banking.flagstar.com Open in urlscan Pro
66.22.56.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onlinebanking.mynycb.com/
Effective URL:
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26...
Submission: On September 22 via manual (September 22nd 2024, 1:38:24 pm UTC) from RU — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 66.22.56.109, located in United States and belongs to RADWARE-CLOUD-SERVICES, US. The main domain is banking.flagstar.com. The Cisco Umbrella rank of the primary domain is 351986.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 21st 2024. Valid for: a year.

This is the only time banking.flagstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.71.55.104 208.71.55.104	30572 (NYCB-NEW-...) (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC)
6 27	66.22.56.109 66.22.56.109	25773 (RADWARE-C...) (RADWARE-CLOUD-SERVICES)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
30	4

1 208.71.55.104 (United States) 1 redirects

ASN30572 (NYCB-NEW-YORK-COMMUNITY-BANCORP-INC, US)
PTR: www.nycblinks.com

onlinebanking.mynycb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 66.22.56.109 (United States) 6 redirects

ASN25773 (RADWARE-CLOUD-SERVICES, US)

banking.flagstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	flagstar.com 6 redirects banking.flagstar.com — Cisco Umbrella Rank: 351986	794 KB
2	gstatic.com fonts.gstatic.com	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
1	mynycb.com 1 redirects onlinebanking.mynycb.com	255 B
0	iesnare.com Failed mpsnare.iesnare.com Failed
30	5

	Domain	Requested by
27	banking.flagstar.com	6 redirects banking.flagstar.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	banking.flagstar.com
1	onlinebanking.mynycb.com	1 redirects
0	mpsnare.iesnare.com Failed	banking.flagstar.com
30	5

This site contains no links.

Subject Issuer	Validity	Valid
banking.flagstar.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-21` - `2025-08-20`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z
Frame ID: 9227E762DB050221DD0BE1C6DBCE1C4B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://onlinebanking.mynycb.com/ HTTP 301
https://banking.flagstar.com/ HTTP 302
https://banking.flagstar.com/banking/start/ HTTP 302
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&... HTTP 302
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanki... Page URL
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanki... Page URL

Page Statistics

30
Requests

80 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

831 kB
Transfer

2357 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onlinebanking.mynycb.com/ HTTP 301
https://banking.flagstar.com/ HTTP 302
https://banking.flagstar.com/banking/start/ HTTP 302
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbanking%252fstart%252f&wct=2024-09-22T13%3a38%3a08Z HTTP 302
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z Page URL
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://onlinebanking.mynycb.com/ HTTP 301
https://banking.flagstar.com/ HTTP 302
https://banking.flagstar.com/banking/start/ HTTP 302
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbanking%252fstart%252f&wct=2024-09-22T13%3a38%3a08Z HTTP 302
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Request Chain 9

https://banking.flagstar.com/favicon.svg HTTP 302
https://banking.flagstar.com/banking/start/favicon.svg HTTP 302
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-22T13%3a38%3a10Z HTTP 302
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-22T13%3A38%3A10Z

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

SignIn Show response
banking.flagstar.com/auth/
Redirect Chain

https://onlinebanking.mynycb.com/
https://banking.flagstar.com/
https://banking.flagstar.com/banking/start/
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbanking%252fstart%252f&wct=2024-09-22T13%3a38%3a08Z
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3...

116 KB
85 KB

261ms
261ms

Document
text/html

66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: 940f9b11a1f85edfe1481d462207a3878aaffb3c60ede63cb4dfaf2de6104a31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Sep 2024 13:38:08 GMT
Server: rdwr
Transfer-Encoding: chunked
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Sep 2024 13:38:07 GMT
Expires: -1
Location: /auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
665 B 183ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: banking.flagstar.com
URL: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 22 Sep 2024 13:38:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 13:38:08 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 22 Sep 2024 12:26:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 182ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 22 Sep 2024 13:38:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 13:38:08 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 22 Sep 2024 12:42:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK stormcaster.js Show response
banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/ 240 KB
90 KB 142ms
141ms Script
application/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js
Requested by: Host: banking.flagstar.com
URL: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: 1606203846c1977f6b9eb8f226c623c77f73838df2a622556cfa3efd884c0c65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Cache-Control: max-age=3600,public
Content-Encoding: gzip
ETag: W/"66d1bfec-3bece"
Age: 472
Connection: keep-alive
Via: 1.1 google
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 91364
Date: Sun, 22 Sep 2024 13:38:08 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Aug 2024 12:49:48 GMT
Server: rdwr
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 83 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 907b9146e218e6c4e16ff7146b9ca54d94e85789fa810c19eebcc182a9f8512a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 98ms
42ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://banking.flagstar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 143718
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Sep 2025 21:42:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 21:42:50 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 23 KB
23 KB 112ms
57ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://banking.flagstar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 145184
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Sep 2025 21:18:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 21:18:24 GMT
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23692
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK c99a4269-161c-4242-a3f0-28d44fa6ce24 Show response
banking.flagstar.com/ 651 B
781 B 255ms
133ms XHR
text/plain 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/c99a4269-161c-4242-a3f0-28d44fa6ce24?
Requested by: Host: banking.flagstar.com
URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: fb705246b09136dbb1f211c838b5f17e96be9801d2bf9fc88f5f6de76fae3a8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Via: 1.1 google
x-response-time: 0ms
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date: Sun, 22 Sep 2024 13:38:09 GMT
Content-Type: text/plain; charset=UTF-8
Server: rdwr

POST
H/1.1 200
OK c99a4269-161c-4242-a3f0-28d44fa6ce24 Show response
banking.flagstar.com/ 255 B
530 B 385ms
131ms XHR
text/plain 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/c99a4269-161c-4242-a3f0-28d44fa6ce24?
Requested by: Host: banking.flagstar.com
URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: 6a80a660073763d27217d4a14ceed1958777f04cd8d4291d87e6e29e0777ff15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Via: 1.1 google
x-response-time: 0ms
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date: Sun, 22 Sep 2024 13:38:09 GMT
Content-Type: text/plain; charset=UTF-8
Server: rdwr

GET
H/1.1

200
OK

SignIn
banking.flagstar.com/auth/
Redirect Chain

https://banking.flagstar.com/favicon.svg
https://banking.flagstar.com/banking/start/favicon.svg
https://banking.flagstar.com/auth/?wa=wsignin1.0&wtrealm=https%3a%2f%2fbanking.flagstar.com%2fbanking%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-22T13%3...
https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-2...

15 KB
7 KB

316ms
315ms

Other
text/html

66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-22T13%3A38%3A10Z

Protocol

HTTP/1.1

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

be122a54917118e7d598d842f4a8ba497bd2abb9183e7d48bbdb6619be5096fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: -1
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:10 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

Redirect headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: no-cache, no-store
Location: /auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252ffavicon.svg&wct=2024-09-22T13%3A38%3A10Z
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: -1
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:10 GMT
Content-Type: text/html; charset=utf-8
X-FRAME-OPTIONS: SAMEORIGIN

POST
H/1.1 200
OK c99a4269-161c-4242-a3f0-28d44fa6ce24 Show response
banking.flagstar.com/ 343 B
575 B 241ms
137ms Fetch
text/plain 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/c99a4269-161c-4242-a3f0-28d44fa6ce24
Requested by: Host: banking.flagstar.com
URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: 10b08f3d89c5663e4f693dcf39372ca95b767369525d4ddbd2cdbd2fd1b4c8c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Via: 1.1 google
x-response-time: 0ms
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date: Sun, 22 Sep 2024 13:38:09 GMT
Content-Type: text/plain; charset=UTF-8
Server: rdwr

POST
H/1.1 200
OK c99a4269-161c-4242-a3f0-28d44fa6ce24 Show response
banking.flagstar.com/ 343 B
578 B 133ms
131ms Fetch
text/plain 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/c99a4269-161c-4242-a3f0-28d44fa6ce24
Requested by: Host: banking.flagstar.com
URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: f13f39a3f5b587881f7eb90016a29b2dbf7de1a13b929d02881f22a65dea22b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Via: 1.1 google
x-response-time: 0ms
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date: Sun, 22 Sep 2024 13:38:10 GMT
Content-Type: text/plain; charset=UTF-8
Server: rdwr

GET
H/1.1 502
Bad Gateway favicon.ico
banking.flagstar.com/ 414 B
582 B 343ms
342ms Other
text/html 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.flagstar.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software: rdwr /
Resource Hash: d2170b1d11e482583370e08435f06933403a223cf465eef8a3033a6bed90bbea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Date: Sun, 22 Sep 2024 13:38:11 GMT
Content-Type: text/html
Server: rdwr
Connection: keep-alive

