www.shipmoney.com Open in urlscan Pro
205.220.248.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shipmoney.com/
Effective URL:
https://www.shipmoney.com/CARD/
Submission: On March 04 via manual (March 4th 2023, 2:58:00 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 205.220.248.12, located in United States and belongs to GTPL-AS-01, US. The main domain is www.shipmoney.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 19th 2022. Valid for: a year.

This is the only time www.shipmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 23	205.220.248.12 205.220.248.12		19983 (GTPL-AS-01) (GTPL-AS-01)
22	1

23 205.220.248.12 (United States) 1 redirects

ASN19983 (GTPL-AS-01, US)
PTR: 205-220-248-12.gtplimited.com

shipmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shipmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	shipmoney.com 1 redirects shipmoney.com www.shipmoney.com	826 KB
22	1

	Domain	Requested by
21	www.shipmoney.com	www.shipmoney.com
2	shipmoney.com	1 redirects
22	2

This site contains links to these domains. Also see Links.

Domain
www.shipmoneycorporate.com
customersupport.shipmoney.com

Subject Issuer	Validity	Valid
www.shipmoney.com Go Daddy Secure Certificate Authority - G2	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.shipmoney.com/CARD/
Frame ID: 731DE745E9F4F0681FA87415A0F1F490
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ShipMoney | Prepaid Online

Page URL History Show full URLs

http://shipmoney.com/ HTTP 301
https://shipmoney.com/ Page URL
https://www.shipmoney.com/CARD/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

826 kB
Transfer

1262 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.shipmoneycorporate.com/
Title: www.ShipMoneyCorporate.com

Search URL Search Domain Scan URL

URL: https://customersupport.shipmoney.com/support.cfm
Title: Online Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shipmoney.com/ HTTP 301
https://shipmoney.com/ Page URL
https://www.shipmoney.com/CARD/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://shipmoney.com/ HTTP 301
https://shipmoney.com/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
shipmoney.com/
Redirect Chain

http://shipmoney.com/
https://shipmoney.com/

132 B
570 B

656ms
161ms

Document
text/html

205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://shipmoney.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

86425990106b34cf18a1d42607e6f5a59409bb988c958a00fe6dae7d64b0bb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 223
Content-Type: text/html
Date: Sat, 04 Mar 2023 14:57:53 GMT
ETag: "56969f16215d51:0"
Last-Modified: Tue, 28 May 2019 14:31:15 GMT
Server
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Content-Length: 145
Content-Type: text/html; charset=UTF-8
Date: Sat, 04 Mar 2023 14:57:53 GMT
Location: https://shipmoney.com/
Server
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK Primary Request / Show response
www.shipmoney.com/CARD/ 7 KB
3 KB 646ms
160ms Document
text/html 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

27db6154539552d0b0f7bb05b945738d52b7a6a2a630c92b5d550bffa8e3276e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shipmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private
Content-Encoding: gzip
Content-Length: 2185
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Mar 2023 14:57:54 GMT
Server
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.shipmoney.com/CARD/css/ 14 KB
6 KB 167ms
167ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/style.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

1e9d85053edf8a8eadd62654074d7ddd30e98933ec207fa653b8569998a3c8c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 4858
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK jquery-ui.min.css
www.shipmoney.com/CARD/css/ 31 KB
10 KB 330ms
162ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/jquery-ui.min.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 9844
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK jquery.modal.css
www.shipmoney.com/CARD/css/ 1 KB
1 KB 480ms
163ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/jquery.modal.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

1577d528fbd76642db3161a286e3a58efa1f1863a9cff892148284191a812cc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 571
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK bootstrap-formhelpers.css
www.shipmoney.com/CARD/css/ 8 KB
3 KB 484ms
167ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/bootstrap-formhelpers.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

4abfc9f6ac5e07353486e333cac447a73d8e803f25e806c2b2c39cd1c91730ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 1891
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK bootstrap-formhelpers-countries.flags.css
www.shipmoney.com/CARD/css/ 27 KB
4 KB 482ms
166ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/bootstrap-formhelpers-countries.flags.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

cfeb58231bf9bebeef7aa88124ce5ff3f68643270759d851acd7c060cd142649

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 3516
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK float-labels.css
www.shipmoney.com/CARD/css/ 4 KB
2 KB 487ms
169ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/css/float-labels.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

4ab3993327ed0619a69c77459b8c9caf8efb71032fe7848b79fee80945f25e76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 1515
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK client_id.png
www.shipmoney.com/CARD/images/ 26 KB
26 KB 318ms
317ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/images/client_id.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

143dd25bb2cfd36af1ef6f5ecd45ad3949c8b678c23365849df7567cd7207687

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:55 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 26264
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plugins-login-20230302-102857.js Show response
www.shipmoney.com/CARD/js/plugins/ 443 KB
170 KB 636ms
485ms Script
application/javascript 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/js/plugins/plugins-login-20230302-102857.js

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

20ab2b15b202d2fa02436977e97ea149e2cfad619bb9e421b331935d62b34659

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK core-login-20230302-102857.js Show response
www.shipmoney.com/CARD/js/ 67 KB
24 KB 165ms
164ms Script
application/javascript 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/js/core-login-20230302-102857.js

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

3e4302d91ad5d0bf6fba3568d35a08b5955fe9352fd0d4ed8b8a5a87be6986c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:54 GMT
Content-Length: 23602
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK bootstrap-formhelpers-countries.flags.png
www.shipmoney.com/CARD/img/ 56 KB
57 KB 319ms
319ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/img/bootstrap-formhelpers-countries.flags.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/css/bootstrap-formhelpers-countries.flags.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

ad74d091c61d79f1e68a382fcc2db11cd8e8c0cb130db1cbdda15d8539e25a77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/css/bootstrap-formhelpers-countries.flags.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:55 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 57715
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_user.png
www.shipmoney.com/CARD/images/ 1 KB
2 KB 161ms
161ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/images/icon_user.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

997f4e00d20dc77e65aa6bfb2398af8545d9c6523952dd7d826f5649c393ba51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:55 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 1102
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_password.png
www.shipmoney.com/CARD/images/ 1 KB
2 KB 162ms
161ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/images/icon_password.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

967c51245e0900e2af6c668fea21813eaefbde26866e56f5adafaaec9ded61cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:55 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 1163
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bank.css
www.shipmoney.com/CARD/banks/CARD/css/ 30 KB
9 KB 164ms
164ms Stylesheet
text/css 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/banks/CARD/css/bank.css

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/js/plugins/plugins-login-20230302-102857.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

87899d4974b2f87588c7503af9374a8ef8a91003baa315ebb317cd942e2532a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:56 GMT
Content-Length: 8866
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: text/css
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK Bank.Locale.en-us.js Show response
www.shipmoney.com/CARD/banks/default/locale/ 49 KB
18 KB 165ms
164ms XHR
application/javascript 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/banks/default/locale/Bank.Locale.en-us.js?_=1677941876673

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/js/plugins/plugins-login-20230302-102857.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

cda51bc63d456137a21bb3dd236c61ee2e650597ff5824fa56f7fbd011a4ee67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.shipmoney.com/CARD/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:56 GMT
Content-Length: 17812
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK login_bg.jpg
www.shipmoney.com/CARD/banks/CARD/images/ 411 KB
412 KB 166ms
165ms Image
image/jpeg 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/banks/CARD/images/login_bg.jpg

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

a2d284001a0b1aec513a7fe8878ecfe01c370e0add13cab1e875e91eed6482a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:56 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 421362
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
www.shipmoney.com/CARD/banks/CARD/images/ 6 KB
6 KB 163ms
162ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/banks/CARD/images/logo.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

2df070b83a96cfd1adb0575cec3f017fe37a7749d18daf17ec4e6b4ff1b4a616

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:56 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 5659
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dinnextltpro-regular.woff2
www.shipmoney.com/CARD/banks/CARD/fonts/ 40 KB
41 KB 317ms
316ms Font
application/font-woff2 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/banks/CARD/fonts/dinnextltpro-regular.woff2

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

ce71c9d69cbdd537fb2f73b5b8922f2ef5c7394f93a7d174652f0e273f56f860

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css
Origin: https://www.shipmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:56 GMT
Content-Length: 41420
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 02 Mar 2023 15:23:20 GMT
Server
ETag: "02485eb1a4dd91:0"
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://www.shipmoney.com
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK card.png
www.shipmoney.com/CARD/banks/CARD/images/ 15 KB
16 KB 319ms
319ms Image
image/png 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shipmoney.com/CARD/banks/CARD/images/card.png

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

67e42bcc80c34c55d61bcc9ac3036151146e71a02ea85f55dddf0fa741cb16ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shipmoney.com/CARD/banks/CARD/css/bank.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Date: Sat, 04 Mar 2023 14:57:56 GMT
Server
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET
Content-Type: image/png
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint
Content-Length: 15147
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Bank.Locale.en-us.js Show response
www.shipmoney.com/CARD/banks/CARD/locale/ 11 KB
6 KB 163ms
162ms XHR
application/javascript 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/banks/CARD/locale/Bank.Locale.en-us.js?_=1677941876674

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/js/plugins/plugins-login-20230302-102857.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

686fde840b047ca7a460942ed454e270303b742f60ea16e77977aa243418cbce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.shipmoney.com/CARD/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Form-Type: 8e68982e135b2e42dd6dd6da1d9c0ba0

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:56 GMT
Content-Length: 5182
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

GET
H/1.1 200
OK config.js Show response
www.shipmoney.com/CARD/banks/CARD/ 13 KB
5 KB 162ms
162ms XHR
application/javascript 205.220.248.12
GTPL-AS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shipmoney.com/CARD/banks/CARD/config.js?_=1677941876675

Requested by

Host: www.shipmoney.com
URL: https://www.shipmoney.com/CARD/js/plugins/plugins-login-20230302-102857.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

205.220.248.12 , United States, ASN19983 (GTPL-AS-01, US),

Reverse DNS

205-220-248-12.gtplimited.com

Software

Resource Hash

ff5a778690dda702f3b19281f2ba316547e6931abe77229e3153b0726037a363

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.shipmoney.com/CARD/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Form-Type: 8e68982e135b2e42dd6dd6da1d9c0ba0

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' customersupport.shipmoney.com; img-src 'self' operator-logo.transferto.com data:; frame-src 'self' customersupport.shipmoney.com data:; frame-ancestors 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 04 Mar 2023 14:57:56 GMT
Content-Length: 4504
X-XSS-Protection: 1; mode=block
Server
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.shipmoney.com
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: false
X-Frame-Options: DENY
Access-Control-Allow-Headers: Authorization, From, IEAuth, Content-Type, Cache-Control, FingerPrint

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: oldFp Value: 5ef58b1e9373fd162ccb371793837f06
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: langTag Value: en-us
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: serviceID Value: Ke7H24VXhd90dM2A5C1doV@gtplimited.com
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: menuOptionsToHide Value: transfer-funds%2Ccontact-us
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: menuOptionsToAdd Value: [{%22inNavMain%22:false%2C%22dataNavTo%22:%22shipmoney-messages%22%2C%22dataLangKey%22:%22menu.messages%22%2C%22jqMethod%22:%22insertBefore%22%2C%22find%22:%22activity-detail%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22transfer-to%22%2C%22dataLangKey%22:%22menu.transferTo%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22activity-detail%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22make-a-transfer%22%2C%22dataLangKey%22:%22transferFunds.title%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22activity-detail%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22remittance%22%2C%22dataLangKey%22:%22remittance.title%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22make-a-transfer%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22manage-schedules%22%2C%22dataLangKey%22:%22remittancePendingSchedules.title%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22make-a-transfer%22}]
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: conditionalMenuOptionsToAdd Value: [{%22dataNavTo%22:%22virtual-teller%22%2C%22dataLangKey%22:%22menu.virtualTeller%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22activity-detail%22%2C%22displayWhen%22:%22partnerVtRequest%22}%2C{%22dataNavTo%22:%22me-atmsc-authorization%22%2C%22dataLangKey%22:%22menu.meAtMSC%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22activity-detail%22%2C%22displayWhen%22:%22displayMeAtMSC%22}%2C{%22dataNavTo%22:%22transfer-to%22%2C%22dataLangKey%22:%22menu.transferTo%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22afex-wires%22%2C%22displayWhen%22:%22displayTransferTo%22}]
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: deactiveMenuOptionsToAdd Value: [{%22inNavMain%22:true%2C%22dataNavTo%22:%22shipmoney-messages%22%2C%22dataLangKey%22:%22menu.messages%22%2C%22jqMethod%22:%22insertBefore%22%2C%22find%22:%22activity-detail%22}]
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: companionCardMenuOptionsToAdd Value: [{%22inNavMain%22:false%2C%22dataNavTo%22:%22shipmoney-messages%22%2C%22dataLangKey%22:%22menu.messages%22%2C%22jqMethod%22:%22insertBefore%22%2C%22find%22:%22activity-detail%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22transfer-funds-recipients%22%2C%22dataLangKey%22:%22transferFunds.title%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22activity-detail%22}%2C{%22inNavMain%22:false%2C%22dataNavTo%22:%22security-questions%22%2C%22dataLangKey%22:%22securityQuestions.title%22%2C%22jqMethod%22:%22insertAfter%22%2C%22find%22:%22manage-account%22}]
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: defaultPageOnLogin Value: shipmoney-messages
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: mainMenuOptionsToHide Value: manage-account%2Ccontact-us
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: removeHrTags Value: true
www.shipmoney.com/CARD	1969-12-31 23:59:59	Name: htmlElementsToRemove Value: divBalanceTransactions
www.shipmoney.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vudwi5ha1n52gftz0rqgs5he

