urlscan.io logo urlscan.io
SecurityTrails logo

moneymedicine.com Open in urlscan Pro
160.153.0.161  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Effective URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Submission: On February 25 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 53 HTTP transactions. The main IP is 160.153.0.161, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is moneymedicine.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2023. Valid for: a year.
This is the only time moneymedicine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 160.153.0.161 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.173.187.41 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.220.126.199 14618 (AMAZON-AES)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 4 95.100.135.96 20940 (AKAMAI-ASN1)
2 151.101.1.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.233.49.229 14618 (AMAZON-AES)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 141.226.228.48 200478 (TABOOLA-AS)
53 18
25    160.153.0.161 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 161.0.153.160.host.secureserver.net
moneymedicine.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.173.187.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-41.muc50.r.cloudfront.net
cdn.poynt.net
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    44.220.126.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-126-199.compute-1.amazonaws.com
insurance.mediaalpha.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.myfinance.com
4    95.100.135.96 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-135-96.deploy.static.akamaitechnologies.com
img1.wsimg.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    18.233.49.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-49-229.compute-1.amazonaws.com
a.myfidevs.io
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.myfinance.com
2    2a02:26f0:3500:18::1724:a29c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
4    2a02:26f0:480:58c::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
25 moneymedicine.com
moneymedicine.com
180 KB
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12989
csp.secureserver.net — Cisco Umbrella Rank: 13184
566 B
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1133
trc.taboola.com — Cisco Umbrella Rank: 689
trc-events.taboola.com — Cisco Umbrella Rank: 2373
24 KB
4 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 9933
28 KB
4 myfinance.com
static.myfinance.com — Cisco Umbrella Rank: 19352
www.myfinance.com — Cisco Umbrella Rank: 22015
46 KB
2 myfidevs.io
a.myfidevs.io — Cisco Umbrella Rank: 17854
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2663
309 B
2 gstatic.com
fonts.gstatic.com
48 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6553
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
255 B
1 mediaalpha.com
insurance.mediaalpha.com — Cisco Umbrella Rank: 28027
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
93 KB
1 poynt.net
cdn.poynt.net — Cisco Umbrella Rank: 101288
67 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
53 14
Domain Requested by
25 moneymedicine.com 1 redirects moneymedicine.com
4 csp.secureserver.net img1.wsimg.com
4 img1.wsimg.com 2 redirects moneymedicine.com
2 trc-events.taboola.com img1.wsimg.com
2 events.api.secureserver.net img1.wsimg.com
2 www.myfinance.com img1.wsimg.com
2 a.myfidevs.io img1.wsimg.com
2 region1.analytics.google.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 static.myfinance.com moneymedicine.com
static.myfinance.com
1 trc.taboola.com cdn.taboola.com
1 www.google.de moneymedicine.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.taboola.com moneymedicine.com
1 insurance.mediaalpha.com moneymedicine.com
1 www.googletagmanager.com moneymedicine.com
1 cdn.poynt.net moneymedicine.com
1 fonts.googleapis.com moneymedicine.com
53 18

This site contains no links.

Subject Issuer Validity Valid
moneymedicine.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.poynt.net
Go Daddy Secure Certificate Authority - G2		 2023-10-12 -
2024-11-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
mediaalpha.com
Amazon RSA 2048 M01		 2023-06-11 -
2024-07-09		 a year crt.sh
myfinance.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.myfidevs.io
Amazon RSA 2048 M03		 2023-10-07 -
2024-11-04		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-10-10 -
2024-11-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Frame ID: 51983AE72D14FF1B728CF6A415D49524
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found -

Page URL History Show full URLs

  1. http://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php HTTP 308
    https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

