dev-metabase.penguinpay.com Open in urlscan Pro
34.205.238.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dev-metabase.penguinpay.com/
Submission: On December 29 via automatic, source certstream-suspicious (December 29th 2020, 1:05:24 am UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 34.205.238.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dev-metabase.penguinpay.com.
TLS certificate: Issued by R3 on December 29th 2020. Valid for: 3 months.

This is the only time dev-metabase.penguinpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	34.205.238.171 34.205.238.171	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200d	15169 (GOOGLE) (GOOGLE)
17	5

11 34.205.238.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-238-171.compute-1.amazonaws.com

dev-metabase.penguinpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	penguinpay.com dev-metabase.penguinpay.com	2 MB
4	google.com apis.google.com accounts.google.com	108 KB
1	google-analytics.com www.google-analytics.com	18 KB
17	3

	Domain	Requested by
11	dev-metabase.penguinpay.com	dev-metabase.penguinpay.com
3	apis.google.com	dev-metabase.penguinpay.com apis.google.com
1	accounts.google.com	apis.google.com
1	www.google-analytics.com	dev-metabase.penguinpay.com www.google-analytics.com
17	4

This site contains no links.

Subject Issuer	Validity	Valid
dev-metabase.penguinpay.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dev-metabase.penguinpay.com/
Frame ID: 4F1AC6160A7877AEE2A19D2A361C5D11
Requests: 16 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 9C2EA4B90D4F7875CA6DF2E7146BBBA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /Jetty(?:\(([\d\.]*\d+))?/i

Jetty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Jetty(?:\(([\d\.]*\d+))?/i

Page Statistics

17
Requests

94 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

1864 kB
Transfer

7239 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dev-metabase.penguinpay.com/ 23 KB
6 KB 606ms
392ms Document
text/html 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

eeb620aa149e5d740e863dbe663ff80cbfba91cb7df864a4245920ffe5552502

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: dev-metabase.penguinpay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: close
Date: Tue, 29 Dec 2020 01:04:47 GMT
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 29 Dec 2020 01:04:47 GMT
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Type: text/html;charset=utf-8
Content-Encoding: gzip
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Server: Jetty(9.4.27.v20200227)
Via: 1.1 vegur

GET
H/1.1 200
OK vendor.bundle.css
dev-metabase.penguinpay.com/app/dist/ 16 KB
5 KB 750ms
543ms Stylesheet
text/css 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/vendor.bundle.css?b324d20bab081ad43f0927ac96a02eab

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

37372d0f5fdb78279db4213652a85bdc5c0c6615f75d3ce24f226abece5ec5a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/css
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H/1.1 200
OK styles.bundle.css
dev-metabase.penguinpay.com/app/dist/ 112 KB
23 KB 762ms
546ms Stylesheet
text/css 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/styles.bundle.css?0b5e4b1da734b9e01b34e2a9a918b758

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

3b89443406fd092302568c2f74337d39d4c0ad29065dd9b280892f20b523ddfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/css
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H/1.1 200
OK app-main.bundle.css
dev-metabase.penguinpay.com/app/dist/ 99 KB
20 KB 852ms
634ms Stylesheet
text/css 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/app-main.bundle.css?25a8782161ae6f22ac34d2101662fcb1

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

17608f4546b86b4149580e112203fd436320cc33f804a1621eb2a83c637a8e74

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/css
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H/1.1 200
OK vendor.bundle.js Show response
dev-metabase.penguinpay.com/app/dist/ 4 MB
1016 KB 736ms
515ms Script
text/javascript 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/vendor.bundle.js?f24695780b695904f509

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

eab329c04903630c19d6fe4f372efdb403a5a9e35102af45b1e73170554198dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/javascript
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H/1.1 200
OK styles.bundle.js Show response
dev-metabase.penguinpay.com/app/dist/ 2 KB
2 KB 597ms
376ms Script
text/javascript 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/styles.bundle.js?f24695780b695904f509

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

ec8d6602897af7baaa6b1c765143a82cd148d7ffb687db66dfbe32473c391b80

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/javascript
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H/1.1 200
OK app-main.bundle.js Show response
dev-metabase.penguinpay.com/app/dist/ 3 MB
612 KB 558ms
337ms Script
text/javascript 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/app-main.bundle.js?f24695780b695904f509

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

f0875c0031e2e2ced235cca8eabef94ecae73ca7edd53c2c0867886289239cca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 May 2020 14:38:01 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: text/javascript
Via: 1.1 vegur
Cache-Control: public, max-age=31536000
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)

GET
H2 200 api:client.js Show response
apis.google.com/js/ 12 KB
5 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83003b61840cc855426538742d338fce1ac70fd3f12277a6b55c5ae5cad4308d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8c+wv6Ehjy6ycCizFtJXJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 01:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "eec6049337ac9445ed5ad2fd3b61a331"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-8c+wv6Ehjy6ycCizFtJXJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 29 Dec 2020 01:04:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4457
date: Mon, 28 Dec 2020 23:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 29 Dec 2020 01:50:34 GMT

GET
H/1.1 401
Unauthorized current Show response
dev-metabase.penguinpay.com/api/user/ 15 B
1 KB 369ms
153ms XHR
text/plain 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/api/user/current

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/app/dist/app-main.bundle.js?f24695780b695904f509

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

76f4e015467e2ad3550fc408bcf4f7d2a391d363e9993df7b0d95e4859ed5c53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 29 Dec 2020 01:04:51 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Dec 2020 01:04:51 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
Content-Length: 15
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK properties Show response
dev-metabase.penguinpay.com/api/session/ 19 KB
4 KB 461ms
240ms XHR
application/json 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/api/session/properties