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

shipmoney.com
www.shipmoney.com
205.220.248.12
143dd25bb2cfd36af1ef6f5ecd45ad3949c8b678c23365849df7567cd7207687
1577d528fbd76642db3161a286e3a58efa1f1863a9cff892148284191a812cc8
1e9d85053edf8a8eadd62654074d7ddd30e98933ec207fa653b8569998a3c8c7
20ab2b15b202d2fa02436977e97ea149e2cfad619bb9e421b331935d62b34659
27db6154539552d0b0f7bb05b945738d52b7a6a2a630c92b5d550bffa8e3276e
2df070b83a96cfd1adb0575cec3f017fe37a7749d18daf17ec4e6b4ff1b4a616
3e4302d91ad5d0bf6fba3568d35a08b5955fe9352fd0d4ed8b8a5a87be6986c4
4ab3993327ed0619a69c77459b8c9caf8efb71032fe7848b79fee80945f25e76
4abfc9f6ac5e07353486e333cac447a73d8e803f25e806c2b2c39cd1c91730ac
67e42bcc80c34c55d61bcc9ac3036151146e71a02ea85f55dddf0fa741cb16ab
686fde840b047ca7a460942ed454e270303b742f60ea16e77977aa243418cbce
86425990106b34cf18a1d42607e6f5a59409bb988c958a00fe6dae7d64b0bb23
87899d4974b2f87588c7503af9374a8ef8a91003baa315ebb317cd942e2532a8
967c51245e0900e2af6c668fea21813eaefbde26866e56f5adafaaec9ded61cf
997f4e00d20dc77e65aa6bfb2398af8545d9c6523952dd7d826f5649c393ba51
a2d284001a0b1aec513a7fe8878ecfe01c370e0add13cab1e875e91eed6482a1
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ad74d091c61d79f1e68a382fcc2db11cd8e8c0cb130db1cbdda15d8539e25a77
cda51bc63d456137a21bb3dd236c61ee2e650597ff5824fa56f7fbd011a4ee67
ce71c9d69cbdd537fb2f73b5b8922f2ef5c7394f93a7d174652f0e273f56f860
cfeb58231bf9bebeef7aa88124ce5ff3f68643270759d851acd7c060cd142649
ff5a778690dda702f3b19281f2ba316547e6931abe77229e3153b0726037a363

www.shipmoney.com Open in urlscan Pro 205.220.248.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

826 kBTransfer

1262 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

13 Cookies

Security Headers

Indicators

www.shipmoney.com Open in urlscan Pro
205.220.248.12 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

826 kB
Transfer

1262 kB
Size

13
Cookies

22 HTTP transactions
0 data transactions