94 %
HTTPS

59 %
IPv6

14
Domains

18
Subdomains

18
IPs

4
Countries

494 kB
Transfer

1764 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php HTTP 308
    https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Request Chain 28
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password.php
moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/
Redirect Chain
  • http://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
  • https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
156 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
17e88e9518306c4523e1785d9d1d6c31efd0a8f48ccfed122abb9a7bd62e561a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
MISS
cf-ray
85ae37bf0c8f6a76-TXL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 25 Feb 2024 07:26:04 GMT
expires
Wed, 27 Mar 2024 07:26:04 GMT
server
cloudflare
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
User-Agent, Accept-Encoding
x-backend
varnish_ssl
x-cache
uncached
x-cache-hit
MISS
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
8.0
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
MISS
CF-RAY
85ae37bd2e56450a-TXL
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Feb 2024 07:26:01 GMT
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
location
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
x-backend
varnish_ssl
stripe-settings.css
moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/ 		865 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/stripe-settings.css
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
070e914943207fab6d6e7db6a1efd0c2f60b47afcabd4bc29f6a87f9d9e63d6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"361-611e4238fb3fe;5fa1f45517caf
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb206a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
pay-in-person-method.css
moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/pay-in-person-method.css
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
b1920950c58aeab84f140afde0c070b6a61e7dd6c61b55e3da5cc7012483c143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"2114-611e4238fa846;5fa1f45517caf
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb236a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
bb-plugin.min.css
moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/ 		302 B
244 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
c21c920a0ef5cff515381a39efc26873405cad25390eac53a78b9603ef1e2e55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"12e-61135e545fb9d-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb286a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
main.min.css
moneymedicine.com/wp-content/themes/astra/assets/css/minified/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"a580-61135e5461add-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb2a6a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e33983a2f276af47bd08abacbbad019f19d163994fdb8bd9c6e4beb75bdf52c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 07:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 07:26:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 07:26:04 GMT
style.min.css
moneymedicine.com/wp-includes/css/dist/block-library/ 		108 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:46 GMT
x-php-version
8.0
server
cloudflare
etag
W/"1ae43-611e423831959;5fa1f45518867
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb2c6a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
woocommerce-layout-grid.min.css
moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
29906a351fdc908a391a36a49d2d4b60ef65caf765f6566860842021b505d47a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"3ee5-61135e5460f25-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb2d6a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
woocommerce-grid.min.css
moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 		115 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
d49ff547e1327af4fef8070cb06b3da107833ba4d68826acac89cc225ff920c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"1cb43-61135e5460f25-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb2e6a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
style.min.css
moneymedicine.com/wp-includes/css/dist/components/ 		82 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-includes/css/dist/components/style.min.css?ver=6.4.3
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2a9c9a064a89e6c9ade1e9f3a13d0a1762ae694631fd277ebbd3da1bf858f2cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:46 GMT
x-php-version
8.0
server
cloudflare
etag
W/"14974-611e423834452;5fa1f45518867
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb306a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
latest.css
moneymedicine.com/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"3256-611e4239cbfec;5fa1f45517caf
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb346a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
payment-form.css
moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/ 		825 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/css/payment-form.css
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
bdaeb64b21a7c95a84c49a72146305e45a21a24643cf1b7280513912c633438d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"339-611e4238fac2e;5fa1f45517caf
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cdeb376a76-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
jquery.min.js
moneymedicine.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:46 GMT
x-php-version
8.0
server
cloudflare
etag
W/"15601-611e423897a34;5fa1f45518867
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37ce1b816a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
jquery-migrate.min.js
moneymedicine.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:46 GMT
x-php-version
8.0
server
cloudflare
etag
W/"3509-611e423896a94;5fa1f45518867
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37ce1b856a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
jquery.blockUI.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"25a4-611d97f451441-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d1bd8a452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
add-to-cart.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"bf2-611d97f44f501-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d1bd8c452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
js.cookie.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"735-611d97f4552c2-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d1bd8d452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
woocommerce.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"85b-611d97f4504a1-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d1bd8f452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
collect.js
cdn.poynt.net/ 		328 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
r2CKNJkpz0FNOr6YMlgn_tDj7vhxs9zb
Content-Encoding
gzip
Via
1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
Date
Sun, 25 Feb 2024 03:07:47 GMT
X-Amz-Cf-Pop
MUC50-P4
Age
15713
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 20 Feb 2024 18:01:50 GMT
Server
AmazonS3
ETag
W/"e2da51fbf119e1d064b41740e1185dce"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
1zwehEGaKGmEjNdsAUXcATexEGISm1FkwHdsSitgfp51JzrNoOl8Ew==
poynt.js
moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/js/payments/frontend/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/mu-plugins/vendor/godaddy/mwc-core/assets/js/payments/frontend/poynt.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
ed65fe5dc608751fa4fa5c0f75526bbabf07d8d83bf0c962d8018f885b4e6a4b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"295c-611e4238fe2df;5fa1f45517caf
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37ce1b886a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
js
www.googletagmanager.com/gtag/ 		279 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJMEEMCGK7
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c501707f41d77bdd6c39bdbeac0634dede1ddefd5db97cd07d21ee64f75f84f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94881
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Feb 2024 07:26:05 GMT
serve.js
insurance.mediaalpha.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.mediaalpha.com/js/serve.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.220.126.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-126-199.compute-1.amazonaws.com
Software
Apache /
Resource Hash
23804f39c77b8faa418faa295e79947f285b925f968a562176d575634088b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-encoding
gzip
server
Apache
content-length
5535
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
myFinance.js
static.myfinance.com/widget/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.myfinance.com/widget/myFinance.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822b6815d22df64831c6468797ddd8de56fe95adf05aad3df816d126a92b00dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FM4W7JBEFEJES8AC
age
1880
x-amz-server-side-encryption
AES256
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9sPrE2JP7gX2RGlA6wc/dsztV3xNYoF6Iw1PBwKSx+G5Nl5V0EX1fuXq+zNOKn9XNNmwF+Lheas=
last-modified
Thu, 25 Jan 2024 14:50:01 GMT
server
cloudflare
etag
W/"efef41c0ffa5f75bf61529579d8f1f9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuO1sQNwdUiwcBxVopCchHIejK3zyl6jXNVKXafrNS3vL94R%2F1HtItLrKN%2BdsAVsaSUGeqEoDNdUHB%2BzBYdY87wFegAcgJUO1JJYtdeFZMird8JZLrLhNLZniRlNzrEi1tXTItebC5wXGApb9vXdu49qhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
85ae37ce99e16684-AMS
cropped-cropped-MoneyMed-Logo-1.png
moneymedicine.com/wp-content/uploads/2023/04/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymedicine.com/wp-content/uploads/2023/04/cropped-cropped-MoneyMed-Logo-1.png
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
703f39c7da5caee2235ce6161576e73450b28777e0940aae50226187c79b08ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
32128
x-xss-protection
1; mode=block
last-modified
Tue, 25 Apr 2023 01:48:06 GMT
x-php-version
8.0
server
cloudflare
etag
"7d80-5fa1f5096d6b5"
vary
Accept-Encoding
content-type
image/png
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
85ae37ce1b8b6a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
woocommerce-smallscreen-grid.min.css
moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2cef1c0962160f3be4c3207528d2993a37be6b7916119defe7ba7ea255c81b2c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"1775-61135e546130d-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d1bd90452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
frontend.min.js
moneymedicine.com/wp-content/themes/astra/assets/js/minified/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.5
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2024 21:23:57 GMT
x-php-version
8.0
server
cloudflare
etag
W/"548e-61135e5464da5-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37ce1b926a76-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
sourcebuster.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"38a4-611d97f458972-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cfa9a6452e-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
order-attribution.min.js
moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.6.1
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
9d8a587ab4a60001f720cb0833192cccd56e583a8df7774c292acb907d6078fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:04 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 00:35:01 GMT
x-php-version
8.0
server
cloudflare
etag
W/"5e5-611d97f44fcd1-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37cfb9d5452e-TXL
expires
Wed, 27 Mar 2024 07:26:04 GMT
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Server
95.100.135.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d584848920c289ce75b399a2571ed2f5d448450e9dd8aa5fd97cf8dc78004b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
Gngy4ABip2qyLWyXt4FHi0euLEijwJlw
content-encoding
gzip
date
Sun, 25 Feb 2024 07:26:05 GMT
x-amz-request-id
MFPND6ADZDPNDF2Y
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.2
content-length
20465
x-amz-id-2
KUUvmI7ZoERj3k3279C6RYXV4SRytEk1u5Gro1Rh/bUNzcnoD5uXSCXkn5GPE56Fae5usUA6azNxASG/uz9cpg==
last-modified
Fri, 23 Feb 2024 12:23:26 GMT
etag
"91f52bb57968acd90acc185637377c47"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Feb 2024 07:56:05 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin
*
date
Sun, 25 Feb 2024 07:26:05 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Mon, 24 Feb 2025 07:26:05 GMT
tti.min.js
img1.wsimg.com/signals/js/clients/tti/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Server
95.100.135.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
7jzjltvngWPxR10aGBgezMSyuI8q8r0u
content-encoding
gzip
date
Sun, 25 Feb 2024 07:26:05 GMT
x-amz-request-id
NP1R7NHXFPX6FDTP
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.1
content-length
7570
x-amz-id-2
0EoMXZ56lXh4fIzyqCOTHINTNKalK4+vioFsmK0NkhKIlBwi+z4Xnngo2Ma0pooJFH85yDnq+o0=
last-modified
Wed, 18 Oct 2023 13:46:08 GMT
etag
"1c56940a864f144fae2eb40ee952cb94"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Feb 2024 07:56:05 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
access-control-allow-origin
*
date
Sun, 25 Feb 2024 07:26:05 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Mon, 24 Feb 2025 07:26:05 GMT
e2a1a6ce-bc19-474f-a815-8614dfb0a34e
https://moneymedicine.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://moneymedicine.com/e2a1a6ce-bc19-474f-a815-8614dfb0a34e
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
tfa.js
cdn.taboola.com/libtrc/unip/1611872/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1611872/tfa.js
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a623100ff2f7f3d108840001a5f31d2f47ded2e0b4560567d43d0f1baf0f494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
q6PkJ87L4Xt3e8g1jzYldk6zfzWkugjF
content-encoding
gzip
via
1.1 varnish
date
Sun, 25 Feb 2024 07:26:05 GMT
x-amz-request-id
M1GE67JTAWXR5KTH
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
21565
x-amz-id-2
Z45Mu1TJIWqIuKkWPyCPnChqYGKAwRdu0RPi6rh8VS01iCC3auTlrLYjyIWgFcbY8PF+JjrrBOA=
x-served-by
cache-fra-etou8220022-FRA
last-modified
Sun, 18 Feb 2024 11:06:31 GMT
server
AmazonS3
x-timer
S1708845965.170374,VS0,VE438
etag
"d994d5afb5d9c7c1336ceaff4dfb6adc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v31/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.6.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moneymedicine.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:34:52 GMT
x-content-type-options
nosniff
age
345073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13184
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:40:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:34:52 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.6.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moneymedicine.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:57:54 GMT
x-content-type-options
nosniff
age
343691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:57:54 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VJMEEMCGK7&gtm=45je42l0v9118843589za220&_p=1708845965060&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=893013223.1708845965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708845965&sct=1&seg=0&dl=https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php&dt=Page%20not%20found%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJMEEMCGK7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 07:26:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moneymedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJMEEMCGK7&cid=893013223.1708845965&gtm=45je42l0v9118843589za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJMEEMCGK7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 07:26:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moneymedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJMEEMCGK7&cid=893013223.1708845965&gtm=45je42l0v9118843589za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2007966352
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 07:26:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
record
a.myfidevs.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.myfidevs.io/record
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.49.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-49-229.compute-1.amazonaws.com
Software
Python/3.7 aiohttp/3.8.5 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://moneymedicine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
POST
access-control-allow-origin
*
date
Sun, 25 Feb 2024 07:26:05 GMT
server
Python/3.7 aiohttp/3.8.5
v1.5
www.myfinance.com/api/au/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly9tb25leW1lZGljaW5lLmNvbS9DaXRpemVuc2Jhbmsvd3d3LmNpdGl6ZW5zYmFuay5jb20vZGFya3gvbXMvcGFzc3dvcmQucGhw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://moneymedicine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with, content-type, accept, origin, ext-referrer, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://moneymedicine.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85ae37d55b77697e-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 25 Feb 2024 07:26:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05r7edofSdzBmjEgj7%2B3v0R5m4jPMsHiTFDZfkP5EJ5ZFDZ%2BU1MY7b6vJWlQrCSNdVt%2Bv%2FGmeIEeZXhPHjPHmsaqvMMiZ1BcdsHk73QrgVpNe2cRjgDOlAfNmutWav9jSMBGLaYBGfdacKVuPKbFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
vary
Origin
x-content-type-options
nosniff
wp-emoji-release.min.js
moneymedicine.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymedicine.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: moneymedicine.com
URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 13:16:46 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4904-611e4238a3d85;5fa1f45518867
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
85ae37d48a81452e-TXL
expires
Wed, 27 Mar 2024 07:26:05 GMT
myFinance.css
static.myfinance.com/widget/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.myfinance.com/widget/myFinance.css
Requested by
Host: static.myfinance.com
URL: https://static.myfinance.com/widget/myFinance.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6404e274ff13b6dcfe61fe38acc5513af23d38d919c98bc208850c3145fa7527
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:26:05 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
16XR9H6AV0YZN7PX
age
3439
x-amz-server-side-encryption
AES256
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FM9KnmjxSrKo1ZMhjBlFxek7JoROGKBOP7q4xoFn7pDmf5kTCNIscJ/YutXs4VaNMclfdPb+oEo5FVqnULN2fQ==
last-modified
Mon, 12 Feb 2024 13:39:59 GMT
server
cloudflare
etag
W/"346a8e1f0e96ac915309bcc80ab63dff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vEwulf93Ytk5UXvChHoZF8KCmdHDnohKQBFQJb4mVbN%2BeE0bGHsMGZhzWg6hoVxRizSUJo3ayCXHvn9fSe1fJtRPJFXSpgIrQyzkHadzjUctdaXy5FXF2%2BZQmoIqpayVDSQgT1YVbj39ynwucwObtJI4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85ae37d4996b6684-AMS
record
a.myfidevs.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.myfidevs.io/record
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.49.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-49-229.compute-1.amazonaws.com
Software
Python/3.7 aiohttp/3.8.5 /
Resource Hash

Request headers

Accept
application/json
Referer
https://moneymedicine.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
x-api-key
yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 25 Feb 2024 07:26:06 GMT
access-control-allow-credentials
true
server
Python/3.7 aiohttp/3.8.5
access-control-allow-headers
*
access-control-allow-methods
POST
v1.5
www.myfinance.com/api/au/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly9tb25leW1lZGljaW5lLmNvbS9DaXRpemVuc2Jhbmsvd3d3LmNpdGl6ZW5zYmFuay5jb20vZGFya3gvbXMvcGFzc3dvcmQucGhw
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7bfcccb7e02468e27bee512e11034c858d180c8cc30acb4b398899d490bbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://moneymedicine.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 25 Feb 2024 07:26:07 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Language, Origin, Cookie, Accept-Encoding
content-language
en-us
allow
POST, GET
access-control-allow-origin
https://moneymedicine.com
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5kuMOpfKmDNvcqiNpkNg3B44UxNUCQyn6JJdiSPvIyCWZOnwiZmPaVaY8aY9KOdLqntJj8QzqrkbikVS2WTg5zzON%2BkhY9Io1qk8IVN4oXNjngyUkYO15Po19blL2AvffX8AA3rk2PbCSFfOXMNDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
85ae37d7dd5e697e-CDG
expires
Sun, 25 Feb 2024 07:26:07 GMT
json
trc.taboola.com/1611872/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1611872/trc/3/json?tim=1708845965641&data=%7B%22id%22%3A564%2C%22ii%22%3A%22%2Fcitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1708845965638%2C%22cv%22%3A%2220240216-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-robmedia805com%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1708845965641%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1611872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd88e986e537bf6486d1929e4e3774ce226a23a578327bff44a4acd06b76925a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-vcl-time-ms
26
date
Sun, 25 Feb 2024 07:26:05 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.2678125
x-fastly-to-nlb-rtt
7396
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220022-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1708845966.668333,VS0,VE26
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
event
events.api.secureserver.net/t/1/tl/ 		43 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=moneymedicine.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F81.0.4044.138%20Safari%2F537.36&client_name=scc-c2&cv=0.2.2&vg=f8c224b0-01de-4977-8a26-862e550e55d4&vtg=f8c224b0-01de-4977-8a26-862e550e55d4&dp=%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php&trace_id=0e669cc1679d48e682b7a8ecf1a54809&cts=2024-02-25T07%3A26%3A05.514Z&hit_id=d8b20ff9-8488-443b-a43d-488457aa756d&ht=pageview&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22859489d1-69da-e893-23bd-16aa56a2b989.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data11%22%2C%22xid%22%3A%2245077114%22%2C%22wp%22%3A%226.4.3%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22astra%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22370%22%2C%22wp_alloptions_bytes%22%3A%22100189%22%7D&ap=wpaas&vci=823993830&z=1072304473
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 25 Feb 2024 07:26:05 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://moneymedicine.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=moneymedicine.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F81.0.4044.138%20Safari%2F537.36&client_name=scc-c2&cv=0.2.2&vg=f8c224b0-01de-4977-8a26-862e550e55d4&vtg=f8c224b0-01de-4977-8a26-862e550e55d4&dp=%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php&trace_id=0e669cc1679d48e682b7a8ecf1a54809&cts=2024-02-25T07%3A26%3A05.764Z&hit_id=daaa47e2-50ae-4bfa-89c4-0f1501f467b2&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22859489d1-69da-e893-23bd-16aa56a2b989.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data11%22%2C%22xid%22%3A%2245077114%22%2C%22wp%22%3A%226.4.3%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22astra%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22370%22%2C%22wp_alloptions_bytes%22%3A%22100189%22%7D&ap=wpaas&vci=823993830&z=1425875269&tce=1708845962074&tcs=1708845962005&tdc=1708845965760&tdclee=1708845965521&tdcles=1708845965517&tdi=1708845965517&tdl=1708845964452&tdle=1708845962005&tdls=1708845962005&tfs=1708845962004&tns=1708845961561&trqs=1708845962075&tre=1708845964452&trps=1708845964449&tles=1708845965761&tlee=0&nt=navigate&LCP=3628&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 25 Feb 2024 07:26:05 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://moneymedicine.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:58c::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://moneymedicine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 25 Feb 2024 07:26:06 GMT
