stgwww3.mainaccount.com Open in urlscan Pro
204.51.92.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stgwww3.mainaccount.com/
Submission: On February 08 via automatic, source certstream-suspicious (February 8th 2022, 5:13:27 am UTC) — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 28 HTTP transactions. The main IP is 204.51.92.19, located in United States and belongs to TERRENAP, US. The main domain is stgwww3.mainaccount.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 3rd 2021. Valid for: a year.

This is the only time stgwww3.mainaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
28	204.51.92.19 204.51.92.19		23148 (TERRENAP) (TERRENAP)
28	1

28 204.51.92.19 (United States)

ASN23148 (TERRENAP, US)

stgwww3.mainaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mainaccount.com stgwww3.mainaccount.com	1 MB
28	1

	Domain	Requested by
28	stgwww3.mainaccount.com	stgwww3.mainaccount.com
28	1

This site contains no links.

Subject Issuer	Validity	Valid
stgwww3.mainaccount.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-03` - `2022-06-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://stgwww3.mainaccount.com/
Frame ID: 90872D74274E24EF794ABEF6AEAA007B
Requests: 2 HTTP requests in this frame

Frame: https://stgwww3.mainaccount.com/UntitledFrame-2
Frame ID: 0DDC4CED376A7FDDE6C9A6054D0F38AC
Requests: 1 HTTP requests in this frame

Frame: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
Frame ID: 6AE372593914270B94CCA8E2209124B4
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1154 kB
Transfer

3501 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
stgwww3.mainaccount.com/ 950 B
2 KB 366ms
110ms Document
text/html 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

1324ceee3f76c11784d57394889c51cf79d1804c5bfe0451f8f5d8f1e891941a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Strict-Transport-Security: max-age=15768000;includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
X-Frame-Options: SAMEORIGIN
Content-Length: 608
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK frame.js Show response
stgwww3.mainaccount.com/ 109 B
1 KB 109ms
109ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/frame.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

edfa0cbc36a718de4f884c3cc076fe24156b1ee07d25096f54e0551ad802f0ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 102
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99

GET
H/1.1 404
Not Found UntitledFrame-2 Show response
stgwww3.mainaccount.com/ Frame 0DDC 213 B
414 B 109ms
109ms Document
text/html 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL: https://stgwww3.mainaccount.com/UntitledFrame-2
Requested by: Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.51.92.19 , United States, ASN23148 (TERRENAP, US),
Reverse DNS
Software: Apache /
Resource Hash: d0d3514bb83d25a13c0fde3ccaeb8db74c1ad2941cfda02b24072f3fd32b41d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Server: Apache
Content-Length: 213
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
200 LoginInitServ Show response
stgwww3.mainaccount.com/WebApp/stmt/ Frame 6AE3 35 KB
13 KB 230ms
229ms Document
text/html 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

246c02a49c3a04e391954b90efae817143d272f84c5b8442d41c47f09922f050

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Server: Apache
Vary: User-Agent,Accept-Encoding
Pragma: public
Cache-Control: no-store,no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Strict-Transport-Security: max-age=15768000;includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1

GET
H/1.1 200
200 jsonrpc.js Show response
stgwww3.mainaccount.com/WebApp/stmt/util/ Frame 6AE3 29 KB
10 KB 487ms
262ms Script
application/x-javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/WebApp/stmt/util/jsonrpc.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

c57918f951b631b953667e3bbd475cd1449c6926b633ddb43c2d85ed812e3960

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Length: 9047
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 04 Feb 2022 10:01:04 GMT
Server: Apache
ETag: W/"29848-1643968864000-gzip"
Vary: User-Agent,Accept-Encoding
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/x-javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

GET
H/1.1 200
OK jquery-1.9.1.js Show response
stgwww3.mainaccount.com/ Frame 6AE3 141 KB
42 KB 532ms
297ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/jquery-1.9.1.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

b552cb91f666288acb398c411e97581498a8a792b0895e5eebe59ee59c560072

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 41221
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

GET
H/1.1 200
OK bootstrap.min.js Show response
stgwww3.mainaccount.com/ Frame 6AE3 39 KB
12 KB 618ms
376ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/bootstrap.min.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

5a08e9610b655819986772be3dfb128a0e7b1335bc3d990e8991bd098f00c2c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 10861
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

GET
H/1.1 200
OK integrated.js Show response
stgwww3.mainaccount.com/ Frame 6AE3 15 KB
5 KB 432ms
109ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/integrated.js?v=29.1.0.0

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

bead270d12b561241152f32838dcc9eb4b2a97397a916e634f562d38be069fe2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 3415
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=94

