 14:37:47 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
embedded.js
embed.signalintent.com/js/ 		1003 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.signalintent.com/js/embedded.js?org-guid=5c4ad87d-7608-4440-98b7-02c3a1f11743
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
96d2b12cf496c84f64f34f4de2384c0a9699e2444a7dee35e44e7a3d2f86bbbe

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
EXPIRED
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified
Mon, 12 Aug 2024 14:37:47 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723473467&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0YXwxKmk6S%2FsOq1rhv10B%2FJj4dzzUQ6crCu2zw4VoSA%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8b2134921fe8aacd-YYZ
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723473467&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0YXwxKmk6S%2FsOq1rhv10B%2FJj4dzzUQ6crCu2zw4VoSA%3D
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1806952.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
1124081
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mflkxyvg5W-3-hufzbOL5CUINZHj1BzWuy-SAorl9XFaQEkMKtGkYA==
563179965974078
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/563179965974078?v=2.9.164&r=stable&domain=www.spectrumcu.org&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e12b27c0ca99d9d816d89e31667bc14c44aa406834520faba4acbf56a07ffd34
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 14:37:47 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=62, mss=1297, tbw=64392, tp=-1, tpl=-1, uplat=59, ullat=0
pragma
public
x-fb-debug
fLSAj6fg7tYTt+5NtW+khzXET5XAJxU1UVCdCjGH4FKvruAW8wzh+JNfioDoye3k913XBR4czRbHE+w1n6XZ6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
11547724.fls.doubleclick.net/ Frame 2F17
Redirect Chain
  • https://11547724.fls.doubleclick.net/activityi;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://11547724.fls.doubleclick.net/activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://11547724.fls.doubleclick.net/activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11547724&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 14:37:47 GMT
expires
Mon, 12 Aug 2024 14:37:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 14:37:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11547724.fls.doubleclick.net/activityi;dc_pre=CKDjwf7W74cDFXrU_QUdpbISxQ;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 		0
0
HelveticaNeueLTPro-Bd.woff2
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/ 		14 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/HelveticaNeueLTPro-Bd.woff2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8141bb85ff293b535e6601b02f8c30005c5d1e5430f6098f7d02ea0241d3c276
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Origin
https://www.spectrumcu.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
14296
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b2134935cffa28c-YUL
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FTNGCF4D1X&gtm=45je4880v871184640z8812229747za200zb812229747&_p=1723473466754&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=969403722.1723473467&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1723473467&sct=1&seg=0&dl=https%3A%2F%2Fwww.spectrumcu.org%2F&dt=Spectrum%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1804
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FTNGCF4D1X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 14:37:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spectrumcu.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FTNGCF4D1X&cid=969403722.1723473467&gtm=45je4880v871184640z8812229747za200zb812229747&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FTNGCF4D1X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 14:37:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spectrumcu.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-FTNGCF4D1X&gtm=45je4880v871184640za200zb812229747&_p=1723473466754&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=969403722.1723473467&ul=en-ca&sr=1600x12...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=969403722.1723473467&dbk=13647720282451400753&dma=0&en=digital_banking___visit&gtm=45je4880v871184640za200zb812229747&n...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=969403722.1723473467&dbk=13647720282451400753&dma=0&en=digital_banking___visit&gtm=45je4880v871184640za200zb812229747&npa=0&tid=G-FTNGCF4D1X&dl=https%3A%2F%2Fwww.spectrumcu.org%3F
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Server
2607:f8b0:400d:c01::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xdadf5c0a081f822a","source_keys":["1"]},{"key_piece":"0x3b6482663158d754","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"13647720282451400753","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["838799894"],"5":["08-12","08-11","08-10"]}}
date
Mon, 12 Aug 2024 14:37:47 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Aug 2024 14:37:47 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=969403722.1723473467&dbk=13647720282451400753&dma=0&en=digital_banking___visit&gtm=45je4880v871184640za200zb812229747&npa=0&tid=G-FTNGCF4D1X&dl=https%3A%2F%2Fwww.spectrumcu.org%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		0
0
full.html
01334locator.wave2.io/ Frame FC9F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://01334locator.wave2.io/full.html?ref=xxx/tqfdusvndv/psh&
Requested by
Host: 01334locator.wave2.io
URL: https://01334locator.wave2.io/load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.80.195.131 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://www.spectrumcu.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2091
content-type
text/html
date
Mon, 12 Aug 2024 14:37:47 GMT
etag
"0633921ccd2d81:0"
last-modified
Tue, 27 Sep 2022 23:51:58 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89cb130ba1cd1b0b9e53bb437dfe39b0edd040fb2c96311ef89a8f90de443f62

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
553a19978c7a045a974b81204bb22cea8aa47ffdb13cf46428915b6cf92950cf

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhgv6MvwPlZclLLaOYHBkdGworAe6yBrg&libraries=places&package=CFCUSpectrum
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.spectrumcu.org
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
1094970501255506
connect.facebook.net/signals/config/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1094970501255506?v=2.9.164&r=stable&domain=www.spectrumcu.org&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C142%2C168%2C154%2C115%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
8003051a3bc94748ac2d06bb8f5f2170cb525ce12229539ce3bbeda5873d1dc0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 14:37:47 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4354, tp=9, tpl=0, uplat=55, ullat=0
pragma
public
x-fb-debug
JqkCeyYpyFLGbAbhU11FQAWWRypWRKv+9KKjkU7Xz/aJ9QCBcoGrBTmUy2bLOkpXUoyZHUBYQVFTnmqNY/TZAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=563179965974078&ev=PageView&dl=https%3A%2F%2Fwww.spectrumcu.org&rl=&if=false&ts=1723473467616&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723473467614.36073491151715622&pm=1&hrl=c506b5&ler=empty&cdl=API_unavailable&it=1723473467318&coo=false&cs_cc=1&cas=6735549559846976&rqm=GET
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Aug 2024 14:37:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=563179965974078&ev=PageView&dl=https%3A%2F%2Fwww.spectrumcu.org&rl=&if=false&ts=1723473467616&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723473467614.36073491151715622&pm=1&hrl=c506b5&ler=empty&cdl=API_unavailable&it=1723473467318&coo=false&cs_cc=1&cas=6735549559846976&rqm=FGET
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2fe1a688ce9fa90c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:24060114940301788","7830:24060114940301788","10853:24060114940301788","41:24060114940301788","8046:24060114940301788"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 12 Aug 2024 14:37:47 GMT
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402262177343541689", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3102, tp=-1, tpl=-1, uplat=24, ullat=0
pragma
no-cache
x-fb-debug
xw+9/YlJGnpq3ZLSDdK1ye3C8hkW5kAXSGUnxJRweELT8tkLd58BZS711GBnw1oyRQSEM1kjL1NceWmXnurkXw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402262177343541689"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		0
0
collect
www.google-analytics.com/j/ 		3 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=24231204&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spectrumcu.org%2F&ul=en-ca&de=UTF-8&dt=Spectrum%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=840552525&gjid=1034106653&cid=969403722.1723473467&tid=UA-37743800-1&_gid=287312336.1723473468&_r=1&_slc=1&gtm=45He4880n81PSVVXQCv812229747za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=395039798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 14:37:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spectrumcu.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		0
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F&e_ipv6=AQK7mJmKllwpogAAAZFHBhl6C...
0
0
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=1806952&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.35.139.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f744dba6e6c922229fcdbd5b81849b43e12c789ca8327865d6a11961ab9946f

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Aug 2024 14:37:48 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
main.c7800fc7a937a1bdacef.js
embed.signalintent.com/embedded/ 		465 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/js/embedded.js?org-guid=5c4ad87d-7608-4440-98b7-02c3a1f11743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f5f8b54d19344d5e4e7881ac0d2a155fe3a94d9d5d6e54028e74943d57233ea1

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
6618
cf-polished
origSize=476441
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723437876&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=wF5yaS3%2FgoB3Tbgd%2FD35XVaRpTJn895UXckzGp1s9Sk%3D
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 16:40:49 GMT
server
cloudflare
etag
W/"1e61d-1910ed0c668"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723437876&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=wF5yaS3%2FgoB3Tbgd%2FD35XVaRpTJn895UXckzGp1s9Sk%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8b213495aafdaacd-YYZ
main.08a4980c7b0074138701.css
embed.signalintent.com/embedded/ 		114 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.signalintent.com/embedded/main.08a4980c7b0074138701.css
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/js/embedded.js?org-guid=5c4ad87d-7608-4440-98b7-02c3a1f11743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c57cc4cee49f3fa89c6f9cc8dfe124cd69a5a1984dbc5d765844e96759c98c16

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
6618
cf-polished
origSize=117005
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723437876&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=wF5yaS3%2FgoB3Tbgd%2FD35XVaRpTJn895UXckzGp1s9Sk%3D
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 16:40:49 GMT
server
cloudflare
etag
W/"385a-1910ed0c668"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723437876&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=wF5yaS3%2FgoB3Tbgd%2FD35XVaRpTJn895UXckzGp1s9Sk%3D"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8b213495aafcaacd-YYZ
saq_pxl
tags.srv.stackadapt.com/ 		0
0
attribution_trigger
px.ads.linkedin.com/ 		2 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3508620&time=1723473467669&url=https%3A%2F%2Fwww.spectrumcu.org%2F
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2DB03B1C698B4510B883B584FA1189D1 Ref B: YMQ01EDGE0821 Ref C: 2024-08-12T14:37:47Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYffW/UaDorjuL66zsniQ==
x-fs-uuid
00061f7d6fd4683a2b8ee2faeb3b2789
0a1f5dd2-7ebd-4bad-bf53-764505fae5d8.js
cdn.cookielaw.org/langswitch/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/langswitch/0a1f5dd2-7ebd-4bad-bf53-764505fae5d8.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf2402cf79f5f1367c3530265fd8ccf19e6c0abe98cd494852670350ecb6e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 14:37:47 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BWl4wPS4s5HADdtGFfGftw==
age
62297
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
670
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 18:38:17 GMT
server
cloudflare
etag
0x8D9C18C644C1FF2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4db25e91-901e-008d-19d5-9b0dcf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b2134960ceaa2d3-YUL
fontawesome-webfont.woff2
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/font-awesome/ 		75 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/font-awesome.min.css?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/font-awesome.min.css?v=12.2.7232.0-7
Origin
https://www.spectrumcu.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:48 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
77160
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:00 GMT
server
cloudflare
etag
"02e1befc4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b2134961f42a28c-YUL
HelveticaNeueLTPro-Lt.woff2
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/ 		16 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/fonts/HelveticaNeue/HelveticaNeueLTPro-Lt.woff2
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8f78ccd70b3028edd3d6b4daeabb47114a96c9b76287a32942e50eaea603c3e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/css/fonts-typography.css?v=12.2.7232.0-7
Origin
https://www.spectrumcu.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:47 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
content-length
15956
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:20:58 GMT
server
cloudflare
etag
"01eaedc4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8b2134962f4fa28c-YUL
saq_pxl
tags.srv.stackadapt.com/ 		0
0
/
px.ads.linkedin.com/wa/ 		0
0
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1094970501255506&ev=PageView&dl=https%3A%2F%2Fwww.spectrumcu.org&rl=&if=false&ts=1723473468025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723473467614.36073491151715622&pm=1&hrl=d04b9b&ler=empty&cdl=API_unavailable&cs_est=true&it=1723473467318&coo=false&cs_cc=1&rqm=GET
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=6779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Aug 2024 14:37:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1094970501255506&ev=PageView&dl=https%3A%2F%2Fwww.spectrumcu.org&rl=&if=false&ts=1723473468025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1723473467614.36073491151715622&pm=1&hrl=d04b9b&ler=empty&cdl=API_unavailable&cs_est=true&it=1723473467318&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: www.spectrumcu.org
URL: https://www.spectrumcu.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 12 Aug 2024 14:37:48 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402262182155191192", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=6948, tp=-1, tpl=-1, uplat=25, ullat=0
pragma
no-cache
x-fb-debug
dhP/V/0+63f1sXPMfotCArhkoE51N6xk7Kae1D/dPoLBsumGPlAlH6285GIh6qqiEL6adKXXu8UetEEHGb2aNA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402262182155191192"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
92eb2611-52e4-467c-9087-ebb77a85813f.js
cdn.cookielaw.org/consent/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92eb2611-52e4-467c-9087-ebb77a85813f.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/langswitch/0a1f5dd2-7ebd-4bad-bf53-764505fae5d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6650a23789d3fa0db33baaeb041a2686c9d0de2ec8384194f5991fc164d6002d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 14:37:48 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
62298
content-md5
P6id5rmsQdrb4/TqZvWYMA==
content-length
14197
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 18:38:18 GMT
server
cloudflare
etag
0x8D9C18C65467784
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
91c4b6b2-e01e-009e-16e1-792a5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b2134973df6a2d3-YUL
expires
Tue, 13 Aug 2024 14:37:48 GMT
settings
cdn.segment.com/v1/projects/gemUTDWF7Q6S20eqmHvRF8eQJhugm2Ux/ 		891 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/gemUTDWF7Q6S20eqmHvRF8eQJhugm2Ux/settings
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed4bc777ede3b8eb8b4008980d7c4a4f15c3a4e1a10c854b25058b68b8552d6e

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
b4.wdke6quUIMNRgGYsIQUoIgb3tmHM7
date
Mon, 12 Aug 2024 12:39:00 GMT
via
1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7128
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
891
last-modified
Thu, 25 Jul 2024 20:40:56 GMT
server
AmazonS3
etag
"4fba995e9f1b1b7cded71547b6ef7d06"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
7l2Cq6Jv_OvNAB1QKF48V6mvIex6mwZCzQQhIJ3B4oGrIj4x47QMxg==
widgets
calc-backend-prod.herokuapp.com/api/embedded/ 		29 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://calc-backend-prod.herokuapp.com/api/embedded/widgets?originPath=https:%2F%2Fwww.spectrumcu.org%2F&orgGuid=5c4ad87d-7608-4440-98b7-02c3a1f11743
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.82.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-82-174.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
7511e4f5a762ab1c38f6cf3fcea3cc0ea70649e8d5f2e933f50c9e4ffed13540

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 14:37:48 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By