Expires
Sun, 25 Feb 2024 07:26:06 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
Trm-RHMloAMEBVA=
x-amzn-requestid
8e951a37-affa-40fa-8c8a-97220b3b5c74
x-amzn-trace-id
Root=1-65daeb8e-0cdd36d216a8280f495b4640
x-envoy-upstream-service-time
81
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:58c::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://moneymedicine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 25 Feb 2024 07:26:06 GMT
Expires
Sun, 25 Feb 2024 07:26:06 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
Trm-RFdToAMESWQ=
x-amzn-requestid
3abb9c7f-db1c-416a-a0d4-a028df3236c0
x-amzn-trace-id
Root=1-65daeb8e-190f65a87887167d7fc9af7b
x-envoy-upstream-service-time
80
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:58c::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Referer
https://moneymedicine.com/
accept-language
de-DE,de;q=0.9
Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 07:26:06 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-65daeb8e-745472881e686a3c31eccc7e
x-amzn-requestid
257d484b-b18c-4ad6-b669-42cc414448dc
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
173
Connection
keep-alive
x-amz-apigw-id
Trm-SFBwoAMEIUQ=
Content-Length
0
Expires
Sun, 25 Feb 2024 07:26:06 GMT
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:58c::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Referer
https://moneymedicine.com/
accept-language
de-DE,de;q=0.9
Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 07:26:06 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-65daeb8e-0dede4bf30222e9d239fa3fc
x-amzn-requestid
f783e2a6-7c37-4502-8df7-3bac07ed9908
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
173
Connection
keep-alive
x-amz-apigw-id
Trm-SGOfIAMEt8Q=
Content-Length
0
Expires
Sun, 25 Feb 2024 07:26:06 GMT
unip
trc-events.taboola.com/1611872/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1611872/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1708845965640&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1708845967191&vi=1708845965638&ri=17e747984671eec6666dd63b0a0a2c80&ref=null&cv=20240216-2-RELEASE&item-url=https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin
https://moneymedicine.com
pragma
no-cache
date
Sun, 25 Feb 2024 07:26:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1611872/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1611872/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=0&ssd=1&est=1708845965640&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1708845970193&vi=1708845965638&ri=17e747984671eec6666dd63b0a0a2c80&ref=null&cv=20240216-2-RELEASE&item-url=https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin
https://moneymedicine.com
pragma
no-cache
date
Sun, 25 Feb 2024 07:26:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VJMEEMCGK7&gtm=45je42l0v9118843589za220&_p=1708845965060&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=893013223.1708845965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708845965&sct=1&seg=0&dl=https%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php&dt=Page%20not%20found%20-&en=scroll&epn.percent_scrolled=90&_et=3&tfd=8781
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJMEEMCGK7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moneymedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 07:26:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moneymedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| wc_add_to_cart_params object| woocommerce_params function| TokenizeJs object| poyntPaymentFormI18n function| gtag object| dataLayer undefined| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__lead function| MediaAlphaExchange__loadIVRPool function| MediaAlphaExchange__loadNumPool function| MediaAlphaExchange__load undefined| targetID undefined| targetElt object| mf function| iFrameResize string| MYFI_SCRIPT_FOLDER function| initializeMyFinance function| requestMyFinanceAds function| updateMyFinanceAds object| _tfa object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| sbjs object| wc_order_attribution object| _trfd object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| tti function| Cookies boolean| mfInitialized object| MF_DEBUG_URL object| MF_DEBUG_DOMAIN object| mfEmbed string| _mfuuid_ boolean| _mfuuid_created_ function| MWCPaymentsPoyntPaymentFormHandler object| mwc_payments_poynt_payment_form_handler function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| twemoji object| wp number| link number| len object| _trfq

13 Cookies

Domain/Path Name / Value
.moneymedicine.com/ Name: sbjs_migrations
Value: 1418474375998%3D1
.moneymedicine.com/ Name: sbjs_current_add
Value: fd%3D2024-02-25%2007%3A26%3A05%7C%7C%7Cep%3Dhttps%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php%7C%7C%7Crf%3D%28none%29
.moneymedicine.com/ Name: sbjs_first_add
Value: fd%3D2024-02-25%2007%3A26%3A05%7C%7C%7Cep%3Dhttps%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php%7C%7C%7Crf%3D%28none%29
.moneymedicine.com/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.moneymedicine.com/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.moneymedicine.com/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F81.0.4044.138%20Safari%2F537.36
.moneymedicine.com/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fmoneymedicine.com%2FCitizensbank%2Fwww.citizensbank.com%2Fdarkx%2Fms%2Fpassword.php
.moneymedicine.com/ Name: _ga
Value: GA1.1.893013223.1708845965
.moneymedicine.com/ Name: _ga_VJMEEMCGK7
Value: GS1.1.1708845965.1.0.1708845965.60.0.0
.moneymedicine.com/ Name: _tccl_visitor
Value: f8c224b0-01de-4977-8a26-862e550e55d4
.moneymedicine.com/ Name: _tccl_visit
Value: f8c224b0-01de-4977-8a26-862e550e55d4
.moneymedicine.com/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-02-25T07:26:05.513Z
moneymedicine.com/ Name: _mfuuid_
Value: d33b000a-9755-4aa2-ab5a-aebda2c29b7b

1 Console Messages

Source Level URL
Text
network error URL: https://moneymedicine.com/Citizensbank/www.citizensbank.com/darkx/ms/password.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.myfidevs.io
cdn.poynt.net
cdn.taboola.com
csp.secureserver.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
insurance.mediaalpha.com
moneymedicine.com
region1.analytics.google.com
static.myfinance.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.google.de
www.googletagmanager.com
www.myfinance.com
141.226.228.48
151.101.1.44
160.153.0.161
18.173.187.41
18.233.49.229
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9b
2a02:26f0:3500:18::1724:a29c
2a02:26f0:480:58c::228b
2a06:98c1:3120::3
2a06:98c1:3121::3
44.220.126.199
95.100.135.96
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
070e914943207fab6d6e7db6a1efd0c2f60b47afcabd4bc29f6a87f9d9e63d6b
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
17e88e9518306c4523e1785d9d1d6c31efd0a8f48ccfed122abb9a7bd62e561a
1d584848920c289ce75b399a2571ed2f5d448450e9dd8aa5fd97cf8dc78004b5
23804f39c77b8faa418faa295e79947f285b925f968a562176d575634088b0d4
29906a351fdc908a391a36a49d2d4b60ef65caf765f6566860842021b505d47a
2a9c9a064a89e6c9ade1e9f3a13d0a1762ae694631fd277ebbd3da1bf858f2cf
2cef1c0962160f3be4c3207528d2993a37be6b7916119defe7ba7ea255c81b2c
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4f0a4e5ff7378b48f06c23a8ff4e52633c828fee56f2495085eeea5c1a7f8aba
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
6404e274ff13b6dcfe61fe38acc5513af23d38d919c98bc208850c3145fa7527
6a623100ff2f7f3d108840001a5f31d2f47ded2e0b4560567d43d0f1baf0f494
703f39c7da5caee2235ce6161576e73450b28777e0940aae50226187c79b08ff
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15
822b6815d22df64831c6468797ddd8de56fe95adf05aad3df816d126a92b00dc
881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
9d8a587ab4a60001f720cb0833192cccd56e583a8df7774c292acb907d6078fb
9e7bfcccb7e02468e27bee512e11034c858d180c8cc30acb4b398899d490bbd3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1920950c58aeab84f140afde0c070b6a61e7dd6c61b55e3da5cc7012483c143
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a
bdaeb64b21a7c95a84c49a72146305e45a21a24643cf1b7280513912c633438d
c21c920a0ef5cff515381a39efc26873405cad25390eac53a78b9603ef1e2e55
c501707f41d77bdd6c39bdbeac0634dede1ddefd5db97cd07d21ee64f75f84f1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd88e986e537bf6486d1929e4e3774ce226a23a578327bff44a4acd06b76925a
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d49ff547e1327af4fef8070cb06b3da107833ba4d68826acac89cc225ff920c7
e33983a2f276af47bd08abacbbad019f19d163994fdb8bd9c6e4beb75bdf52c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed65fe5dc608751fa4fa5c0f75526bbabf07d8d83bf0c962d8018f885b4e6a4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629