mainaccount.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 208.39.73.169, located in United States and belongs to DATARETURN, US. The main domain is mainaccount.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 14th 2019. Valid for: 2 years.

This is the only time mainaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	208.39.73.169 208.39.73.169		11303 (DATARETURN) (DATARETURN)
7	1

7 208.39.73.169 (United States)

ASN11303 (DATARETURN, US)

mainaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	mainaccount.com mainaccount.com	21 KB
7	1

	Domain	Requested by
7	mainaccount.com	mainaccount.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
www.mainaccount.com DigiCert SHA2 Secure Server CA	`2019-11-14` - `2022-01-10`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://mainaccount.com/
Frame ID: A530606968FD2DD237356303AA6FC4ED
Requests: 2 HTTP requests in this frame

Frame: https://mainaccount.com/UntitledFrame-2
Frame ID: 7B8DF91610BC7B61548F8613939F6195
Requests: 1 HTTP requests in this frame

Frame: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true
Frame ID: 0551C49E0F3D1272959E025EBA0328CF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

21 kB
Transfer

51 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mainaccount.com/ 950 B
2 KB 466ms
150ms Document
text/html 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

1324ceee3f76c11784d57394889c51cf79d1804c5bfe0451f8f5d8f1e891941a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: mainaccount.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 00:23:31 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
Last-Modified: Tue, 23 Jun 2020 15:02:58 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000;includeSubDomains
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Content-Length: 608
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK frame.js Show response
mainaccount.com/ 109 B
1 KB 149ms
148ms Script
application/javascript 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/frame.js

Requested by

Host: mainaccount.com
URL: https://mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

edfa0cbc36a718de4f884c3cc076fe24156b1ee07d25096f54e0551ad802f0ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://mainaccount.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 00:23:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jun 2020 15:02:58 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=30, max=99
Content-Length: 102
X-XSS-Protection: 1

GET
H/1.1 404
Not Found UntitledFrame-2 Show response
mainaccount.com/ Frame 7B8D 213 B
414 B 148ms
148ms Document
text/html 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL: https://mainaccount.com/UntitledFrame-2
Requested by: Host: mainaccount.com
URL: https://mainaccount.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.39.73.169 , United States, ASN11303 (DATARETURN, US),
Reverse DNS
Software: Apache /
Resource Hash: d0d3514bb83d25a13c0fde3ccaeb8db74c1ad2941cfda02b24072f3fd32b41d2

Request headers

Host: mainaccount.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: https://mainaccount.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mainaccount.com/

Response headers

Date: Wed, 08 Jul 2020 00:23:31 GMT
Server: Apache
Content-Length: 213
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Cookie set LoginInitServ Show response
mainaccount.com/WebApp/stmt/ Frame 0551 25 KB
8 KB 151ms
150ms Document
text/html 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true

Requested by

Host: mainaccount.com
URL: https://mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

94611cbf157cfe921ce536ad016a9ed1b44710e56df2566e505a5e20a2d058f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: mainaccount.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: https://mainaccount.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mainaccount.com/

Response headers

Date: Wed, 08 Jul 2020 00:23:31 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
HTTP-EQUIV: expires
CONTENT: Tue, 7 mar 1972 12:00:00 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000;includeSubDomains
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Set-Cookie: AWRLEGACYSESSIONID=BEE4A985036B7744529420C101B5DE60.mobile-awr_prod1-node4; Path=/WebApp/stmt; Secure; HttpOnly;Secure;SameSite=None
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1

GET
H/1.1 200
OK integrated.js Show response
mainaccount.com/ Frame 0551 15 KB
4 KB 149ms
149ms Script
application/javascript 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/integrated.js?v=27.1.0.0

Requested by

Host: mainaccount.com
URL: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

f453068230ff8cef0803281ea3693fd9d5cab8971b1bf3af4d0ec4991aa0a770

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 00:23:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jun 2020 15:03:00 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=30, max=96
Content-Length: 3254
X-XSS-Protection: 1

GET
H/1.1 200
OK commonhtml.js Show response
mainaccount.com/WebApp/stmt/util/ Frame 0551 7 KB
3 KB 298ms
150ms Script
application/x-javascript 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/WebApp/stmt/util/commonhtml.js

Requested by

Host: mainaccount.com
URL: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

428cbaf77c0d114a1754334fc7ada9f0874cf926b93cafd914629e495303f31b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 00:23:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 2542
X-XSS-Protection: 1
Last-Modified: Wed, 10 Jun 2020 18:41:24 GMT
Server: Apache
ETag: W/"6891-1591814484000-gzip"
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/x-javascript
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=95

GET
H/1.1 200
OK json2.js Show response
mainaccount.com/WebApp/stmt/util/ Frame 0551 3 KB
2 KB 437ms
148ms Script
application/x-javascript 208.39.73.169
DATARETURN

General

Check archive.org

Show headers Download Go to

Full URL

https://mainaccount.com/WebApp/stmt/util/json2.js

Requested by

Host: mainaccount.com
URL: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.39.73.169 , United States, ASN11303 (DATARETURN, US),

Reverse DNS

Software

Apache /

Resource Hash

91babaf319b751f7d2a6815e660a444f4b4319ea23f133d012e8ed0f5ad3a89d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fmainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 00:23:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 1362
X-XSS-Protection: 1
Last-Modified: Wed, 10 Jun 2020 18:41:24 GMT
Server: Apache
ETag: W/"3437-1591814484000-gzip"
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/x-javascript
Content-Security-Policy: default-src 'self' *.bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.gstatic.com *.bnymellon.net; style-src 'self' 'unsafe-inline' *.bnymellon.net; img-src 'self' data: *.bnymellon.net *.mainaccount.com *.schwab.com; frame-src 'self' *.mainaccount.com *.google.com *.albridge.com *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isFramed function| showLogin

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .bnymellon.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .gstatic.com .bnymellon.net; style-src 'self' 'unsafe-inline' .bnymellon.net; img-src 'self' data: .bnymellon.net .mainaccount.com .schwab.com; frame-src 'self' .mainaccount.com .google.com .albridge.com .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mainaccount.com
208.39.73.169
1324ceee3f76c11784d57394889c51cf79d1804c5bfe0451f8f5d8f1e891941a
428cbaf77c0d114a1754334fc7ada9f0874cf926b93cafd914629e495303f31b
91babaf319b751f7d2a6815e660a444f4b4319ea23f133d012e8ed0f5ad3a89d
94611cbf157cfe921ce536ad016a9ed1b44710e56df2566e505a5e20a2d058f6
d0d3514bb83d25a13c0fde3ccaeb8db74c1ad2941cfda02b24072f3fd32b41d2
edfa0cbc36a718de4f884c3cc076fe24156b1ee07d25096f54e0551ad802f0ae
f453068230ff8cef0803281ea3693fd9d5cab8971b1bf3af4d0ec4991aa0a770

mainaccount.com Open in urlscan Pro 208.39.73.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

21 kBTransfer

51 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mainaccount.com Open in urlscan Pro
208.39.73.169 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

21 kB
Transfer

51 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions