urlscan.io logo urlscan.io
SecurityTrails logo

members.medfinbank.com Open in urlscan Pro
2a01:4f8:c17:36e6::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://members.medfinbank.com/
Effective URL: https://members.medfinbank.com/login
Submission: On December 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2a01:4f8:c17:36e6::1, located in Frankfurt am Main, Germany and belongs to HETZNER-AS, DE. The main domain is members.medfinbank.com.
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.
This is the only time members.medfinbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
8 medfinbank.com
members.medfinbank.com
355 KB
3 fbcdn.net
static.xx.fbcdn.net
8 KB
1 facebook.com
www.facebook.com Failed
25 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
18 4
Domain Requested by
8 members.medfinbank.com 1 redirects members.medfinbank.com
3 static.xx.fbcdn.net www.facebook.com
1 www.facebook.com connect.facebook.net
1 connect.facebook.net members.medfinbank.com
18 4

This site contains links to these domains. Also see Links.

Domain
find-and-update.company-information.service.gov.uk
Subject Issuer Validity Valid
members.medfinbank.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-19 -
2023-12-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://members.medfinbank.com/login
Frame ID: D1320502896684B7805C6149B1AEAD04
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey
Frame ID: 805DFBF95B080D22A9BA344BADC352DF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://members.medfinbank.com/ HTTP 302
    https://members.medfinbank.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

