firstmerchants.com

HTML metadata

Title: Helping You Prosper | First Merchants Bank
Description: Benefit from the top-notch, high quality banking and financial services to suit your personal and professional needs. Only with First Merchants Bank.
Language: en
Generator: Sitefinity 15.3.8521.0 DX
Canonical: https://www.firstmerchants.com

Open Graph

url: https://www.firstmerchants.com
title: Helping You Prosper
site name: Default
description: Benefit from the top-notch, high quality banking and financial services to suit your personal and professional needs. Only with First Merchants Bank.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Fonts

Font Awesome
Google Fonts

Social widgets

YouTube Embed

Third-party hosts loaded (10)

fonts.googleapis.com×3
cdn.jsdelivr.net×2
cdn.insight.sitefinity.com×1
cds-sdkcfg.onlineaccess1.com×1
fonts.gstatic.com×1
maps.googleapis.com×1
s7.addthis.com×1
use.fontawesome.com×1
www.googletagmanager.com×1
www.youtube.com×1

Social

Contact

Phone

1.800.205.3464

Address

st Merchants Bank Routing Number: 07490

Registration

Registrar

DNC Holdings, Inc.

Created

1996-04-04

Expires

2027-04-05 320 days left

Updated

2026-02-19

Name servers

elle.ns.cloudflare.com
ray.ns.cloudflare.com

DNS records live

NS

elle.ns.cloudflare.com
ray.ns.cloudflare.com

MX

15 us-smtp-inbound-1.mimecast.com
15 us-smtp-inbound-2.mimecast.com

TXT

Show 13 TXT records

_gz7tuda11ckzht8l22c6fj5s0c1p5by
atlassian-domain-verification=HSMqWeSQt8ilBzak93fVqcrZ9aTL4hHTSd65u8hj77npZK7Y2GwkxxwAcW7fi8Bo
docusign=07bc0c72-3647-413f-b42a-f998e15c628c
docusign=32f5a1b9-4f79-451d-bce4-247f4f7fd1ad
google-site-verification=BpynH8_slY6vGt2s98jiIqmQoEEe7P6zAE5H0-3ojKc
google-site-verification=gBitMGN6jR41iTWv2P2zU4HizYSz2GXfajphzXIAR9Y
google-site-verification=mqIZYUFZPQY24yic1K9v8Suay8IA_Bf3fA0T8HASs4U
identrust_validate=Z7YioUtNd7y+Ze7elwu3sMa1ltwzEgQjw3OiwUIq7UyB
intersight=a8f0c9857b5e7812ee40e89d493e3e9277417ddb6759ddedb59e1b894ac94416
MS=ms51008807
PBVxPcintxOLcjLvRg+o7jpXfWVWeKjn8+uoJ9PcjoT3NLfPBzrstS/YeCJG1NTDFfmLhu9RWAQk//So/4E35Q==
SFMC-f4FmnT-EKzsDxgVQz-DtSgnPhJXULdCJ0OUQgYok
Target: 0ed1fe018a4e4c91a727df489aac6d9951e2ab1c33

Email authentication strong

SPF: v=spf1 redirect=a53en3kk._spf._d.mim.ec
no all qualifier
DMARC: v=DMARC1; p=reject; rua=mailto:1cdbfba38ce2653@rep.dmarcanalyzer.com; ruf=mailto:1cdbfba38ce2653@for.dmarcanalyzer.com; pct=100; sp=none; fo=1;
policy: reject (enforced) · sp=none
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-15 to 2026-07-15

Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.firstmerchants.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://bat.bing.com https://www.googleadservices.com https://bat.bing.com/bat.js https://heyzine.com *.bttrack.com bttrack.com; script-src *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net unpkg.com/@frontify/ *.cloudinary.com https://cds-sdkcfg.onlineaccess1.com/common.js https://www.googletagmanager.com/ https://s7.addthis.com/js/300/addthis_widget.js https://cdn.jsdelivr.net/ https://bat.bing.com/ https://i.simpli.fi/ https://up.pixel.ad/assets/up.js https://siteimproveanalytics.com/js/ https://cdn.levelaccess.net/accessjs/ https://static.srcspot.com/libs/perl.js https://*.g.doubleclick.net/ https://*.hotjar.com/ https://*.cloudflareinsights
strict-transport-security: max-age=31536000; includeSubDomains