urlscan.io logo urlscan.io
SecurityTrails logo

bank.allegradsm.com Open in urlscan Pro
65.60.63.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bank.allegradsm.com/
Effective URL: https://bank.allegradsm.com/login
Submission: On October 01 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 25 HTTP transactions. The main IP is 65.60.63.98, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is bank.allegradsm.com.
TLS certificate: Issued by E6 on September 30th 2024. Valid for: 3 months.
This is the only time bank.allegradsm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 25 65.60.63.98 32475 (SINGLEHOP...)
1 142.250.184.234 15169 (GOOGLE)
1 216.58.206.42 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
25 4
Apex Domain
Subdomains		 Transfer
25 allegradsm.com
bank.allegradsm.com
1 MB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 454
fonts.googleapis.com — Cisco Umbrella Rank: 46
33 KB
1 gstatic.com
fonts.gstatic.com
48 KB
25 3
Domain Requested by
25 bank.allegradsm.com 3 redirects bank.allegradsm.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bank.allegradsm.com
1 ajax.googleapis.com bank.allegradsm.com
25 4

This site contains no links.

Subject Issuer Validity Valid
bank.allegradsm.com
E6		 2024-09-30 -
2024-12-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bank.allegradsm.com/login
Frame ID: C1DBDAA8AE1221A18D1D1D5842AE2C52
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://bank.allegradsm.com/ HTTP 302
    https://bank.allegradsm.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1181 kB
Transfer

3494 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bank.allegradsm.com/ HTTP 302
    https://bank.allegradsm.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://bank.allegradsm.com/layout/skins/library/lib/js/library.min.js HTTP 301
  • https://bank.allegradsm.com/files/skins/library/lib/js/library.min.js
Request Chain 20
  • https://bank.allegradsm.com/layout/skins/library/lib/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP 301
  • https://bank.allegradsm.com/files/skins/library/lib/fonts/fontawesome-webfont.woff2

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bank.allegradsm.com/
Redirect Chain
  • https://bank.allegradsm.com/
  • https://bank.allegradsm.com/login
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
dda0bc6edcaac099de4d0de38390f101c6696eefbe316179338389f931a46023
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
gzip
content-length
4520
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 08:22:23 GMT
server
WWW Server/1.1
strict-transport-security
max-age=31536000; includeSubDomains;
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
private
content-length
123
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 08:22:22 GMT
location
/login
server
WWW Server/1.1
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
DENY
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bank.allegradsm.com
Referer
https://bank.allegradsm.com/

Response headers

content-encoding
gzip
age
604252
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:31:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:31:32 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
w2pclient.min.css
bank.allegradsm.com/Content/ 		536 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/Content/w2pclient.min.css?stamp=20241001064906
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
082e675eb9e3a766a73e411d547f5b5d184b01f4b6424f71427d7c76c9285c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

transfer-encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public,max-age=1296000
content-encoding
gzip
etag
"0361a9c4b13db1:0"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
accept-ranges
bytes
date
Tue, 01 Oct 2024 08:22:23 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 15:15:40 GMT
vary
accept-encoding
server
WWW Server/1.1
checkout.min.css
bank.allegradsm.com/Content/css/checkout/ 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/Content/css/checkout/checkout.min.css?stamp=20241001064906
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
82c6727a3cb03a7a8de1af18af1991aaa9df814293127f20e0edc30d2e021aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public,max-age=1296000
content-encoding
gzip
etag
"0361a9c4b13db1:0"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
accept-ranges
bytes
content-length
5457
date
Tue, 01 Oct 2024 08:22:23 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 15:15:40 GMT
vary
accept-encoding
server
WWW Server/1.1
library.min.css
bank.allegradsm.com/layout/skins/library/lib/css/ 		348 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/layout/skins/library/lib/css/library.min.css?v=2024.9.30.3&stamp=20241001064906
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
5b886c15adc341828c2ab3ab02cce755cf701cc29d3f7bb9265267a67410a16d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