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/app/dist/app-main.bundle.js?f24695780b695904f509

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

8d418b51e5b00fa8cf91df0e64a31f4230cdbd6e51a60f1b15a619b051301714

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 29 Dec 2020 01:04:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Dec 2020 01:04:52 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Content-Type: application/json;charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 301 KB
103 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be97a7efbb7091c7252d84339c2008c0e66a41b233831fbd53122f42b2444b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev-metabase.penguinpay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 06:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 17:03:00 GMT
server: sffe
age: 500058
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104873
x-xss-protection: 0
expires: Thu, 23 Dec 2021 06:10:33 GMT

POST collect
www.google-analytics.com/j/ 0
0

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 71 B
156 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dev-metabase.penguinpay.com/auth/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 21:08:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 17:03:00 GMT
server: sffe
age: 186978
vary: Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Sun, 26 Dec 2021 21:08:34 GMT

GET
H/1.1 200
OK 1efbd38aa76ddae2580fedf378276333.woff2
dev-metabase.penguinpay.com/app/dist/ 22 KB
23 KB 278ms
278ms Font
text/plain 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/1efbd38aa76ddae2580fedf378276333.woff2

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/app/dist/styles.bundle.css?0b5e4b1da734b9e01b34e2a9a918b758

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://dev-metabase.penguinpay.com
Referer: https://dev-metabase.penguinpay.com/app/dist/styles.bundle.css?0b5e4b1da734b9e01b34e2a9a918b758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Dec 2020 01:04:52 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Via: 1.1 vegur
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK b4d2c4c39853ee244272c04999b230ba.woff2
dev-metabase.penguinpay.com/app/dist/ 23 KB
24 KB 328ms
118ms Font
text/plain 34.205.238.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metabase.penguinpay.com/app/dist/b4d2c4c39853ee244272c04999b230ba.woff2

Requested by

Host: dev-metabase.penguinpay.com
URL: https://dev-metabase.penguinpay.com/app/dist/styles.bundle.css?0b5e4b1da734b9e01b34e2a9a918b758

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.238.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-238-171.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

8b54cd9c5650afcf8d8fc86a68835130cad6806cd5fef70b39fbc3af979aa533

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://dev-metabase.penguinpay.com
Referer: https://dev-metabase.penguinpay.com/app/dist/styles.bundle.css?0b5e4b1da734b9e01b34e2a9a918b758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 01:04:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Dec 2020 01:04:52 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Connection: close
Via: 1.1 vegur
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Server: Jetty(9.4.27.v20200227)
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 9C2E 0
0 73ms
73ms Document
text/html 2a00:1450:4001:81f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p0LAMgm9eX0wcp8y+jIV6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dev-metabase.penguinpay.com/auth/login?redirect=%2F
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=205=f-eMM9MzNKDtnfvSlzOgggAO0iD7X_YCTcQMnUFIWXo6-SQRRTfMIlxOHEvlURNyUPxmKrHxgwpWfZBJEzjaxvLbbugqp6WuwKswJtPF8OBc8T4nbP-jCEOYj8YuVCLhJIrr7WE_Cvq_6YtTJFXjQhW0qesH0vwDN2_gdA-BD88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dev-metabase.penguinpay.com/auth/login?redirect=%2F

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Dec 2020 01:04:52 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-p0LAMgm9eX0wcp8y+jIV6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j87&a=562725156&t=pageview&_s=1&dl=https%3A%2F%2Fdev-metabase.penguinpay.com%2F&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Metabase&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=1676751677&gjid=910045157&cid=590471166.1609203892&tid=UA-60817802-1&_gid=277367455.1609203892&_r=1&_slc=1&cd1=v0.35.3&z=732984284

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.penguinpay.com/	1970-01-19 15:01:30	Name: _gid Value: GA1.2.277367455.1609203892
			.penguinpay.com/	1970-01-20 08:31:15	Name: _ga Value: GA1.2.590471166.1609203892

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
dev-metabase.penguinpay.com
www.google-analytics.com
www.google-analytics.com
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::200d
2a00:1450:4001:820::200e
34.205.238.171
17608f4546b86b4149580e112203fd436320cc33f804a1621eb2a83c637a8e74
37372d0f5fdb78279db4213652a85bdc5c0c6615f75d3ce24f226abece5ec5a5
3b89443406fd092302568c2f74337d39d4c0ad29065dd9b280892f20b523ddfd
3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
5be97a7efbb7091c7252d84339c2008c0e66a41b233831fbd53122f42b2444b4
76f4e015467e2ad3550fc408bcf4f7d2a391d363e9993df7b0d95e4859ed5c53
83003b61840cc855426538742d338fce1ac70fd3f12277a6b55c5ae5cad4308d
8b54cd9c5650afcf8d8fc86a68835130cad6806cd5fef70b39fbc3af979aa533
8d418b51e5b00fa8cf91df0e64a31f4230cdbd6e51a60f1b15a619b051301714
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eab329c04903630c19d6fe4f372efdb403a5a9e35102af45b1e73170554198dd
ec8d6602897af7baaa6b1c765143a82cd148d7ffb687db66dfbe32473c391b80
eeb620aa149e5d740e863dbe663ff80cbfba91cb7df864a4245920ffe5552502
f0875c0031e2e2ced235cca8eabef94ecae73ca7edd53c2c0867886289239cca

dev-metabase.penguinpay.com Open in urlscan Pro 34.205.238.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

1864 kBTransfer

7239 kBSize

2 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

dev-metabase.penguinpay.com Open in urlscan Pro
34.205.238.171 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

1864 kB
Transfer

7239 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions