metabase.savings.fidi.money Open in urlscan Pro
23.20.25.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://metabase.savings.fidi.money/
Submission: On April 21 via automatic, source certstream-suspicious (April 21st 2023, 5:29:05 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 23.20.25.168, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is metabase.savings.fidi.money.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 21st 2023. Valid for: a year.

This is the only time metabase.savings.fidi.money was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	23.20.25.168 23.20.25.168	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
14	3

12 23.20.25.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-25-168.compute-1.amazonaws.com

metabase.savings.fidi.money	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	fidi.money metabase.savings.fidi.money	2 MB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
14	2

	Domain	Requested by
12	metabase.savings.fidi.money	metabase.savings.fidi.money
1	www.google-analytics.com	metabase.savings.fidi.money www.google-analytics.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
metabase.savings.fidi.money Amazon RSA 2048 M01	`2023-04-21` - `2024-05-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://metabase.savings.fidi.money/
Frame ID: 946E0015326B6C7F578BF36DB5E275E4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciar sesión · Metabase

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1859 kB
Transfer

7208 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
metabase.savings.fidi.money/ 206 KB
60 KB 749ms
426ms Document
text/html 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

9f24cebd733d8872fc8de27a061f51052495fe597b8fc552b53fd34b3a206194

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Type: text/html;charset=utf-8
Date: Fri, 21 Apr 2023 17:28:40 GMT
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Fri, 21 Apr 2023 17:28:40 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked

GET
H/1.1 200
OK vendor.bundle.css
metabase.savings.fidi.money/app/dist/ 16 KB
5 KB 96ms
96ms Stylesheet
text/css 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/vendor.bundle.css?b324d20bab081ad43f0927ac96a02eab

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

37372d0f5fdb78279db4213652a85bdc5c0c6615f75d3ce24f226abece5ec5a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles.bundle.css
metabase.savings.fidi.money/app/dist/ 115 KB
23 KB 199ms
101ms Stylesheet
text/css 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

06122fb13cef9f91bcf75c4b657505b4e4647b1b73ce4db249a8bcf0597a8f4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app-main.bundle.css
metabase.savings.fidi.money/app/dist/ 97 KB
20 KB 395ms
208ms Stylesheet
text/css 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/app-main.bundle.css?06994c69c003de9ff0faa2ce562a2a4b

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

9486b7349b9962053997ac3b9c706aa69f80b51014e9de81c1cce3bb9a728326

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/css
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.bundle.js Show response
metabase.savings.fidi.money/app/dist/ 4 MB
1020 KB 383ms
195ms Script
text/javascript 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/vendor.bundle.js?1eb878a05f75a3d1a67d

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

9cafb6d38d358f7cf308acad840cf45146a3fa46b49d08b22c63441291c7e129

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles.bundle.js Show response
metabase.savings.fidi.money/app/dist/ 2 KB
2 KB 308ms
110ms Script
text/javascript 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/styles.bundle.js?1eb878a05f75a3d1a67d

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

cc7cdc36d9151fd612b08bd04c55f012905bd1ec7bd1f1aa10d2fb54580702b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app-main.bundle.js Show response
metabase.savings.fidi.money/app/dist/ 3 MB
632 KB 430ms
229ms Script
text/javascript 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/app-main.bundle.js?1eb878a05f75a3d1a67d

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

51ddca8eaec72f79660c7a9dde34fd8baedeb97dd283ebfbbb103b9639c2f628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:28:41 GMT
Last-Modified: Fri, 09 Oct 2020 19:53:10 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
10ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metabase.savings.fidi.money/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 16:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3196
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 18:35:44 GMT

GET
H/1.1 401
Unauthorized current Show response
metabase.savings.fidi.money/api/user/ 15 B
1 KB 99ms
99ms XHR
text/plain 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/api/user/current

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/app/dist/app-main.bundle.js?1eb878a05f75a3d1a67d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

76f4e015467e2ad3550fc408bcf4f7d2a391d363e9993df7b0d95e4859ed5c53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://metabase.savings.fidi.money/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Date: Fri, 21 Apr 2023 17:29:00 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 21 Apr 2023 17:29:00 GMT
Server: Jetty(9.4.27.v20200227)
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 15
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK properties Show response
metabase.savings.fidi.money/api/session/ 23 KB
5 KB 98ms
98ms XHR
application/json 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/api/session/properties

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/app/dist/app-main.bundle.js?1eb878a05f75a3d1a67d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

8f2120953b2d980fbaf8d97d6cf72b367f1f5905cfea343f1edbdc79511cd384

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://metabase.savings.fidi.money/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:29:00 GMT
Last-Modified: Fri, 21 Apr 2023 17:29:00 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Content-Type: application/json;charset=utf-8
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Jul 2001 06:00:00 GMT