transfer-encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Wed, 16 Oct 2024 08:22:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 08:22:23 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
WWW Server/1.1
base_skin.min.css
bank.allegradsm.com/layout/skins/library/base_skin/responsiveClean/ 		37 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/layout/skins/library/base_skin/responsiveClean/base_skin.min.css?v=2024.9.30.3&stamp=20241001064906
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
21c725ff16dd02a18be20adcad9d41485136116c777828f8421efc63a6d1c93c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Wed, 16 Oct 2024 08:22:24 GMT
access-control-allow-origin
*
content-length
10732
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
WWW Server/1.1
layout.css
bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/layout.css?v=2024.9.30.3&stamp=20241001064906
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
545328273eaf20f544d8c21a8daf2ddd85ab9f4864025edf4011c01fb0750bc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Wed, 16 Oct 2024 08:22:24 GMT
access-control-allow-origin
*
content-length
3273
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
WWW Server/1.1
logo_e42c0000-569f-0050-2775-08dcd9b3c1a0_large.png
bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/logo_e42c0000-569f-0050-2775-08dcd9b3c1a0_large.png?stamp=638627085359214606
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
13045052213aa43914943687520ed60e0ebc29ab556eabf54edf1c4c1967dccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66f1a237-2b6d"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:26 GMT
accept-ranges
bytes
content-length
11117
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
image/png
last-modified
Mon, 23 Sep 2024 17:15:35 GMT
server
nginx
library.min.js
bank.allegradsm.com/files/skins/library/lib/js/
Redirect Chain
  • https://bank.allegradsm.com/layout/skins/library/lib/js/library.min.js
  • https://bank.allegradsm.com/files/skins/library/lib/js/library.min.js
120 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/library/lib/js/library.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
82575378388604ca98a856ea7662c6e9039e2877702c0a9f727d038f29e4332d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-1e1a5"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:26 GMT
accept-ranges
bytes
content-length
123301
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
location
/files/skins/library/lib/js/library.min.js
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
access-control-allow-origin
*
content-length
159
date
Tue, 01 Oct 2024 08:22:23 GMT
content-type
text/html; charset=utf-8
server
WWW Server/1.1
jquery.cookie.min.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/jquery.cookie.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
239011ddd00345611806d77467c81dc5a4c90d15fec6f66357671b73920287dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-515"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:24 GMT
accept-ranges
bytes
content-length
1301
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
jquery.mousewheel.min.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/jquery.mousewheel.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
bdcb5de724135fc17212febcab5a5222e527ff64f4e8d62bf8990ed6223e1519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-ada"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:24 GMT
accept-ranges
bytes
content-length
2778
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
owl.carousel.min.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/owl.carousel.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
9c14b7832d530a9d996ee378de806c8bbf3233b63e1fc3fa1177d37127cf7f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-a908"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:26 GMT
accept-ranges
bytes
content-length
43272
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
photoswipe-ui-default.min.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/photoswipe-ui-default.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
4059dc11e73e02d4cb2dd7987b457813d685577b5e5ea4c383cc18e0bf569d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-2699"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:24 GMT
accept-ranges
bytes
content-length
9881
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
photoswipe.min.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/photoswipe.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
e48d7387d6dec97c4a930bab2946b29e90607490ed97da1e91f391ff1f0440f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-7ca2"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:26 GMT
accept-ranges
bytes
content-length
31906
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
z.skin.js
bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/js/z.skin.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
232d0e437b26cb529aae8a9be99a3205d0dd78c8eb7935842feac37f8029d7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfbc-2a30"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:25 GMT
accept-ranges
bytes
content-length
10800
date
Tue, 01 Oct 2024 08:22:25 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 12:38:20 GMT
server
nginx
client-bundle.min.js
bank.allegradsm.com/Scripts/ 		2 MB
576 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
419bc77d25db94bc5353b367a4b43b6f06c24d321505a9298863ea5dcd6b50fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public,max-age=1296000
content-encoding
gzip
etag
"0361a9c4b13db1:0"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
accept-ranges
bytes
content-length
589421
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 15:15:40 GMT
vary
accept-encoding
server
WWW Server/1.1
kendo.culture.it-IT.min.js
bank.allegradsm.com/Scripts/kendo/cultures/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/Scripts/kendo/cultures/kendo.culture.it-IT.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
9d4b1eaee4c7478c3ee1e05291f39c74b37f638991d0b539c2b5f87013560b8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public,max-age=1296000
content-encoding
gzip
etag
"0907c9e4b13db1:0"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
accept-ranges
bytes
content-length
1117
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 15:15:44 GMT
vary
accept-encoding
server
WWW Server/1.1
kendo.messages.it-IT.min.js
bank.allegradsm.com/Scripts/kendo/messages/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/Scripts/kendo/messages/kendo.messages.it-IT.min.js
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
b0a44b28dc799552b404d75b7cc7419acafa3bf708dbfbff8c8f9ec3eca3ae94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public,max-age=1296000
content-encoding
gzip
etag
"01710a24b13db1:0"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
accept-ranges
bytes
content-length
6406
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 15:15:50 GMT
vary
accept-encoding
server
WWW Server/1.1
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/layout/skins/library/base_skin/responsiveClean/base_skin.min.css?v=2024.9.30.3&stamp=20241001064906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f10.1e100.net
Software
ESF /
Resource Hash
344c7bdd1c5be8ac9d27c9260ff6d07263306880d3b6dd8698dca320ae192227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 08:22:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 01 Oct 2024 08:22:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
photoswipe.min.css
bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/css/photoswipe/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/css/photoswipe/photoswipe.min.css
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/layout.css?v=2024.9.30.3&stamp=20241001064906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
ae595d043382c6a5c01357d1a291c6d92aa98168acab5effdce95ea3ed4204aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/layout.css?v=2024.9.30.3&stamp=20241001064906