Express
Connection
keep-alive
Content-Length
29
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723473468&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=bhcyJ8kosKdMh0oPAbxNcAzm1IDfKwQt%2BeDoekABPtg%3D
Server
Cowboy
Etag
W/"1d-5axIGcFQm0n1F10ofvQLsX/2DAQ"
X-Ratelimit-Remaining
239
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723473468&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=bhcyJ8kosKdMh0oPAbxNcAzm1IDfKwQt%2BeDoekABPtg%3D"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Disposition
Vary
Accept-Encoding
X-Ratelimit-Reset
1723473489
X-Ratelimit-Limit
240
optanon.css
cdn.cookielaw.org/skins/6.28.0/default_flat_bottom_two_button_white/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/6.28.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/92eb2611-52e4-467c-9087-ebb77a85813f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 14:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GrIULpMZlPF75cnbNiqAPw==
age
74086
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
5561
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 10:47:19 GMT
server
cloudflare
etag
0x8D9EC82B65D60CA
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
aff84361-201e-0035-8027-b6ef3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b2134979e33a2d3-YUL
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/92eb2611-52e4-467c-9087-ebb77a85813f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://www.spectrumcu.org/
Origin
https://www.spectrumcu.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6451417
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-yul1970040-YUL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723473468.169100,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
29, 267829
ajs-destination.d440879c404c49f1df05.js
embed.signalintent.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.signalintent.com/ajs-destination.d440879c404c49f1df05.js
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
228b447de72ffb686ecca8045027ebde13be92e9056987a8e3901d55085dec8f

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:48 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
4684
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723439634&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=XAWJCn7evxU1Z3ZKy3CHhymgLkoNixX2t1Mb1OJ6Zog%3D
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 16:40:49 GMT
server
cloudflare
etag
W/"b87-1910ed0c668"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723439634&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=XAWJCn7evxU1Z3ZKy3CHhymgLkoNixX2t1Mb1OJ6Zog%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8b2134986ceaaacd-YYZ
schemaFilter.e0a24082e4be440fb988.js
embed.signalintent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.signalintent.com/schemaFilter.e0a24082e4be440fb988.js
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
421e8595bb261f9fcda790622d4b9f0ffc78956a898f9ed6ab28782eaef6a9a6

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:48 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
5201
x-powered-by
Express
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723439324&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YPhdZvQUj2g7jskErZNeiWGr8KmTRA7OUhvk6hSLKzo%3D
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 16:40:49 GMT
server
cloudflare
etag
W/"2c0-1910ed0c668"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723439324&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YPhdZvQUj2g7jskErZNeiWGr8KmTRA7OUhvk6hSLKzo%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8b213498ad0faacd-YYZ
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 02:01:38 GMT
content-encoding
gzip
via
1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront)
x-amz-version-id
qmZFsz842SHoO_NwxPlu5hkQ_C5x302s
x-amz-cf-pop
EWR53-C2
age
12659771
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15523
last-modified
Fri, 08 Mar 2024 07:35:29 GMT
server
AmazonS3
etag
"22f964b449ca210bdea17404f4624ac9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
BdPd4J1XC6ILJTImF9HteYkEVYhqEh8RXXv2JP3KdDuZQ1K6PkxdEg==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: embed.signalintent.com
URL: https://embed.signalintent.com/embedded/main.c7800fc7a937a1bdacef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:10:55 GMT
content-encoding
gzip
via
1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront)
x-amz-version-id
HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop
EWR53-C2
age
12414414
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Fri, 08 Mar 2024 07:35:27 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
pK5WEVmqBrGdcdGT-zmhNJeyIG50ZTRSMOih9u7G52pIFPZoise2cA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/favicon/ 		11 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.spectrumcu.org/ResourcePackages/CFCUSpectrum/assets/dist/images/spectrum/favicon/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:b655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
10d65a9ce0a56ef19b40b2228ed28de160b59a35e8c9d9466e09941eaf89c5c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:37:48 GMT
content-security-policy
default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 06:21:02 GMT
server
cloudflare
etag
W/"05b4cf0c4ecd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8b213499fa44a28c-YUL
common.js
maps.googleapis.com/maps-api-v3/api/js/57/13/ 		294 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhgv6MvwPlZclLLaOYHBkdGworAe6yBrg&libraries=places&package=CFCUSpectrum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 20:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
412608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65163
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 20:01:04 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/57/13/ 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhgv6MvwPlZclLLaOYHBkdGworAe6yBrg&libraries=places&package=CFCUSpectrum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.spectrumcu.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 20:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
412608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 20:01:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.mouseflow.com
URL
https://cdn.mouseflow.com/projects/9471cce8-df37-4ae8-9232-c46b0b56cf83.js
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F?
Domain
www.google.ca
URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FTNGCF4D1X&cid=969403722.1723473467&gtm=45je4880v871184640z8812229747za200zb812229747&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=665525882
Domain
tags.srv.stackadapt.com
URL
https://tags.srv.stackadapt.com/sa.css
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/attribution_trigger?pid=3508620&time=1723473467669&url=https%3A%2F%2Fwww.spectrumcu.org%2F
Domain
px4.ads.linkedin.com
URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F&e_ipv6=AQK7mJmKllwpogAAAZFHBhl6CQlBZPsM3BfLCcO6Jachvpjwi1-YWwAuyHNOSfAX8DIFx9Cf
Domain
tags.srv.stackadapt.com
URL
https://tags.srv.stackadapt.com/saq_pxl?uid=bpyUGSR4T3VtePovezdREg&is_js=true&landing_url=https%3A%2F%2Fwww.spectrumcu.org%2F&t=Spectrum%20Credit%20Union&tip=u7lp7xPGI0TkrJDTOjf2SFp3cE63kDsS5hWS8acWEj0&host=https%3A%2F%2Fwww.spectrumcu.org&sa_conv_data_css_value=&sa_conv_data_image_value=&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%252BwsbdTD4nFcPvBv%252FlJX11DDx7ULSMX4&sa-user-id-v2=s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo&sa-user-id=s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54
Domain
tags.srv.stackadapt.com
URL
https://tags.srv.stackadapt.com/saq_pxl?uid=Xiv-nnNmFtZczCyAwEFfKw&is_js=true&landing_url=https%3A%2F%2Fwww.spectrumcu.org%2F&t=Spectrum%20Credit%20Union&tip=u7lp7xPGI0TkrJDTOjf2SFp3cE63kDsS5hWS8acWEj0&host=https%3A%2F%2Fwww.spectrumcu.org&sa_conv_data_css_value=&sa_conv_data_image_value=&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%252BwsbdTD4nFcPvBv%252FlJX11DDx7ULSMX4&sa-user-id-v2=s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo&sa-user-id=s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/wa/

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| Sitefinity string| domain object| allowedDomains object| sf object| q object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| saq function| _saq function| a0_0xf5275a function| a0_0xbf208c function| a0_0x5b2cd7 function| a0_0x3fd3 function| a0_0x5602 function| a0_0x1032 function| a0_0x4ba659 function| a0_0xd81b function| $ function| jQuery object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| Chimney function| showIWanttoTabContent function| onYouTubeIframeAPIReady object| gaGlobal object| t function| extractHostname function| handleResize function| getScriptURL function| getURLParam function| n string| B string| z string| E object| O string| C object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView number| winW function| showSearchFieldDesktop function| showSearchFieldMobile function| SmallDeviceInitialization function| setColumnInSmallMobile function| setColumnInMobile function| setColumnInIpad function| slideLeftFuncSmallMobile function| slideLeftFuncMobile function| slideLeftFuncIpad function| fixedHeaderSmallMobile function| fixedHeaderMobile function| fixedHeaderIpad function| contactToggle function| showMobileMenu function| showDesktopMenu function| hideTabModalEffectInDesktop function| appendSectionInSmallDevicesForResponsive object| res object| saCookies string| current_window_url_param object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk function| getSelectionText object| ORIBILI object| OneTrust string| containerName string| languageSwitcherFileName string| useDocumentLanguage string| languageSwitcherFilePathPart string| languageSwitcherURL function| getLanguageSwitcherScriptPath function| isLanguageSwitcherFile function| OptanonWrapper object| webpackChunksignal_intent_front object| __SEGMENT_INSPECTOR__ function| jsonFeed object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| visual-taggerDeps function| visual-taggerLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate object| core function| visual-taggerIntegration function| Tracktor

42 Cookies

Domain/Path Name / Value
.www.spectrumcu.org/ Name: TiPMix
Value: 9.470682541399533
.www.spectrumcu.org/ Name: x-ms-routing-name
Value: self
www.spectrumcu.org/ Name: ASP.NET_SessionId
Value: fxusz4r4pawloodybbsp4kxn
.spectrumcu.org/ Name: _gcl_au
Value: 1.1.235684159.1723473467
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%2FnUUdvQbtnS6E0OP2Fmz54
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%2FnUUdvQbtnS6E0OP2Fmz54
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%2BwsbdTD4nFcPvBv%2FlJX11DDx7ULSMX4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%2BwsbdTD4nFcPvBv%2FlJX11DDx7ULSMX4
.spectrumcu.org/ Name: _ga_FTNGCF4D1X
Value: GS1.1.1723473467.1.0.1723473467.60.0.0
.spectrumcu.org/ Name: _fbp
Value: fb.1.1723473467614.36073491151715622
www.spectrumcu.org/ Name: sa-user-id
Value: s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54
www.spectrumcu.org/ Name: sa-user-id-v2
Value: s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo
www.spectrumcu.org/ Name: sa-user-id-v3
Value: s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%252BwsbdTD4nFcPvBv%252FlJX11DDx7ULSMX4
.spectrumcu.org/ Name: _ga
Value: GA1.2.969403722.1723473467
.spectrumcu.org/ Name: _gid
Value: GA1.2.287312336.1723473468
.spectrumcu.org/ Name: _gat_UA-37743800-1
Value: 1
.www.google-analytics.com/ Name: ar_debug
Value: 1
.spectrumcu.org/ Name: _hjSessionUser_1806952
Value: eyJpZCI6ImUwNTkyMmZiLTFlODktNWQ4Ny1iOWRiLTkyMGUyYWU1MzM2ZSIsImNyZWF0ZWQiOjE3MjM0NzM0Njc2NzUsImV4aXN0aW5nIjp0cnVlfQ==
.spectrumcu.org/ Name: _hjSession_1806952
Value: eyJpZCI6IjhmNWQ5MzI1LWQ3MDItNDFkMi1iNzA1LWM1ZGRiNmQ0NGYyMSIsImMiOjE3MjM0NzM0Njc2NzcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.linkedin.com/ Name: bcookie
Value: "v=2&06625203-f6e8-4d67-8aaa-d2a89c4cd3c4"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjM0NzM0Njc7MjswMjFLvmVN1VgasibDEPkSE2FenUNBsOjlB7ua1XInhcTaSg==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3341:u=1:x=1:i=1723473467:t=1723559867:v=2:sig=AQGFwAoLFqU7iQhQdCxR-8JXphljaxlt"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.spectrumcu.org/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Aug+12+2024+07%3A37%3A48+GMT-0700+(Pacific+Daylight+Time)&version=6.28.0&landingPath=https%3A%2F%2Fwww.spectrumcu.org%2F&groups=1%3A1%2C2%3A0%2C4%3A0%2C0_286107%3A0%2C0_286108%3A0%2C0_286109%3A0%2C0_286110%3A0
.sitescout.com/ Name: _ssuma
Value: eyIyIjoxNzIzNDczNDY4Njk3LCI0IjoxNzIzNDczNDY4Njk3LCIzOSI6MTcyMzQ3MzQ2ODY5NywiNyI6MTcyMzQ3MzQ2ODY5NywiOCI6MTcyMzQ3MzQ2ODY5N30
.sitescout.com/ Name: ssi
Value: f44ca1f3-83eb-4115-9315-296ce27a0db9#1723473468702
.tapad.com/ Name: TapAd_TS
Value: 1723473468790
.tapad.com/ Name: TapAd_DID
Value: f7415863-aeee-4c30-be36-f6a7874a55d1
.rlcdn.com/ Name: rlas3
Value: nVSvHnmE7hJIO88PWs9iHlUy8UYsRttkDBcAll3R4eY=
.demdex.net/ Name: demdex
Value: 84064895476798116360871011592263482303
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.dpm.demdex.net/ Name: dpm
Value: 84064895476798116360871011592263482303
.rlcdn.com/ Name: pxrc
Value: CLy86LUGEgUI6AcQAA==
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c8bb8cc23c6be298eeeefa09ca36b7a3
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQSLZISrJITjYyTjZLSjWytEgFgrREA8vkRGOzJPNEYwYgSNslZ8OAAAB83gt%2B"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBI2yVnwwAHABMUAXs%3D"
.exelator.com/ Name: EE
Value: "4be2a5d0945866878f1ec306d00951a7"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEkKdUo0TTFwNLE1MLMzMLcIs0wNdnYwCzFwMDS1DDRfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kbPj4qKUNMZFJcWngk8sbgYAIcQm9w%253D%253D"

13 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSVVXQC(Line 220)
Message:
Refused to load the script 'https://cdn.mouseflow.com/projects/9471cce8-df37-4ae8-9232-c46b0b56cf83.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.spectrumcu.org/
Message:
Refused to load the image 'https://ad.doubleclick.net/activity;register_conversion=1;src=11547724;type=view-0;cat=allpa0;ord=7885593418643;npa=0;auiddc=235684159.1723473467;u8=%2F;ps=1;pcor=1561649251;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188078508z8812229747za201zb812229747;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.spectrumcu.org%2F?' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com".
security error URL: https://www.spectrumcu.org/
Message:
Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FTNGCF4D1X&cid=969403722.1723473467&gtm=45je4880v871184640z8812229747za200zb812229747&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=665525882' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com".
security error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to load the stylesheet 'https://tags.srv.stackadapt.com/sa.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/sa.jpeg' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".
javascript error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/sa.jpeg' because it violates the document's Content Security Policy.
security error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/sa.jpeg' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".
javascript error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/sa.jpeg' because it violates the document's Content Security Policy.
security error URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Message:
Refused to connect to 'https://px.ads.linkedin.com/attribution_trigger?pid=3508620&time=1723473467669&url=https%3A%2F%2Fwww.spectrumcu.org%2F' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".
security error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/saq_pxl?uid=bpyUGSR4T3VtePovezdREg&is_js=true&landing_url=https%3A%2F%2Fwww.spectrumcu.org%2F&t=Spectrum%20Credit%20Union&tip=u7lp7xPGI0TkrJDTOjf2SFp3cE63kDsS5hWS8acWEj0&host=https%3A%2F%2Fwww.spectrumcu.org&sa_conv_data_css_value=&sa_conv_data_image_value=&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%252BwsbdTD4nFcPvBv%252FlJX11DDx7ULSMX4&sa-user-id-v2=s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo&sa-user-id=s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".
security error URL: https://www.spectrumcu.org/
Message:
Refused to load the image 'https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3508620&time=1723473467669&li_adsId=fc0191d9-8dbc-46c1-b4ca-0b5360217e76&url=https%3A%2F%2Fwww.spectrumcu.org%2F&e_ipv6=AQK7mJmKllwpogAAAZFHBhl6CQlBZPsM3BfLCcO6Jachvpjwi1-YWwAuyHNOSfAX8DIFx9Cf' because it violates the following Content Security Policy directive: "img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com".
security error URL: https://tags.srv.stackadapt.com/events.js(Line 26)
Message:
Refused to connect to 'https://tags.srv.stackadapt.com/saq_pxl?uid=Xiv-nnNmFtZczCyAwEFfKw&is_js=true&landing_url=https%3A%2F%2Fwww.spectrumcu.org%2F&t=Spectrum%20Credit%20Union&tip=u7lp7xPGI0TkrJDTOjf2SFp3cE63kDsS5hWS8acWEj0&host=https%3A%2F%2Fwww.spectrumcu.org&sa_conv_data_css_value=&sa_conv_data_image_value=&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAENYBGAQgu7zotQYwAToEFPvsiUIE8Jlu7w.gbUCXsoG6sFQ%252BwsbdTD4nFcPvBv%252FlJX11DDx7ULSMX4&sa-user-id-v2=s%253AorFrzf1ZX5ZYX7IxgpIDYqdy0Wc.SPXDt9tHLKKGBgsRIME1P3Dp860tMQpLFWsgWKQRpmo&sa-user-id=s%253A0-a2b16bcd-fd59-5f96-585f-b23182920362.hgDOA52uEDsvLLS8wHBk1%252FnUUdvQbtnS6E0OP2Fmz54' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".
security error URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Message:
Refused to connect to 'https://px.ads.linkedin.com/wa/' because it violates the following Content Security Policy directive: "connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.marcomcentral.app.pti.com *.geotargetly-api-1.com embed.signalintent.com geotargetly-api-1.com *.sandbox.my.site.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.hotjar.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com *.calcxml.com *.cloudflare.com *.bootstrapcdn.com *.wave2.io *.matomo.cloud *.googleoptimize.com siteimproveanalytics.com maps.googleapis.com *.googletagmanager.com *.cookiepro.com snap.licdn.com *.cookielaw.org code.jquery.com geolocation.onetrust.com *.srv.stackadapt.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com *.segment.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com web-chat.nativechat.com *.typekit.net *.cloudflare.com *.calcxml.com *.google-analytics.com *.cookielaw.org *.cookiepro.com *.geotargetly-api-1.com geotargetly-api-1.com embed.signalintent.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: *.typekit.net *.cloudflare.com embed.signalintent.com; img-src 'self' *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com web-chat.nativechat.com *.chevronfcu.org http://images.printable.com *.calcxml.com *.spectrumcu.org *.google.com px.ads.linkedin.com *.cookiepro.com *.adsymptotic.com *.segment.com calc-backend-prod.herokuapp.com s3.us-east-2.amazonaws.com embed.signalintent.com; media-src 'self' data: blob: *.marcomcentral.app.pti.com *.chevronfcu.org *.amazonaws.com; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com web-chat.nativechat.com *.hotjar.com *.google.com *.wave2.io *.optimalblue.com 11549827.fls.doubleclick.net *.doubleclick.net https://outlook.office365.com/ ; connect-src 'self' data: accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com *.calcxml.com *.googleapis.com *.hotjar.com *.doubleclick.net wss://ws24.hotjar.com wss://ws1.hotjar.com wss://*.hotjar.com *.hotjar.io cdn.linkedin.oribi.io https://analytics.google.com/ *.segment.com calc-backend-prod.herokuapp.com api.segment.io;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01334locator.wave2.io
11547724.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
calc-backend-prod.herokuapp.com
cdn.cookielaw.org
cdn.mouseflow.com
cdn.segment.com
code.jquery.com
connect.facebook.net
content.hotjar.io
embed.signalintent.com
maps.googleapis.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.googletagmanager.com
www.spectrumcu.org
ad.doubleclick.net
cdn.mouseflow.com
px.ads.linkedin.com
px4.ads.linkedin.com
tags.srv.stackadapt.com
www.google.ca
108.138.106.101
13.226.38.199
157.240.229.1
172.217.197.95
18.164.96.90
20.80.195.131
209.85.201.149
2600:1408:c400:26::17da:d916
2600:1408:c400:26::17da:d92a
2606:4700:20::ac43:48b0
2606:4700::6810:b655
2606:4700::6812:572a
2607:f8b0:4004:c1f::66
2607:f8b0:400d:c01::65
2607:f8b0:400d:c09::61
2607:f8b0:400d:c09::9c
2607:f8b0:400d:c1d::5f
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:400::649
52.5.82.174
54.82.222.147
63.35.139.128
00905911d87c7f92acf9200aa15000497fa828d6a589b98d0c8812018b26fb34
06dc80b2fcc0ad1a85839a94a2cfd596139b5c7e18218878dd124a191b86b958
08bb261452945fe2f6dd24e5263e9dfd5c5277c1a18a2eb1b0913c2dc083a8d8
10d65a9ce0a56ef19b40b2228ed28de160b59a35e8c9d9466e09941eaf89c5c9
1168a51464ee058326519e163a57bc7b8a048db5a4e0c7d0cd58486ab5ed2d24
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
139c00a852addfe92dcf15f793beac9704843c281f0a68a90386a255432fe9cd
13b60caade82faac86ebaff33b17aaf6f9e36014cf12ffa5a356d786a936207c
155916b9bdf6ce328dca52f7b3c5c0d42ca12ca3d79ab599558facc72842d60b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1730d27c265a4c7eea723e44a5152c6fdf0a3e8c03d1a94b47b2e1a594917ea5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
228b447de72ffb686ecca8045027ebde13be92e9056987a8e3901d55085dec8f
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
23ab55e048a8951dcdde40ece4a579f131ebfa70d5dae7f29ff152855105139f
26968435703f42f548195e31049e1f621c267346a0295be2bafa457b5904ace9
2772d97e9062ce012938c4896ed9e61c648b5835c3caea943840a81ddd4c6289
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b317720f7581aa2a56a4b1a4f7f3d36c88b9d2bce1bf2f742b47fe347478b58
