No Security Risks Detected
This domain appears to be safe and secure
100%
Score
Disclaimer: This assessment is based on automated analysis of publicly available information. Results are for informational purposes only. For critical applications, consult security professionals.
Scan Information
Last checked:August 15, 2025 20:42:38
Scan Complete
Refresh page after 10 minutes
for updated results
Page Information
Target URL
https://www.flagstar.com/legal-disclaimers/privacy.html
Page Title
Privacy Center | Flagstar
Status
Active
Host Information
Domain
www.flagstar.com
Server
cloudflare
Country
United States
IP Address
104.18.34.61
ASN Information
13335
CLOUDFLARENET
Technologies
Adobe Experience Manager
CMS
Java
Programming languages
YouTube
Video players
OneTrust
Cookie compliance
Linkedin Ads
Advertising
jQuery
JavaScript libraries
+3 more technologies detected
SSL Certificate
HTTPS Enabled
Secure
Certificate Issuer
N/A
Valid From
2025-08-14 20:42:43
Valid Until
2026-08-15 20:42:43
Subject Name
www.flagstar.com
Performance Statistics
53
Total Requests
12
Domains
12
IP Addresses
1.01 MB
Transfer Size
Content Size2.36 MB
HTTP Headers
CF-Cache-Status
HIT
CF-RAY
96fb85280ff0c7c8-DUS
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'; connect-src 'self' *.foresee.com *.evergage.com edge.adobedc.net https://cdn.cookielaw.org https://challenges.cloudflare.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://www.googleadservices.com https://www.google-analytics.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://maps.googleapis.com *.demdex.net *.yext.com https://answers.yext-pixel.com *.yextapis.com https://px.ads.linkedin.com https://*.foreseeresults.com wss://*.foresee.com https://*.crazyegg.com https://*.invoca.net https://ad.doubleclick.net https://insight.adsrvr.org https://adservice.google.com s://snap.licdn.com https://www.onlinebanktours.com https://*.cloudflareinsights.com https://*.crazyegg.com https://static.ads-twitter.com https://*.amazon-adsystem.com https://ucm-us.verint-cdn.com https://survey.vovici.com https://*.paa-reporting-advertising.amazon https://*.facebook.com; font-src 'self' data: https://fonts.gstatic.com/ https://fonts.googleapis.com https://use.typekit.com *.pgsdemo.com *.pagescdn.com https://gateway.foresee.com https://ucm-us.verint-cdn.com; media-src 'self'; object-src 'self'; form-action 'self' https://*.flagstar.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.salesforce-sites.com https://*.perfdrive.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://challenges.cloudflare.com https://*.salesforceliveagent.com https://assets.sitescdn.net https://www.googleanalytics.com/ https://www.googleoptimize.com/ https://optimize.google.com/ https://www.googletagmanager.com https://maps.googleapis.com https://www.googleadservices.com https://www.google-analytics.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net assets.adobedtm.com https://pnapi.invoca.net https://solutions.invocacdn.com gateway.foresee.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://geolocation.onetrust.com https://maps.googleapis.com/ https://use.typekit.com https://connect.facebook.net https://js.adsrvr.org/ https://cdn.evgnet.com https://*.evergage.com https://www.youtube.com assets.sitescdn.net *.pagescdn.com *.pgsdemo.com https://*.salesforce-sites.com https://snap.licdn.com https://www.onlinebanktours.com https://*.cloudflareinsights.com https://*.crazyegg.com https://static.ads-twitter.com https://c.amazon-adsystem.com https://ucm-us.verint-cdn.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://assets.sitescdn.net https://optimize.google.com/ https://www.googletagmanager.com https://www.googleadservices.com https://www.google-analytics.com https://fonts.googleapis.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net gateway.foresee.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://geolocation.onetrust.com https://maps.googleapis.com assets.sitecdn.net https://*.evergage.com https://*.crazyegg.com https://ucm-us.verint-cdn.com; style-src-elem 'self' 'unsafe-inline' https://assets.sitescdn.net https://optimize.google.com/ https://www.googletagmanager.com https://www.googleadservices.com https://www.google-analytics.com https://fonts.googleapis.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net gateway.foresee.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://geolocation.onetrust.com https://maps.googleapis.com https://*.evergage.com https://www.onlinebanktours.com https://ucm-us.verint-cdn.com;frame-src 'self' *.flagstar.com https://*.cloudflare.com *.youtube.com *.demdex.net https://*.fls.doubleclick.net https://td.doubleclick.net https://optimize.google.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://cdn.evgnet.com https://*.flagstar.com https://*.fintactix.com *.pagescdn.com *.pgsdemo.com https://onlinebanktours.com https://www.onlinebanktours.com https://*.crazyegg.com https://*.amazon-adsystem.com https://www.googletagmanager.com;frame-ancestors 'self' *.flagstar.com https://*.cloudflare.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google-analytics.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net; img-src 'self' *.foresee.com https://*.cloudflare.com https://ad.doubleclick.net https://optimize.google.com/ https://www.googletagmanager.com https://www.googletagmanager.com/ https://www.googleadservices.com https://www.google-analytics.com https://developers.google.com https://maps.googleapis.com https://maps.gstatic.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal.onetrust.com https://geolocation.onetrust.com https://insight.adsrvr.org https://ib.adnxs.com/getuid https://match.adsrvr.org/track/cmf/appnexus https://dsum-sec.casalemedia.com/rum https://ups.analytics.yahoo.com/ups/55953/sync https://pixel.rubiconproject.com/tap.php data: blob: https://p.typekit.net https://www.facebook.com *.flagstar.com https://*.doubleclick.net https://px.ads.linkedin.com https://cdn.oectours.com https://www.onlinebanktours.com https://www.linkedin.com https://*.crazyegg.com https://t.co https://analytics.twitter.com https://adservice.google.com https://ucm-us.verint-cdn.com https://survey.vovici.com;child-src 'self' https://www.googletagmanager.com https://www.googleadservices.com https://www.google-analytics.com https://bat.bing.com https://googleads.g.doubleclick.net https://www.google.com https://bid.g.doubleclick.net https://youtube.com blob:; worker-src 'self' blob:; manifest-src 'self';
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Aug 2025 20:42:44 GMT
Expires
Fri, 15 Aug 2025 21:42:43 GMT
Last-Modified
Tue, 12 Aug 2025 15:04:43 GMT
Server
cloudflare
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-836737638"
cfCacheStatus;desc="HIT"
cfOrigin;dur=0,cfEdge;dur=160
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cnection
close
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
x-xss-protection
1; mode=block
20 headers detected
Technology Stack Analysis
Adobe Experience Manager
CMS
Adobe Experience Manager (AEM) is a content management solution for building websites, mobile apps and forms.
Java
Programming languages
Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.
YouTube
Video players
YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.
OneTrust
Cookie compliance
OneTrust is a cloud-based data privacy management compliance platform.
Linkedin Ads
Advertising
Linkedin Ads is a paid marketing tool that offers access to Linkedin social networks through various sponsored posts and other methods.
jQuery
JavaScript libraries
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.
HSTS
Security
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.
Cloudflare Browser Insights
AnalyticsRUM
Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.
Cloudflare
CDN
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.
Website Cookies 11
s_ppv_aep
.flagstar.com
Value
flagstar%253Aprivacy%2C30%2C30%2C600%2C1%2C3
Expires:Session
liveagent_vc
www.flagstar.com
Value
2
Expires:8/15/2026
s_tp_aep
.flagstar.com
Value
2006
Expires:Session
liveagent_oref
www.flagstar.com
Value
Expires:8/15/2026
liveagent_sid
www.flagstar.com
Value
8281916b-ef4d-4709-bfd1-481cbab5e8af
Expires:Session
dtCookie
.flagstar.com
Secure Lax
Value
v_4_srv_2_sn_A1CA4B8E5424A010F817F89B1913845D_perc_100000_ol_0_mul_1_app-3A98c1425c91f9b0fe_1
Expires:Session
s_ips_aep
.flagstar.com
Value
600
Expires:Session
invoca_session
.flagstar.com
Value
[invoca_session redacted]
Expires:9/19/2026
liveagent_ptid
www.flagstar.com
Value
8281916b-ef4d-4709-bfd1-481cbab5e8af
Expires:8/15/2026
_cfuvid
.flagstar.com
HttpOnly Secure None
Value
2SF3k7lcVmEMhmYmZ37w.iWZnfajmC1.BnITmuitcIo-1755290564003-0.0.1.1-604800000
Expires:Session
__cf_bm
.flagstar.com
HttpOnly Secure None
Value
168SS1jqcf4UX2TL.OVrHd40qkJhE1kkIL3RXut3dA4-1755290564-1.0.1.1-NVshEfhFzAykbSqsG23SFMUpAnI9GvElMMA5xcn0b6aCCB.GPFtg_jL1JfvdV_JwWIh8m3qJYRy8bfrQB1jvyaMF.Eyqbel9pOQwEzFXFl4
Expires:8/15/2025
External Links 7
View Careers pageCareers
careers.flagstar.com
Target URL
https://careers.flagstar.com
Log in to my account view MyAccountView
myaccountviewonline.com
Target URL
https://myaccountviewonline.com
View Transparency in coverage pagePayer Transparency-MRFs
www.cigna.com
Target URL
https://www.cigna.com/legal/compliance/machine-readable-files?/sb
View our Investor Relations websiteCompany Overview
ir.mynycb.com
Target URL
https://ir.mynycb.com/Home/default.aspx
Untitled Link
facebook.com
Target URL
https://facebook.com/flagstarbank
Untitled Link
twitter.com
Target URL
https://twitter.com/flagstar
Untitled Link
www.linkedin.com
Target URL
https://www.linkedin.com/company/flagstar-bank
Requested Domains 12
answers.yext-pixel.com
Unknown Type
No category information available
assets.adobedtm.com
Unknown Type
No category information available
assets.sitescdn.net
Unknown Type
No category information available
cdn.cookielaw.org
Unknown Type
No category information available
d.la2-c2-iad.salesforceliveagent.com
Unknown Type
No category information available
d.la4-c1-ia7.salesforceliveagent.com
Unknown Type
No category information available
edge.adobedc.net
Unknown Type
No category information available
pnapi.invoca.net
Unknown Type
No category information available
solutions.invocacdn.com
Unknown Type
No category information available
static.cloudflareinsights.com
Unknown Type
No category information available
www.flagstar.com
Subdomain
Categories
Personal FinanceBusiness & Economy
www.youtube.com
Unknown Type
No category information available