GET
H/1.1 200
OK Primary Request SignIn Show response
banking.flagstar.com/auth/ 15 KB
7 KB 189ms
189ms Document
text/html 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: banking.flagstar.com
URL: https://banking.flagstar.com/18f5227b-e27b-445a-a53f-f845fbe69b40/stormcaster.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

0f55eafab197a1bd5a932993dff611eb3c240748406ec6bd33911798bba018d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Sep 2024 13:38:11 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK CorillianStyles
banking.flagstar.com/auth/Content/ 503 KB
107 KB 566ms
564ms Stylesheet
text/css 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Content/CorillianStyles?v=FZgNp3kZPfO3c-9q86XWPMxlvIAXJEvVYXgNFxJNu7g1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

39d1c3a538de7cee15ab0feab7eb929c8244358c431db41b114c442dc8c920c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:12 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:12 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK CorillianDynamicStyles
banking.flagstar.com/auth/Content/ 266 KB
74 KB 370ms
368ms Stylesheet
text/css 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Content/CorillianDynamicStyles?v=yDmO9sUGoXLFAIbddukBYpQz40UnVVRg7IdyLwiJ5y41

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

2a63c92600111f62be00866c51b096e35acff94fbb6d4a2645a3615d5787052a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:12 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:12 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK SecurityTokenServiceStyles
banking.flagstar.com/auth/Content/ 3 KB
2 KB 180ms
178ms Stylesheet
text/css 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Content/SecurityTokenServiceStyles?v=gQvqVba6K9kKQBYAggw5hMIiLCWXyn19LELH5U6N9XQ1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

44d9b24814fa7885d8fc083fb86f09682c6cf07c2db09567ab8f832ccaaf1164

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:12 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:12 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK SecurityTokenServiceDynamicStyles
banking.flagstar.com/auth/Content/ 1 KB
1 KB 167ms
165ms Stylesheet
text/css 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Content/SecurityTokenServiceDynamicStyles?v=B8q3gITxQ5qOpG8tDVDn_lKi2fVYqfbVSQBvcLGXq-01

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

28becc9b90d872141739b26a2d8a6b2495525b9cca431777fb99d992e296e634

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:12 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:12 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK RogueTheme Show response
banking.flagstar.com/auth/Scripts/Head/ 736 KB
277 KB 763ms
594ms Script
text/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Scripts/Head/RogueTheme?v=J1wpCvcBYdalt9r9fFEBWc1qWT1fv5yng4y9akvOTVQ1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

0590cea1ce881c82513ac100ab9365c808f7163b694cd427319d6f2e21e6fb7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:12 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:12 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK Shared_Header_Logo
banking.flagstar.com/auth/LocalizedImage/de/ 17 KB
18 KB 489ms
306ms Image
image/png 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.flagstar.com/auth/LocalizedImage/de/Shared_Header_Logo

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

a233d8913b5a4fe4660fd89a2a6df30e5b99f105c55ae9c8e1546de359e6a5bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: private, max-age=86400
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Length: 17552
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: image/png
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK Shared_Footer_Image
banking.flagstar.com/auth/LocalizedImage/de/ 3 KB
4 KB 425ms
182ms Image
image/png 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.flagstar.com/auth/LocalizedImage/de/Shared_Footer_Image

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

445836f9d85744e4a0051fdeb0cd6f6bade51fe747fc20677aa898f502060e0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: private, max-age=86400
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Length: 3057
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: image/png
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK CommonScripts Show response
banking.flagstar.com/auth/Scripts/Body/ 306 KB
108 KB 389ms
388ms Script
text/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Scripts/Body/CommonScripts?v=zaeCJmBeZ81xrg4ibzMSwMWRflsV3eKcim0JM1Jp2YY1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

9895fab0c2b63e092e16ee26a3ae37baf63ad2191f8587bdf7ba4802d16d68d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:13 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:12 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:13 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK WebResource.axd Show response
banking.flagstar.com/auth/ 2 KB
2 KB 182ms
181ms Script
application/x-javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/WebResource.axd?d=828Avnkfn0jIdsTIQaLr1yc40vg2sRUH9IkMWJcADQw8M7PbVyMp3jG_VRS4ixAeo8LPHaUKL8a3x63kUt5Ihv2oJuA2Bne00uW2NKNGkFWrByBu2gy1PN4p0ZI98nTRH5xybDdc1jq2JCRakM8lboyQqyXiBGMMw9UFV_kB3gQ1&t=638386526460000000

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

e5094fc96da1b0884c38addc2966510e0819fa145dcbdd1aa6252cccc324f5ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 09:36:59 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:13 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Dec 2023 12:04:06 GMT
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK SecurityTokenService Show response
banking.flagstar.com/auth/Scripts/ 2 KB
2 KB 178ms
177ms Script
text/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Scripts/SecurityTokenService?v=dXpWYupFpR85y7C7nuqQJvd1SxwyG3GVoGxqqYfJe481

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

e3058443f454a3b8ee45d94d27e8ddb65b36ce0cefa72333b9735945ff32edaf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Mon, 22 Sep 2025 13:38:13 GMT
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:13 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Sun, 22 Sep 2024 13:38:13 GMT
Vary: User-Agent,Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK fiserv.fraudcontrol.configuration.js Show response
banking.flagstar.com/auth/Scripts/ 114 B
583 B 170ms
169ms Script
application/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Scripts/fiserv.fraudcontrol.configuration.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

4534cd753bf14b7911029fcbdc0ddbd74fa141a1b23dc777d9e6350c38100d78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:13 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK fiserv.fraudcontrol.loginpage.js Show response
banking.flagstar.com/auth/Scripts/ 2 KB
1 KB 168ms
167ms Script
application/javascript 66.22.56.109
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.flagstar.com/auth/Scripts/fiserv.fraudcontrol.loginpage.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.56.109 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

Software

Resource Hash

6783824ae2a0630c482c9c0b19aeb6973882ef76a64b949f6e5bce7df86ec8a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://banking.flagstar.com/auth/SignIn?wa=wsignin1.0&wtrealm=https%3A%2F%2Fbanking.flagstar.com%2Fbanking%2F&wctx=rm%3D0%26id%3Dpassive%26ru%3D%252fbanking%252fstart%252f&wct=2024-09-22T13%3A38%3A08Z

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Security-Policy: frame-ancestors 'self' ; upgrade-insecure-requests;
Cache-Control: public
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block
Date: Sun, 22 Sep 2024 13:38:13 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN

GET snare.js
mpsnare.iesnare.com/ 0
0

GET SignIn
banking.flagstar.com/auth/Scripts/ 0
0

GET ManagePassword
banking.flagstar.com/auth/Scripts/ 0
0

GET WebResource.axd
banking.flagstar.com/auth/ 0
0

GET 5d841ab2-6416-4d9c-ab48-7bb4666ed24b
https://banking.flagstar.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js

Domain: banking.flagstar.com
URL: https://banking.flagstar.com/auth/Scripts/SignIn?v=OCz1AoyYXegUfAVO_GPz8sPPIVR3anszb6l4t-EBKNQ1

Domain: banking.flagstar.com
URL: https://banking.flagstar.com/auth/Scripts/ManagePassword?v=9JR88fAFqAyRhj7kCOF_Z0TJEfg4cLlFZPXROsb1EwU1

Domain: banking.flagstar.com
URL: https://banking.flagstar.com/auth/WebResource.axd?d=Ce78MYX-rMsJX3_lIrcw4y_ZLPu20VKjfy8uJWmXiz9tuyYg68Ay0184OVS_UHn9yoV1LDsvUSUZWVeXh4C0T71OJX_8GXuPs197tiodz3mKzQ68xdteZxKOUFjuPXzbxH085aHyCOKNXXIC1MStQ7tH86apg2_IRsbjnhJnehuWEeYUYAsGfMKmaF1RTkf_tEkDNeX-weMQd92bQYMvVw2&t=638297185220000000

Domain: banking.flagstar.com
URL: blob:https://banking.flagstar.com/5d841ab2-6416-4d9c-ab48-7bb4666ed24b

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banking.flagstar.com/auth	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rfujqcqficgtcobbk5nmxf0p
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzma Value: e66bcfe9-8724-431a-b640-af6c6ef14cc8
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzmb Value: 1727012287
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzme Value: 7545
banking.flagstar.com/	1969-12-31 23:59:59	Name: BrowserSessionID Value: ab4168543a6c4daa902078c82f7ed1ef
banking.flagstar.com/	1969-12-31 23:59:59	Name: PinnedBrowserSession Value: g61SbxZatWDeKNrEEXv4xf8Gyl1gMDdzO47jGWwZ9S/FrpqFtVHNKG1YYw/kMEtTktZbjWj/SxvbdyXP3bNEcA==\|ODAuMjU1LjcuMTA1
.flagstar.com/	1970-01-21 04:02:47	Name: __ssds Value: 2
.flagstar.com/	1970-01-21 04:02:47	Name: __ssuzjsr2 Value: a9be12cd8e
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmaj2 Value: 01817a0f-9a92-437f-b917-1cf0b3e02a8d
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmbj2 Value: 1727012289
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmcj2 Value: 987991066044
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmdj2 Value: 1727012289
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmlj2 Value: jic+LUazn3Jfi+uEIcqcH+ZJ++kizYszFMlZ4aqTQU4=
.flagstar.com/	1970-01-21 04:02:47	Name: __uzmfj2 Value: 7f6000240516d9-c606-45a7-9a52-192ce9b0b95a17270122891130-e62bc846996ce10010
.flagstar.com/	1970-01-20 23:43:32	Name: sscc Value: 1
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzmd Value: 1727012293
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzmc Value: 338843765475
banking.flagstar.com/	1970-01-21 04:05:37	Name: __uzmf Value: 7f6000240516d9-c606-45a7-9a52-192ce9b0b95a17270122878105491-e53205a5e2ca7a0537

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://banking.flagstar.com/favicon.ico Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.flagstar.com
fonts.googleapis.com
fonts.gstatic.com
mpsnare.iesnare.com
onlinebanking.mynycb.com
banking.flagstar.com
mpsnare.iesnare.com
142.250.185.99
208.71.55.104
2a00:1450:4001:81c::200a
66.22.56.109
0590cea1ce881c82513ac100ab9365c808f7163b694cd427319d6f2e21e6fb7e
0f55eafab197a1bd5a932993dff611eb3c240748406ec6bd33911798bba018d7
10b08f3d89c5663e4f693dcf39372ca95b767369525d4ddbd2cdbd2fd1b4c8c8
158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871
1606203846c1977f6b9eb8f226c623c77f73838df2a622556cfa3efd884c0c65
28becc9b90d872141739b26a2d8a6b2495525b9cca431777fb99d992e296e634
2a63c92600111f62be00866c51b096e35acff94fbb6d4a2645a3615d5787052a
39d1c3a538de7cee15ab0feab7eb929c8244358c431db41b114c442dc8c920c7
445836f9d85744e4a0051fdeb0cd6f6bade51fe747fc20677aa898f502060e0e
44d9b24814fa7885d8fc083fb86f09682c6cf07c2db09567ab8f832ccaaf1164
4534cd753bf14b7911029fcbdc0ddbd74fa141a1b23dc777d9e6350c38100d78
6783824ae2a0630c482c9c0b19aeb6973882ef76a64b949f6e5bce7df86ec8a3
6a80a660073763d27217d4a14ceed1958777f04cd8d4291d87e6e29e0777ff15
7b3b60c3cb01c1db4f6d8b45005fd2fa2d10c163195b6bd855abb5bff4aa655c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
907b9146e218e6c4e16ff7146b9ca54d94e85789fa810c19eebcc182a9f8512a
940f9b11a1f85edfe1481d462207a3878aaffb3c60ede63cb4dfaf2de6104a31
9895fab0c2b63e092e16ee26a3ae37baf63ad2191f8587bdf7ba4802d16d68d1
a233d8913b5a4fe4660fd89a2a6df30e5b99f105c55ae9c8e1546de359e6a5bd
be122a54917118e7d598d842f4a8ba497bd2abb9183e7d48bbdb6619be5096fd
d2170b1d11e482583370e08435f06933403a223cf465eef8a3033a6bed90bbea
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e3058443f454a3b8ee45d94d27e8ddb65b36ce0cefa72333b9735945ff32edaf
e5094fc96da1b0884c38addc2966510e0819fa145dcbdd1aa6252cccc324f5ae
f13f39a3f5b587881f7eb90016a29b2dbf7de1a13b929d02881f22a65dea22b1
fb705246b09136dbb1f211c838b5f17e96be9801d2bf9fc88f5f6de76fae3a8c

banking.flagstar.com Open in urlscan Pro 66.22.56.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

30 Requests

80 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

831 kBTransfer

2357 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

18 Cookies

1 Console Messages

banking.flagstar.com Open in urlscan Pro
66.22.56.109 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

80 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

831 kB
Transfer

2357 kB
Size

18
Cookies

30 HTTP transactions
1 data transactions