GET
H/1.1 200
OK custom2.css
stgwww3.mainaccount.com/ Frame 6AE3 62 B
1 KB 212ms
116ms Stylesheet
text/css 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/custom2.css?v=29.1.0.0

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

e960b6a255baffeb5741e80660bd939d6a82154ae4ef05af3d442b6dbc17d042

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=30, max=96
Content-Length: 62
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK responsive.css
stgwww3.mainaccount.com/ Frame 6AE3 5 KB
3 KB 321ms
109ms Stylesheet
text/css 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/responsive.css?v=29.1.0.0

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

36067326891c0041d67a19f314bc435ac1a922d8606a84f19ca405f35da107a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 1271
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: text/css
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=95

GET
H/1.1 200
OK site-alb.css
stgwww3.mainaccount.com/ Frame 6AE3 352 KB
56 KB 447ms
229ms Stylesheet
text/css 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/site-alb.css?v=29.1.0.0

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

d84cc854e5f3c7fe85d80657b1e4622a3f3c32f344c0ba204c6e76dc4f32a651

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 56312
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: text/css
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

GET
H/1.1 200
OK bootstrap.min.css
stgwww3.mainaccount.com/ Frame 6AE3 119 KB
21 KB 447ms
225ms Stylesheet
text/css 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/bootstrap.min.css

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

571179b97ef2cae3bed2fa64a0ab3597a58339fb21d9a905dc3f1424022a30d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 19737
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: text/css
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100

GET
H/1.1 200
OK runtime.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 2 KB
2 KB 444ms
109ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/runtime.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

b370c51fc88e92afb685a776d89b9841e11577e752e72f96f66a84ee8302a771

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 1117
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=93

GET
H/1.1 200
OK polyfills.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 135 KB
47 KB 509ms
119ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/polyfills.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

d99ecac76fbfb2b9f3f60598423da7f6bda2a6a1a4c87688e7c743d9b1839579

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 46310
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99

GET
H/1.1 200
OK vendor.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 2 MB
409 KB 577ms
133ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/vendor.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

8506fce9c6684123b26b24798a5c2559c7c75ee4c156b7d04f94c9a8b6a5e0ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=92

GET
H/1.1 200
OK main.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 13 KB
5 KB 573ms
113ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/main.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

499b88e65964375ca6b3d5ca22e8e1336b812de8303fb77e3ebe7b1d54f17789

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 3535
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99

GET
H/1.1 200
OK integrated.css
stgwww3.mainaccount.com/ Frame 6AE3 194 KB
39 KB 122ms
121ms Stylesheet
text/css 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/integrated.css

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/custom2.css?v=29.1.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

e036a08286a210e6d9c7142898a69691d9ae855a734aa6b720cb757b8f282095

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/custom2.css?v=29.1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 39100
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: text/css
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99

GET
H/1.1 200
200 commonhtml.js Show response
stgwww3.mainaccount.com/WebApp/stmt/util/ Frame 6AE3 8 KB
4 KB 116ms
116ms Script
application/x-javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/WebApp/stmt/util/commonhtml.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

5d720b310c49c9d2dfcfd6aa57a9f612a3b5c9ea6a1e165efc0af3b59f67b2fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Length: 2909
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 04 Feb 2022 10:01:04 GMT
Server: Apache
ETag: W/"8036-1643968864000-gzip"
Vary: User-Agent,Accept-Encoding
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/x-javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=98

GET
H/1.1 200
200 json2.js Show response
stgwww3.mainaccount.com/WebApp/stmt/util/ Frame 6AE3 11 KB
5 KB 132ms
131ms Script
application/x-javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/WebApp/stmt/util/json2.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

9913149f5e101539a4426af6fbaf651228ec728e75c6398a6a40df1d84557070

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Length: 3545
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 04 Feb 2022 10:01:04 GMT
Server: Apache
ETag: W/"10955-1643968864000-gzip"
Vary: User-Agent,Accept-Encoding
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/x-javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=98

GET
H/1.1 200
OK 0.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 13 KB
5 KB 110ms
110ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/0.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/runtime.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

c7668584f100851b7ac294a8b0640932b3ee0e848989699d5295e255b76e9c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 3660
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=91

GET
H/1.1 200
OK 2.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 40 KB
10 KB 113ms
113ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/2.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/runtime.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

6d2091646400fc340958ff8addb37f6a88400dbb2859100a50f7eb522eec858c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 9052
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=97

GET
H/1.1 200
OK 3.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 33 KB
9 KB 115ms
115ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/3.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/runtime.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

4694526e79689e2aca3a9a9406b9b69e769603848d8aa16d5c6b45d796b632e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 8166
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=97

GET
H/1.1 200
OK 4.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 766 B
2 KB 111ms
110ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/4.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/runtime.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

7cc8352c29f0007cf2021aa04ad82c278d2781f3b85e7880b00ce4bb88e39a1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 356
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=98

GET
H/1.1 200
OK 31.js Show response
stgwww3.mainaccount.com/angular/ Frame 6AE3 146 KB
35 KB 116ms
116ms Script
application/javascript 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/angular/31.js

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/runtime.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

db5647dbba0c4b5597e65b4b3ff8f5c1e23248b58466952df190660f0613b988

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Vary: User-Agent,Accept-Encoding
Content-Length: 34038
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 31 Jan 2022 09:38:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=99

POST
H/1.1 200
200 NGLoginServ Show response
stgwww3.mainaccount.com/WebApp/stmt/ Frame 6AE3 52 KB
16 KB 155ms
155ms XHR
application/json 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to

Full URL

https://stgwww3.mainaccount.com/WebApp/stmt/NGLoginServ

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/angular/polyfills.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

f7bf3af601a7ea2a8aa5fb59236fdd2ea15d4978d1567e5f29c0210f85c4acd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Length: 13903
X-XSS-Protection: 1; mode=block
Pragma: public
Server: Apache
Vary: User-Agent,Accept-Encoding
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store,no-cache
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Keep-Alive: timeout=30, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK verizon.png
stgwww3.mainaccount.com/images/ Frame 6AE3 6 KB
7 KB 148ms
147ms Image
image/png 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stgwww3.mainaccount.com/images/verizon.png

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

25a4e59d10a844e9c5c07602a9b259bd82f1bbef10882548b926441f1468f8c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=30, max=96
Content-Length: 5872
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bg-image.jpg
stgwww3.mainaccount.com/images/ Frame 6AE3 389 KB
390 KB 143ms
143ms Image
image/jpeg 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stgwww3.mainaccount.com/images/bg-image.jpg

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/site-alb.css?v=29.1.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

07448fae8561691c3193b94fcbc05e9c5a95247e314f87bb7e6dd87826d0348b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/site-alb.css?v=29.1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=30, max=96
Content-Length: 398238
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bannerlogo_new.gif
stgwww3.mainaccount.com/images/ Frame 6AE3 3 KB
4 KB 116ms
115ms Image
image/gif 204.51.92.19
TERRENAP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stgwww3.mainaccount.com/images/bannerlogo_new.gif

Requested by

Host: stgwww3.mainaccount.com
URL: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.51.92.19 , United States, ASN23148 (TERRENAP, US),

Reverse DNS

Software

Apache /

Resource Hash

2d6d1535598930e265874364ecfe4c00cab15be044a3da58fdb6048c0c86fc81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stgwww3.mainaccount.com/WebApp/stmt/LoginInitServ?command=init&url=https%3A%2F%2Fstgwww3.mainaccount.com%2F&framed=false&standardLogin=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 05:13:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Feb 2022 13:09:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
P3P: CP="NOI DSP COR NID ADM TAI OUR NOR NAV"
Connection: Keep-Alive
Content-Security-Policy: default-src 'self' *.albridge.com:* *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com *.mainaccount.com *.google.com *.newrelic.com *.gstaticecom *.bnymellon.net *.highcharts.com *.morningstar.com *.byallaccounts.net *.polyfill.io *.jsdelivr.net *.vidyard.com; style-src 'self' 'unsafe-inline' *.bnymellon.net *.morningstar.com *.byallaccounts.net *.vidyard.com; img-src 'self' data: *.albridge.com *.bnymellon.net *.mainaccount.com *.byallaccounts.net *.schwab.com *.vidyard.com blob:; frame-src 'self' *.mainaccount.com *.google.com *.byallaccounts.net *.albridge.com:* *.bnymellon.net *.cashedge.com *.schwab.com *.idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security: max-age=15768000;includeSubDomains
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=30, max=97
Content-Length: 3025
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| isFramed function| showLogin

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stgwww3.mainaccount.com/WebApp/stmt	1969-12-31 23:59:59	Name: AWRLEGACYSESSIONID Value: 0D1A35B2D260467BBD18CF85013338E8.awr_xat2_cuauatawrapp006
stgwww3.mainaccount.com/	1970-01-20 00:44:57	Name: SameSite Value: None
stgwww3.mainaccount.com/	1970-01-20 00:44:57	Name: ADRUM_BTa Value: R:147\|g:0d5c2f56-6d47-40a0-881a-5ab958f8c2c9\|n:customer1_2a8e1a9a-d1f9-4853-95ce-76bd1bfec255
stgwww3.mainaccount.com/	1969-12-31 23:59:59	Name: UserSession Value: -1
stgwww3.mainaccount.com/	1970-01-20 00:44:57	Name: ADRUM_BT1 Value: R:147\|i:466678

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stgwww3.mainaccount.com/UntitledFrame-2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .albridge.com: .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com cdnjs.cloudflare.com .mainaccount.com .google.com .newrelic.com .gstaticecom .bnymellon.net .highcharts.com .morningstar.com .byallaccounts.net .polyfill.io .jsdelivr.net .vidyard.com; style-src 'self' 'unsafe-inline' .bnymellon.net .morningstar.com .byallaccounts.net .vidyard.com; img-src 'self' data: .albridge.com .bnymellon.net .mainaccount.com .byallaccounts.net .schwab.com .vidyard.com blob:; frame-src 'self' .mainaccount.com .google.com .byallaccounts.net .albridge.com: .bnymellon.net .cashedge.com .schwab.com .idmanagedsolutions.com *.vidyard.com;
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stgwww3.mainaccount.com
204.51.92.19
07448fae8561691c3193b94fcbc05e9c5a95247e314f87bb7e6dd87826d0348b
1324ceee3f76c11784d57394889c51cf79d1804c5bfe0451f8f5d8f1e891941a
246c02a49c3a04e391954b90efae817143d272f84c5b8442d41c47f09922f050
25a4e59d10a844e9c5c07602a9b259bd82f1bbef10882548b926441f1468f8c6
2d6d1535598930e265874364ecfe4c00cab15be044a3da58fdb6048c0c86fc81
36067326891c0041d67a19f314bc435ac1a922d8606a84f19ca405f35da107a1
4694526e79689e2aca3a9a9406b9b69e769603848d8aa16d5c6b45d796b632e3
499b88e65964375ca6b3d5ca22e8e1336b812de8303fb77e3ebe7b1d54f17789
571179b97ef2cae3bed2fa64a0ab3597a58339fb21d9a905dc3f1424022a30d5
5a08e9610b655819986772be3dfb128a0e7b1335bc3d990e8991bd098f00c2c1
5d720b310c49c9d2dfcfd6aa57a9f612a3b5c9ea6a1e165efc0af3b59f67b2fd
6d2091646400fc340958ff8addb37f6a88400dbb2859100a50f7eb522eec858c
7cc8352c29f0007cf2021aa04ad82c278d2781f3b85e7880b00ce4bb88e39a1a
8506fce9c6684123b26b24798a5c2559c7c75ee4c156b7d04f94c9a8b6a5e0ac
9913149f5e101539a4426af6fbaf651228ec728e75c6398a6a40df1d84557070
b370c51fc88e92afb685a776d89b9841e11577e752e72f96f66a84ee8302a771
b552cb91f666288acb398c411e97581498a8a792b0895e5eebe59ee59c560072
bead270d12b561241152f32838dcc9eb4b2a97397a916e634f562d38be069fe2
c57918f951b631b953667e3bbd475cd1449c6926b633ddb43c2d85ed812e3960
c7668584f100851b7ac294a8b0640932b3ee0e848989699d5295e255b76e9c1f
d0d3514bb83d25a13c0fde3ccaeb8db74c1ad2941cfda02b24072f3fd32b41d2
d84cc854e5f3c7fe85d80657b1e4622a3f3c32f344c0ba204c6e76dc4f32a651
d99ecac76fbfb2b9f3f60598423da7f6bda2a6a1a4c87688e7c743d9b1839579
db5647dbba0c4b5597e65b4b3ff8f5c1e23248b58466952df190660f0613b988
e036a08286a210e6d9c7142898a69691d9ae855a734aa6b720cb757b8f282095
e960b6a255baffeb5741e80660bd939d6a82154ae4ef05af3d442b6dbc17d042
edfa0cbc36a718de4f884c3cc076fe24156b1ee07d25096f54e0551ad802f0ae
f7bf3af601a7ea2a8aa5fb59236fdd2ea15d4978d1567e5f29c0210f85c4acd4

stgwww3.mainaccount.com Open in urlscan Pro 204.51.92.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1154 kBTransfer

3501 kBSize

5 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

stgwww3.mainaccount.com Open in urlscan Pro
204.51.92.19 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1154 kB
Transfer

3501 kB
Size

5
Cookies

28 HTTP transactions
0 data transactions