67 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

478 kB
Transfer

962 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://members.medfinbank.com/ HTTP 302
    https://members.medfinbank.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
members.medfinbank.com/
Redirect Chain
  • https://members.medfinbank.com/
  • https://members.medfinbank.com/login
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
c7f9271400d5e334e50f1b6d966c26cde022aefbc66c1452feab1e8cfc3b1b59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Dec 2023 00:48:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT 0
Keep-Alive
timeout=5, max=99
Pragma
no-cache no-cache
Server
Apache/2.4.58
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Dec 2023 00:48:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT 0
Keep-Alive
timeout=5, max=100
Location
login
Pragma
no-cache no-cache
Server
Apache/2.4.58
bootstrap.css
members.medfinbank.com/lib/css/ 		143 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/css/bootstrap.css
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
2868e616bd2692226b15849f73d85df02e94dadc17edac8f2ac74367d5bc34f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Sat, 15 Jul 2017 22:25:24 GMT
Server
Apache/2.4.58
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
146043
Expires
0
typeahead.css
members.medfinbank.com/lib/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/css/typeahead.css
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
6ea31fc5a1f3ef51b5fcca1b6ec2f37aa5daa01d53e45cbaddacb9bb6348b2d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Sat, 11 May 2019 09:39:44 GMT
Server
Apache/2.4.58
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2600
Expires
0
bootstrap-tagsinput.css
members.medfinbank.com/lib/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/css/bootstrap-tagsinput.css
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
84779ef2c9f87211c0ea5734f5781aaa61e108a10693ed646133119d9b9f364d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Wed, 01 May 2019 19:16:15 GMT
Server
Apache/2.4.58
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1404
Expires
0
jquery.min.js
members.medfinbank.com/lib/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/js/jquery.min.js
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
Apache/2.4.58
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86927
Expires
0
typeahead.js
members.medfinbank.com/lib/js/ 		96 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/js/typeahead.js
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
cdb9777116d5fd2456e93ebf30cfca59918951f6dbcd5ab21f08a76d619eb1ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Wed, 15 May 2019 23:04:11 GMT
Server
Apache/2.4.58
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
98633
Expires
0
bootstrap-tagsinput.js
members.medfinbank.com/lib/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.medfinbank.com/lib/js/bootstrap-tagsinput.js
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:36e6::1 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.58 /
Resource Hash
2ddf7ef76d03ff998eb46815f218c6778857e5f4539748b7923036203c2faea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Dec 2023 00:48:46 GMT
Last-Modified
Wed, 01 May 2019 18:30:23 GMT
Server
Apache/2.4.58
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22342
Expires
0
xfbml.customerchat.js
connect.facebook.net/en_GB/sdk/ 		311 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js
Requested by
Host: members.medfinbank.com
URL: https://members.medfinbank.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30bedf61a6e5cc0f1b324ab679f2d7c21aa08c2cf11a717e4914f6761d2350ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.medfinbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 00:48:46 GMT
content-md5
9HlX9K6rrRZYQ/cxfroj1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90616
reporting-endpoints
x-fb-debug
v6TnWXeP73EcnsgErIiu2lA31MgFuBj7EcFadwSXP0n/Pyob4FUP7AG3kOzcaqWqdxaye9/xs9mwUN3eVwVJ4g==
x-fb-content-md5
bf6ef48e5e6c2173f725929ad4ad7c22
cross-origin-opener-policy
same-origin-allow-popups
etag
"2fb8c6cc0588057c1137217fb3c66daa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 11 Dec 2023 01:04:34 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
/
www.facebook.com/plugins/customer_chat/facade/ 		0
0
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
customerchat.php
www.facebook.com/v9.0/plugins/ Frame 805D 		85 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7848514307e495067e97ce766aefd4a4d203095f6df4dfb4fd486383fcd36eb1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://members.medfinbank.com; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://members.medfinbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
frame-ancestors https://members.medfinbank.com; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 00:48:50 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
DhjxbDXjMskCZjdiHisXwxevv4t+xGMpSeEHc5MJWtF/euje8n7TTzNoHaJRAGV26MynApwuI7vKUrcP+c3+tg==
x-xss-protection
0
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 805D 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 00:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
XfS/kXqJRUGKEeeMTDvV3WwoDXy52zw92Dxh/Ll706Ae6Snir1fR1S0IWSnAbYDd5ZguIVQezFZ1V21hVoJ6fQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 02 Dec 2024 16:46:32 GMT
JS2LsxE-gw3.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 805D 		186 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 00:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Veg+9swSo/ybchlTfP+avA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93749
reporting-endpoints
x-fb-debug
raUoYsTd+SytosW5tnt3RPwdCclCFtyc/BsiX9MPSI7JaLo27wcB91TUsWWeDs47ZLZ3y2oD3ApRPz3ZXiO4Ow==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:11:40 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 805D 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 11 Dec 2023 00:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
buyJY8vSMBHdKiQsErDkAE7tS6dtST+TP/g+oDNx8q6Ged/BbnKqw9i7532wJaJ9uq9FYrKU++UbngdumK+T1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 21:30:00 GMT
YJcyY7izLGB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 805D 		0
0
bCV1wsGQA40.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 805D 		0
0
32dOIo_36RB.js
static.xx.fbcdn.net/rsrc.php/v3iKZI4/yy/l/en_GB/ Frame 805D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey&suppress_http_code=1
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/bCV1wsGQA40.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3iKZI4/yy/l/en_GB/32dOIo_36RB.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| SearchIndex function| Bloodhound function| fbAsyncInit object| FB

1 Cookies

Domain/Path Name / Value
members.medfinbank.com/ Name: PHPSESSID
Value: baab7767635caa4a876f162903c4e679

9 Console Messages

Source Level URL
Text
javascript error URL: https://members.medfinbank.com/login
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://members.medfinbank.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://members.medfinbank.com/login
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://members.medfinbank.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://medfinbank.com' that is not equal to the supplied origin.
network error URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5172714a2008%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&is_loaded_by_facade=true&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255726660&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://members.medfinbank.com/login
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey&suppress_http_code=1' from origin 'https://members.medfinbank.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b1ff64cd2cc8%26domain%3Dmembers.medfinbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmembers.medfinbank.com%252Ffdf7e570cfd83%26relation%3Dparent.parent&container_width=1600&current_url=https%3A%2F%2Fmembers.medfinbank.com%2Flogin&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=c012ebfd-9d69-4ca9-9d79-9896549bb4cb&page_id=102740934984193&request_time=1702255729882&sdk=joey&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.