usavingsbank.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-05 · ok HTTP/1.1 200 312 ms crawled 2026-05-07

US · 141.193.213.21 · AS209242 Cloudflare London, LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Low-Cost, Low-Rate Mortgage Loans | Union Savings Bank
Description: Apply for a mortgage loan with Union Savings Bank. Enjoy low closing costs, competitive rates, and trusted local service across the Midwest.
Language: en-US
Canonical: https://usavingsbank.com/

Open Graph

url: https://usavingsbank.com/
title: Low-Rate, Low-Cost Mortgage Loans
locale: en_US
site name: Union Savings Bank
description: Discover how low-cost mortgage loans can provide the key to your new home.

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Ads

Google Ads (DoubleClick)

Third-party hosts loaded (5)

web2.secureinternetbank.com×2
bcp.crwdcntrl.net×1
gmpg.org×1
pubads.g.doubleclick.net×1
www.googletagmanager.com×1

Social

Contact

Phone

242272311

Registration

Registrar

GoDaddy.com, LLC

Created

1999-01-25

Expires

2034-09-26 3050 days left

Updated

2025-08-27

Name servers

alexis.ns.cloudflare.com
jean.ns.cloudflare.com

DNS records live

NS

alexis.ns.cloudflare.com
jean.ns.cloudflare.com

MX

10 mxa-00320601.gslb.pphosted.com
10 mxb-00320601.gslb.pphosted.com

TXT

duo_sso_verification=CdNyE8IxbafwXF6RrMCIiMg6idrL3QAUO5ptB9oXWn1pnd1yVseT1AjCu82FuP7c
amazonses:UogCdnrQyhIbk9kCnL0xFbNhobz/4veY5e5SNlqZA5Q=

Verified for

Google
Microsoft 365
Zoom

Email authentication partial

SPF: v=spf1 include:spf-00320601.pphosted.com include:spf.protection.outlook.com include:spf.cashedge.com ip4:208.235.248.20 ip4:50.58.9.15 mx a:outbd-pstfx.customercenter.net a:outbd3-pstfx.customercenter.net include:sendgrid.net ~all
softfail (~all)
DMARC: v=DMARC1; p=none; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-18 to 2026-07-17

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://usavingsbank.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' tags.srv.stackadapt.com https://capturelogger-prod-usa.localiq.com https://js.callrail.com https://d.fastcdn.co/submissions https://ec.instapagemetrics.com https://www.google.com wss://*.intercom.io https://*.intercom.io https://maps.googleapis.com https://www.onlinebanktours.com wss://mpsnare.iesnare.com https://www.google-analytics.com https://capture-api.reachlocalservices.com https://*.rlets.com https://*.doubleclick.net https://liqadprdct-capture-prod-east.gannettdigital.com https://secure.velocify.com https://analytics.google.com; script-src blob: 'self' 'unsafe-inline' 'unsafe-eval' www.gstatic.com tags.srv.stackadapt.com https://js.callrail.com https://cdn.callrail.com https://cdn.instapagemetrics.com https://connect.facebook.net https://www.googletagmanager.com https://g.fastcdn.co https://maps.googleapis.com https://web2.secureinternetbank.com https://*.intercom.io https://*.intercomcdn.com https://mps
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (1)

anthonymunoz.com×2