securelogin.bankdirect.com Open in urlscan Pro
63.98.103.175  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response securelogin.bankdirect.com/	53 KB 54 KB	912ms 296ms	Document text/html	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software / ASP.NET Resource Hash b3613d5652a9979af266a2b2ddf0e2596845444e57a7736f18f78041e11a8e85 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Host securelogin.bankdirect.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Cache-Control private,max-age=0 Content-Type text/html; charset=utf-8 Set-Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; path=/; secure; HttpOnly; SameSite=Lax brand=bankdirect; path=/; secure TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA=; path=/; Httponly; Secure X-Powered-By ASP.NET Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' X-UA-Compatible IE=edge X-Frame-Options DENY Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Date Thu, 21 Oct 2021 00:15:51 GMT Content-Length 53916
GET H/1.1	200 OK	Cookie set Styles.min.css securelogin.bankdirect.com/Styles/	14 KB 15 KB	602ms 358ms	Stylesheet text/css	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/Styles/Styles.min.css Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4abfcdd630d8b53896ad72ced2988d7013b5d86b183eff54d885f714f25a3ac4 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "91c8d6578989d71:0" X-Frame-Options DENY Content-Type text/css Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!j9zUCG82V12DT6u3gTisNgxFuK9jR/ti7AZkBruWVpfGcnI8zA69JMUyOUsClXMr37apwcwk5UQcpRk=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 14714 X-UA-Compatible IE=edge
GET H/1.1	200 OK	Cookie set bankdirect.min.css securelogin.bankdirect.com/Styles/	104 B 1 KB	370ms 124ms	Stylesheet text/css	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/Styles/bankdirect.min.css Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 54bbefd60f6203dac27b9731889f7a676e26a8801753058d2adec2ef4f49d21c Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "d4f3d4578989d71:0" X-Frame-Options DENY Content-Type text/css Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!xvxTk753HObaPBK3gTisNgxFuK9jRy5xImZAE36EQGp4MLdiBMyPFUQSO9Ek+tm+HZot7da4k+/3duA=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 104 X-UA-Compatible IE=edge
GET H/1.1	200 OK	Cookie set jquery-3.4.1.min.js Show response securelogin.bankdirect.com/Scripts/	86 KB 87 KB	618ms 371ms	Script application/javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/Scripts/jquery-3.4.1.min.js Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "5271d1578989d71:0" X-Frame-Options DENY Content-Type application/javascript Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!aMsGQNRVQvcStTy3gTisNgxFuK9jR918iTA/t/S9w3j1MaNTDf01teQwCBHp0fxT0mDG19ZMsVgmC90=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 88147 X-UA-Compatible IE=edge
GET H/1.1	200 OK	Cookie set jquery.placeholder.min.js Show response securelogin.bankdirect.com/Scripts/	4 KB 5 KB	489ms 242ms	Script application/javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/Scripts/jquery.placeholder.min.js Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d497becaa597727424fa97a6f8015393b631f3ccfb32a8a96b9015a6c074204f Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "84e6d1578989d71:0" X-Frame-Options DENY Content-Type application/javascript Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!HQi3ZhfD0guQNhC3gTisNgxFuK9jR0xoy+vOBemJiYIkrumyfghtd7/v/qXBO7D02fBbX07vYxSHs/Q=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 3780 X-UA-Compatible IE=edge
GET H/1.1	200 OK	Cookie set main.min.js Show response securelogin.bankdirect.com/Scripts/	4 KB 5 KB	516ms 261ms	Script application/javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/Scripts/main.min.js Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 23d19f4f2d7cc6845f1c39d9b3e61d4f81fd8edb5eb77f5e114304bc13fae871 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "3146d3578989d71:0" X-Frame-Options DENY Content-Type application/javascript Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!izvI8kde4Fz6NBO3gTisNgxFuK9jRxcdFVHqf4wqipD3QAWyf6JKBeAanrGhSbcu6eZ/Y5DzaxnauOg=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 3602 X-UA-Compatible IE=edge
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	68ms 24ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 20 Oct 2021 23:29:39 GMT server ESF date Thu, 21 Oct 2021 00:15:52 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Thu, 21 Oct 2021 00:15:52 GMT
GET H2	200	css2 fonts.googleapis.com/	9 KB 880 B	69ms 25ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 82f916edae2420300a282c65f51ef82f97d6c251d39a1db4e00c4a31cd97996c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 20 Oct 2021 23:21:33 GMT server ESF date Thu, 21 Oct 2021 00:15:52 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Thu, 21 Oct 2021 00:15:52 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 858 B	68ms 24ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Playfair+Display:400,700|Roboto:400,500,700 Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2ccf04e47e1c2d5cbd9368529620ca4649a38f201c1d124b6a6ceff18d164fec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 21 Oct 2021 00:15:52 GMT server ESF date Thu, 21 Oct 2021 00:15:52 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Thu, 21 Oct 2021 00:15:52 GMT
GET H/1.1	200 OK	common.js Show response cds-sdkcfg.onlineaccess1.com/	200 KB 115 KB	458ms 179ms	Script application/javascript	192.0.59.16 Q2HOLDINGS
General Check archive.org Show headers Download Go to Full URL https://cds-sdkcfg.onlineaccess1.com/common.js Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.0.59.16 Austin, United States, ASN62659 (Q2HOLDINGS, US), Reverse DNS Software / Resource Hash ac50c3d08ffed8c9ac05857b8f293bd3235497ff90f017f07b9b43e0326cac2b Request headers Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Thu, 21 Oct 2021 00:15:52 GMT Via 1.1 google Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Content-Encoding gzip Alt-Svc clear X-Ion-Hop prod Expires 0
GET H/1.1	200 OK	Cookie set WebResource.axd Show response securelogin.bankdirect.com/	23 KB 24 KB	455ms 133ms	Script application/x-javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/WebResource.axd?d=ksVq-PCr9P16SMWQyHPoXxJjw_mKOH7fv8u4x_kqAfkPGedJZ-VuCb4gilqFFnHl2VCDTlS-8tthbdk2Qz38_F6dio81&t=637460765481343508 Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software / ASP.NET Resource Hash 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 13 Jan 2021 01:29:08 GMT X-Powered-By ASP.NET X-Frame-Options DENY Content-Type application/x-javascript Cache-Control public,max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT X-UA-Compatible IE=edge Set-Cookie TCB=!2gAXkDIAjLLR26O3gTisNgxFuK9jR5iImg2JPPgK0JvFrNaz2s0Ztr/c3JzdY44F4KqSPBjdvvdauRE=; path=/; Httponly; Secure Content-Length 23063 Expires Wed, 19 Oct 2022 23:28:30 GMT
GET H/1.1	200 OK	Cookie set WebResource.axd Show response securelogin.bankdirect.com/	26 KB 27 KB	724ms 355ms	Script application/x-javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/WebResource.axd?d=wtlMQWQyAcvBHVttJJ3ek_XZwiueF5Di2rnBYMudxoBwxQN58I5O4NxPTTuGS8AX3otpiXxuks6tCivEq5X3T1bMP-41&t=637460765481343508 Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software / ASP.NET Resource Hash ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 13 Jan 2021 01:29:08 GMT X-Powered-By ASP.NET X-Frame-Options DENY Content-Type application/x-javascript Cache-Control public,max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT X-UA-Compatible IE=edge Set-Cookie TCB=!JVjuD5c1kl4tOB23gTisNgxFuK9jR51V850ylp4fH3VwoAJ+6nawkNf6yKG0HIyUo36stKTbK6ay3eE=; path=/; Httponly; Secure Content-Length 26951 Expires Wed, 19 Oct 2022 23:28:30 GMT
GET H/1.1	200 OK	Cookie set WebResource.axd Show response securelogin.bankdirect.com/	3 KB 4 KB	622ms 132ms	Script application/x-javascript	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Full URL https://securelogin.bankdirect.com/WebResource.axd?d=SZCViH6b6jqrV0kqlRkZplu3YIdmUZ1cg9MfQ0JozLONnhGX_7DZ5sANBYbad9MPkz_tKKDtGUGy-E3ShsQWzVzZ4lM1&t=637460765481343508 Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software / ASP.NET Resource Hash 144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!pP0O9qiz9PA/n+G3gTisNgxFuK9jR/xPwWiLncEUqcI4Iy/ogiw2HvQrq4ZNMsUowEhpOq5JX3QhMRA= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 13 Jan 2021 01:29:08 GMT X-Powered-By ASP.NET X-Frame-Options DENY Content-Type application/x-javascript Cache-Control public,max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT X-UA-Compatible IE=edge Set-Cookie TCB=!ZE1hrKeyea657Va3gTisNgxFuK9jR1ixNVDh83UZT3V5PjNPfC+lcfezUi5Y6WAt10A7QJXp//zXIIs=; path=/; Httponly; Secure Content-Length 3005 Expires Wed, 19 Oct 2022 23:28:30 GMT
GET H/1.1	200 OK	Cookie set bankdirect-logo.png securelogin.bankdirect.com/Content/Images/	39 KB 40 KB	159ms 158ms	Image image/png	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Show image Full URL https://securelogin.bankdirect.com/Content/Images/bankdirect-logo.png Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c97814a394de0ce1912622bf70c569ed6d899175d859f5721d18036aa4fc01c6 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://securelogin.bankdirect.com/ Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!JVjuD5c1kl4tOB23gTisNgxFuK9jR51V850ylp4fH3VwoAJ+6nawkNf6yKG0HIyUo36stKTbK6ay3eE= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "987c2578989d71:0" X-Frame-Options DENY Content-Type image/png Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!Y+7Ii8YZaDGmz9G3gTisNgxFuK9jRwH6smvIBdkwyFGln0eE0OHJwozoPsGKcb6iKMsnBB6uMurxHSM=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 39907 X-UA-Compatible IE=edge
GET H/1.1	200 OK	validate.js Show response collector.fraudmap.net/fs/ae56b724e47731f352ba1082105fb0fc/validate/	13 KB 14 KB	895ms 332ms	Script application/javascript	63.128.130.61 CENTURYLINK-LEGAC...
General Check archive.org Show headers Download Go to Full URL https://collector.fraudmap.net/fs/ae56b724e47731f352ba1082105fb0fc/validate/validate.js Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.128.130.61 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US), Reverse DNS collector.fraudmap.net Software Apache / Resource Hash 592bb7dec1075b217806b74c479e80f51aef7747f7d03f6a131d44dafd2bec03 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Thu, 21 Oct 2021 00:15:53 GMT Last-Modified Fri Nov 04 20:19:36 PDT 2016 Server Apache Strict-Transport-Security max-age=16070400; includeSubDomains Content-Type application/javascript;charset=ISO-8859-1 Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=57 Content-Length 13821 X-XSS-Protection 1 Expires Wed, 31 Dec 1969 23:59:59 GMT
GET H/1.1	200 OK	Cookie set bankdirect.jpg securelogin.bankdirect.com/Content/Images/	74 KB 75 KB	146ms 146ms	Image image/jpeg	63.98.103.175 TCB-NA
General Check archive.org Show headers Download Go to Show image Full URL https://securelogin.bankdirect.com/Content/Images/bankdirect.jpg Requested by Host: securelogin.bankdirect.com URL: https://securelogin.bankdirect.com/Styles/bankdirect.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.98.103.175 , United States, ASN55182 (TCB-NA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e363891bb3b89ef833d5132cdd780e0863e6e4f12fcdf7606c7263a3c362c9e3 Security Headers Name Value Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://securelogin.bankdirect.com/Styles/bankdirect.min.css Cookie ASP.NET_SessionId=ywp2r2ucufshoeqpoixdmqct; brand=bankdirect; TCB=!JVjuD5c1kl4tOB23gTisNgxFuK9jR51V850ylp4fH3VwoAJ+6nawkNf6yKG0HIyUo36stKTbK6ay3eE= Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://securelogin.bankdirect.com/Styles/bankdirect.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Security-Policy default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Last-Modified Wed, 04 Aug 2021 23:35:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "b655c2578989d71:0" X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=0 Date Thu, 21 Oct 2021 00:15:52 GMT Set-Cookie TCB=!s13CBn0C8htCmIe3gTisNgxFuK9jR4seFH/ZFklmsV42WoYSkQAWIT+GqIeFY/RAxQMoYtiShRnAcow=; path=/; Httponly; Secure Accept-Ranges bytes Content-Length 75325 X-UA-Compatible IE=edge
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v26/	16 KB 17 KB	143ms 27ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securelogin.bankdirect.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 14 Oct 2021 17:06:43 GMT x-content-type-options nosniff age 544150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16736 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:15 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 14 Oct 2022 17:06:43 GMT
GET DATA	200 OK	truncated /	33 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 313c83f584a286c63de0436079538c595563536d3526b81c7622372d8412f1cc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpg
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| ValidateTextBox function| ValidatePINTextBox function| testBrand function| createCookie function| readCookie function| loginNow function| CorillianLogin function| handoff function| eComHandoff function| passwordHandoff object| externalSites function| q2_collect object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit string| gv_service_id string| gv_collector_url object| gv_formname object| gv_formlogin string| gv_formnameFinal undefined| gv_elm number| SC number| gv_ga_dt function| bq function| az function| aT function| an function| aZ function| bD function| aK function| ag function| aW function| aC function| aF function| bc function| bU function| aq function| bw function| aj function| Q_$_S function| Q_$_L object| Page_Validators object| ContentBody_CustomValidatorUsername boolean| Page_ValidationActive function| ValidatorOnSubmit object| Page_ValidationSummaries number| O

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			securelogin.bankdirect.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ywp2r2ucufshoeqpoixdmqct
			securelogin.bankdirect.com/	1969-12-31 23:59:59	Name: brand Value: bankdirect
			securelogin.bankdirect.com/	1969-12-31 23:59:59	Name: TCB Value: !s13CBn0C8htCmIe3gTisNgxFuK9jR4seFH/ZFklmsV42WoYSkQAWIT+GqIeFY/RAxQMoYtiShRnAcow=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src none; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://collector.fraudmap.net http://www.splash-screen.net https://idata.easysol.net https://cds-sdkcfg.onlineaccess1.com; font-src https://fonts.gstatic.com; frame-src https://collector.fraudmap.net/; connect-src 'self' https://nikkomsgchannel/ http://nikkomsgchannel/; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cds-sdkcfg.onlineaccess1.com
collector.fraudmap.net
fonts.googleapis.com
fonts.gstatic.com
securelogin.bankdirect.com
192.0.59.16
2a00:1450:4001:808::200a
2a00:1450:4001:828::2003
63.128.130.61
63.98.103.175
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
23d19f4f2d7cc6845f1c39d9b3e61d4f81fd8edb5eb77f5e114304bc13fae871
2ccf04e47e1c2d5cbd9368529620ca4649a38f201c1d124b6a6ceff18d164fec
313c83f584a286c63de0436079538c595563536d3526b81c7622372d8412f1cc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4abfcdd630d8b53896ad72ced2988d7013b5d86b183eff54d885f714f25a3ac4
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
54bbefd60f6203dac27b9731889f7a676e26a8801753058d2adec2ef4f49d21c
592bb7dec1075b217806b74c479e80f51aef7747f7d03f6a131d44dafd2bec03
82f916edae2420300a282c65f51ef82f97d6c251d39a1db4e00c4a31cd97996c
ac50c3d08ffed8c9ac05857b8f293bd3235497ff90f017f07b9b43e0326cac2b
b3613d5652a9979af266a2b2ddf0e2596845444e57a7736f18f78041e11a8e85
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
c97814a394de0ce1912622bf70c569ed6d899175d859f5721d18036aa4fc01c6
d497becaa597727424fa97a6f8015393b631f3ccfb32a8a96b9015a6c074204f
e363891bb3b89ef833d5132cdd780e0863e6e4f12fcdf7606c7263a3c362c9e3
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192