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Wed, 16 Oct 2024 08:22:25 GMT
access-control-allow-origin
*
content-length
1035
date
Tue, 01 Oct 2024 08:22:24 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
WWW Server/1.1
default-skin.min.css
bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/css/photoswipe/default-skin/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/css/photoswipe/default-skin/default-skin.min.css
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/layout.css?v=2024.9.30.3&stamp=20241001064906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
WWW Server/1.1 /
Resource Hash
9105bb936d82d2c9093123f18042365474742cf1deca08bc49160dbd5fc3076c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/layout/skins/c1177a85-c19e-4849-9be5-5c6d1f700b49/layout.css?v=2024.9.30.3&stamp=20241001064906

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Wed, 16 Oct 2024 08:22:25 GMT
access-control-allow-origin
*
content-length
2414
date
Tue, 01 Oct 2024 08:22:25 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
server
WWW Server/1.1
fontawesome-webfont.woff2
bank.allegradsm.com/files/skins/library/lib/fonts/
Redirect Chain
  • https://bank.allegradsm.com/layout/skins/library/lib/fonts/fontawesome-webfont.woff2?v=4.7.0
  • https://bank.allegradsm.com/files/skins/library/lib/fonts/fontawesome-webfont.woff2
75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/skins/library/lib/fonts/fontawesome-webfont.woff2
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/layout/skins/library/lib/css/library.min.css?v=2024.9.30.3&stamp=20241001064906
Protocol
HTTP/1.1
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/layout/skins/library/lib/css/library.min.css?v=2024.9.30.3&stamp=20241001064906

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66c5dfc0-12d68"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:28 GMT
accept-ranges
bytes
content-length
77160
date
Tue, 01 Oct 2024 08:22:28 GMT
content-type
font/woff2
last-modified
Wed, 21 Aug 2024 12:38:24 GMT
server
nginx

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private
location
/files/skins/library/lib/fonts/fontawesome-webfont.woff2
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
access-control-allow-origin
*
content-length
173
date
Tue, 01 Oct 2024 08:22:25 GMT
content-type
text/html; charset=utf-8
server
WWW Server/1.1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bank.allegradsm.com
Referer
https://fonts.googleapis.com/

Response headers

age
715
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:10:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:10:32 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
logo_e42c0000-569f-0050-2775-08dcd9b3c1a0_large.png
bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/logo_e42c0000-569f-0050-2775-08dcd9b3c1a0_large.png?stamp=638627085359214606
Requested by
Host: bank.allegradsm.com
URL: https://bank.allegradsm.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
13045052213aa43914943687520ed60e0ebc29ab556eabf54edf1c4c1967dccd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

cache-control
max-age=21600
etag
"66f1a237-2b6d"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:26 GMT
accept-ranges
bytes
content-length
11117
date
Tue, 01 Oct 2024 08:22:26 GMT
content-type
image/png
last-modified
Mon, 23 Sep 2024 17:15:35 GMT
server
nginx
favicon.ico
bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/ 		645 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bank.allegradsm.com/files/subscribers/477fcf83-485a-4284-afaa-e61201c1bd42/sites/e42c0000-569f-0050-2775-08dcd9b3c1a0/favicon.ico?stamp=638633257731030455
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.60.63.98 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
computenode1.aleyant.com
Software
nginx /
Resource Hash
c59b87bb6050be0e56f3dc4ff51ae3ae7e460b9010d6bba4d257fff7351a0683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bank.allegradsm.com/login

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=21600
etag
"66fb0d4d-285"
content-security-policy-report-only
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com
expires
Tue, 01 Oct 2024 14:22:29 GMT
accept-ranges
bytes
content-length
645
date
Tue, 01 Oct 2024 08:22:29 GMT
content-type
image/x-icon
last-modified
Mon, 30 Sep 2024 20:42:53 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| checkDomain function| applyCleanInput function| preventEnterKey function| keepSession function| cleaninput function| StandardConfirm function| al_txtareamax function| grid_ExportXLS function| prsearch function| dosearch function| _typeof function| PhotoSwipeUI_Default function| PhotoSwipe function| extractNumber function| getPresseroPurchaseData function| getGA4PurchaseData function| BarRating function| JSZip object| kendo function| _currencyFormat object| searchform object| searchinput object| searchbutton

2 Cookies

Domain/Path Name / Value
bank.allegradsm.com/ Name: ASP.NET_SessionId
Value: ff2jwfezjhiqxvlun52yhxtu
bank.allegradsm.com/ Name: __RequestVerificationToken
Value: LnZtZilFr014wE2pIMnhtaruMZh8CuyvQkD9oBTRNM3MZC2S7bV2U5LaBEp5ietKCcksvnznKlUcY8_2JfWPrOaBzrE1

46 Console Messages

Source Level URL
Text
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://bank.allegradsm.com/Scripts/client-bundle.min.js?v=2024.9.30.3(Line 13)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bank.allegradsm.com
fonts.googleapis.com
fonts.gstatic.com
142.250.184.234
142.250.74.195
216.58.206.42
65.60.63.98
082e675eb9e3a766a73e411d547f5b5d184b01f4b6424f71427d7c76c9285c7e
13045052213aa43914943687520ed60e0ebc29ab556eabf54edf1c4c1967dccd
21c725ff16dd02a18be20adcad9d41485136116c777828f8421efc63a6d1c93c
232d0e437b26cb529aae8a9be99a3205d0dd78c8eb7935842feac37f8029d7ea
239011ddd00345611806d77467c81dc5a4c90d15fec6f66357671b73920287dc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
344c7bdd1c5be8ac9d27c9260ff6d07263306880d3b6dd8698dca320ae192227
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4059dc11e73e02d4cb2dd7987b457813d685577b5e5ea4c383cc18e0bf569d02
419bc77d25db94bc5353b367a4b43b6f06c24d321505a9298863ea5dcd6b50fc
545328273eaf20f544d8c21a8daf2ddd85ab9f4864025edf4011c01fb0750bc5
5b886c15adc341828c2ab3ab02cce755cf701cc29d3f7bb9265267a67410a16d
82575378388604ca98a856ea7662c6e9039e2877702c0a9f727d038f29e4332d
82c6727a3cb03a7a8de1af18af1991aaa9df814293127f20e0edc30d2e021aca
9105bb936d82d2c9093123f18042365474742cf1deca08bc49160dbd5fc3076c
9c14b7832d530a9d996ee378de806c8bbf3233b63e1fc3fa1177d37127cf7f06
9d4b1eaee4c7478c3ee1e05291f39c74b37f638991d0b539c2b5f87013560b8e
ae595d043382c6a5c01357d1a291c6d92aa98168acab5effdce95ea3ed4204aa
b0a44b28dc799552b404d75b7cc7419acafa3bf708dbfbff8c8f9ec3eca3ae94
bdcb5de724135fc17212febcab5a5222e527ff64f4e8d62bf8990ed6223e1519
c59b87bb6050be0e56f3dc4ff51ae3ae7e460b9010d6bba4d257fff7351a0683
dda0bc6edcaac099de4d0de38390f101c6696eefbe316179338389f931a46023
e48d7387d6dec97c4a930bab2946b29e90607490ed97da1e91f391ff1f0440f1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e