31f476fc0451c65ca179552b37cf5ccc6a55f6d808fd36d4986f220e7a7dd8fd
332960015463ea98650f704e5287c8ac20931cce7d9c6c8d61f9e40ad5260a36
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
37f0cbbb763256e6a6746de5e459cc9d2a246e3cbf793cbb50f3e0a14398c9e1
39722664c9483f4ecb8d95a73bb93d95ff95f6f0f4312853f6a807ccd0fc4717
3b941b18061a9af2f83017b30566a1fc6bebab57e8c00a06656a7f28660aec31
3d5716e618d727566735ff6c76d9fbaf4d56d29284e322a9f82f0116418b0dd4
4013769755f6beead237b03cdd788ea8c8302b12944fd115ad31997bba198146
421e8595bb261f9fcda790622d4b9f0ffc78956a898f9ed6ab28782eaef6a9a6
43e8bf7705494b02f0a1764aed4931623a3a941c7552c88bbfa367e74995d572
4a5252975643cbe20cb27c6c7fe18fc74a31a68473f45207df7c8f5f7c023eff
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4d8f6a942018d02a3f961786f929012a8dab5fd6a607024af0965d6c446aecc0
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
553a19978c7a045a974b81204bb22cea8aa47ffdb13cf46428915b6cf92950cf
5b812760cc9a246b2582b8f2bc643da2e769965e15c83a3502bb46263ae50726
5f6aed3eaa9d8d8f03c67af67399fa4b1ddd7eb32bb9c9e0f7cc469a68e2a161
60391c648a4f66c2f59ddc4f3214a8f7474f30e0329476e9934557b92448f19f
6446f8ec4d12e9d25589661fe6fa7a4bac3aef12c5bde6aef376774b8ec1ec6b
65338acfb71de0f4fe97ee6f5df9224237dd5e9e1628fa275b2f1820659f962a
6650a23789d3fa0db33baaeb041a2686c9d0de2ec8384194f5991fc164d6002d
6fed9ea4d335ec4814892cc2257f979557c41c77ba8382b6d4bfc3718a2a620a
722f8c42f9db928cead8037d97f0d1f6fe55c86ed432b7961633d51fb4264849
7511e4f5a762ab1c38f6cf3fcea3cc0ea70649e8d5f2e933f50c9e4ffed13540
7545b8823869f8c680bfe9c73f8d2d9295d98e891a58f26b186a7379cc6c7ead
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
78d28fdd2c6a7d50f00fa6e68fc763777bedc81b0fa2c6eb30c5057fc708e0cc
7c86c14c3bbd6a66f9197722196cfc4b918f508472e586200b76be858f173a8b
7cf2402cf79f5f1367c3530265fd8ccf19e6c0abe98cd494852670350ecb6e8e
7f744dba6e6c922229fcdbd5b81849b43e12c789ca8327865d6a11961ab9946f
8003051a3bc94748ac2d06bb8f5f2170cb525ce12229539ce3bbeda5873d1dc0
8141bb85ff293b535e6601b02f8c30005c5d1e5430f6098f7d02ea0241d3c276
89cb130ba1cd1b0b9e53bb437dfe39b0edd040fb2c96311ef89a8f90de443f62
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8ef6ca515e83c075568be9d78a39ebd1a8cbec2967df5b3369cc286ea321bac7
8f78ccd70b3028edd3d6b4daeabb47114a96c9b76287a32942e50eaea603c3e5
96d2b12cf496c84f64f34f4de2384c0a9699e2444a7dee35e44e7a3d2f86bbbe
a0cbc1396de80a630b48f85172e62bfe9eabbbe195d5f310ac2d9230e2c6067f
a1595e8719f2beb22f50868aa0815e406883930567445da72c3014d10acff3c8
a6d0cd30fdfc5df5a53b45367f58dd2bc55e0b8c03f9c8accf2f4e797d7defe3
a832feeb5a75c3114d8f294cb1149150ab0fb06b51f344868fb367749a142d7b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad4637bdf61c2c151459712793cdcb316bc123777868a5c2d31ca8c395b77ebf
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b280419da19d3a5b6e34d733e856fa548e587b69c3c9a06edeadad30b27335e3
c3a6ec18e8b49b442489672e17ac68678430968967b818d7772e8f495625aef3
c57cc4cee49f3fa89c6f9cc8dfe124cd69a5a1984dbc5d765844e96759c98c16
c8bbbff2e1d973e608ede705e94d75f167bb40e081aab3b8fa3525aa5c1dda61
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
d109de51483919beb3e2213eb5839964d6189805381b3a0a417de9a35bdf67bd
db1ec3c8fcfbefe29cb8726e8bc03b559a3bd2a6950c28185f46d4fe913b740b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e12b27c0ca99d9d816d89e31667bc14c44aa406834520faba4acbf56a07ffd34
e2d3d1e4a4102d8e263275b7d27d5d6cf49f09b06ccf44f3e303c8194383d859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66e6fb4241569e1d6069981d4f2b527fd1ac326ce8bc0ea7d9db18ab063d8c9
ea1db511dd0cc732b4fffa04dafbbc7536abd921a069f520b613d131aa50a642
eac629bdc742ae5d0badaaf4a45bcbe82fe2175d0ea791750373cfcd5f02caa8
ec39b460a27f6c3ac807b6502a7fa2d069b90ddf887e6e929c7c2b680baf1420
ec64e902a8da6c84033f86bdf1c419e88e4f17d7a56a2c640a7a3e5ab516bc50
ed4bc777ede3b8eb8b4008980d7c4a4f15c3a4e1a10c854b25058b68b8552d6e
f35834a17fb920003e6a58d6f3d9939f353d8e4787be4723dcd0c27f26b1e27f
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5f8b54d19344d5e4e7881ac0d2a155fe3a94d9d5d6e54028e74943d57233ea1
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
fa610aec494b817d5a9f42900cd62fe99dfdd6afdc3e5f66ddf316e2563a15bd
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fb798dc2c77984c9eea52b5ba5bfb6a4825b5c7f7c481e00ae42d9fec37c3f15