POST collect
www.google-analytics.com/j/ 0
0

GET
H/1.1 200
OK 1efbd38aa76ddae2580fedf378276333.woff2
metabase.savings.fidi.money/app/dist/ 22 KB
24 KB 97ms
97ms Font
text/plain 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/1efbd38aa76ddae2580fedf378276333.woff2

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe
Origin: https://metabase.savings.fidi.money
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:29:00 GMT
Last-Modified: Fri, 21 Apr 2023 17:29:00 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK 947e87c53b5765bfc8982613ccd789e9.woff2
metabase.savings.fidi.money/app/dist/ 22 KB
23 KB 105ms
105ms Font
text/plain 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/947e87c53b5765bfc8982613ccd789e9.woff2

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

6cb0722048c467295b83b1250b3e11d812a954088122a421ff677cc715984a55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe
Origin: https://metabase.savings.fidi.money
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:29:01 GMT
Last-Modified: Fri, 21 Apr 2023 17:29:01 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK b4d2c4c39853ee244272c04999b230ba.woff2
metabase.savings.fidi.money/app/dist/ 23 KB
24 KB 104ms
104ms Font
text/plain 23.20.25.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metabase.savings.fidi.money/app/dist/b4d2c4c39853ee244272c04999b230ba.woff2

Requested by

Host: metabase.savings.fidi.money
URL: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.25.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-25-168.compute-1.amazonaws.com

Software

Jetty(9.4.27.v20200227) /

Resource Hash

8b54cd9c5650afcf8d8fc86a68835130cad6806cd5fef70b39fbc3af979aa533

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://metabase.savings.fidi.money/app/dist/styles.bundle.css?19ed84678e76addfff6f6cdbb6b42cfe
Origin: https://metabase.savings.fidi.money
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 21 Apr 2023 17:29:00 GMT
Last-Modified: Fri, 21 Apr 2023 17:29:00 GMT
Server: Jetty(9.4.27.v20200227)
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
transfer-encoding: chunked
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Jul 2001 06:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j99&a=150186885&t=pageview&_s=1&dl=https%3A%2F%2Fmetabase.savings.fidi.money%2F&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Metabase&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1510812341&gjid=455650450&cid=1919263074.1682098141&tid=UA-60817802-1&_gid=952466981.1682098141&_r=1&_slc=1&cd1=v0.36.7&z=556932727

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fidi.money/	1970-01-20 20:50:58	Name: _ga Value: GA1.2.1919263074.1682098141
.fidi.money/	1970-01-20 11:16:24	Name: _gid Value: GA1.2.952466981.1682098141
.fidi.money/	1970-01-20 11:14:58	Name: _gat Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://metabase.savings.fidi.money/api/user/current Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://www.google-analytics.com/analytics.js(Line 33) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j99&a=150186885&t=pageview&_s=1&dl=https%3A%2F%2Fmetabase.savings.fidi.money%2F&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Metabase&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1510812341&gjid=455650450&cid=1919263074.1682098141&tid=UA-60817802-1&_gid=952466981.1682098141&_r=1&_slc=1&cd1=v0.36.7&z=556932727' because it violates the following Content Security Policy directive: "connect-src 'self' metabase.us10.list-manage.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://.googleapis.com .gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

metabase.savings.fidi.money
www.google-analytics.com
www.google-analytics.com
23.20.25.168
2a00:1450:4001:806::200e
06122fb13cef9f91bcf75c4b657505b4e4647b1b73ce4db249a8bcf0597a8f4b
37372d0f5fdb78279db4213652a85bdc5c0c6615f75d3ce24f226abece5ec5a5
3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f
51ddca8eaec72f79660c7a9dde34fd8baedeb97dd283ebfbbb103b9639c2f628
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6cb0722048c467295b83b1250b3e11d812a954088122a421ff677cc715984a55
76f4e015467e2ad3550fc408bcf4f7d2a391d363e9993df7b0d95e4859ed5c53
8b54cd9c5650afcf8d8fc86a68835130cad6806cd5fef70b39fbc3af979aa533
8f2120953b2d980fbaf8d97d6cf72b367f1f5905cfea343f1edbdc79511cd384
9486b7349b9962053997ac3b9c706aa69f80b51014e9de81c1cce3bb9a728326
9cafb6d38d358f7cf308acad840cf45146a3fa46b49d08b22c63441291c7e129
9f24cebd733d8872fc8de27a061f51052495fe597b8fc552b53fd34b3a206194
cc7cdc36d9151fd612b08bd04c55f012905bd1ec7bd1f1aa10d2fb54580702b1

metabase.savings.fidi.money Open in urlscan Pro 23.20.25.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1859 kBTransfer

7208 kBSize

3 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

Indicators

metabase.savings.fidi.money Open in urlscan Pro
23.20.25.168 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1859 kB
Transfer

7208 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions