urlscan.io logo urlscan.io
SecurityTrails logo

savingssquare.findexsecure.com Open in urlscan Pro
208.95.201.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.savingssquare.findexsecure.com/
Effective URL: https://savingssquare.findexsecure.com/
Submission: On December 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 208.95.201.31, located in United States and belongs to BANKONIT, US. The main domain is savingssquare.findexsecure.com.
TLS certificate: Issued by E5 on December 2nd 2024. Valid for: 3 months.
This is the only time savingssquare.findexsecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    208.95.201.31 (United States)

ASN46416 (BANKONIT, US)
www.savingssquare.findexsecure.com
savingssquare.findexsecure.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    18.244.20.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-40.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
8    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net
www.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.google.de
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
14 findexsecure.com
www.savingssquare.findexsecure.com
savingssquare.findexsecure.com
197 KB
8 gstatic.com
fonts.gstatic.com
208 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
227 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
216 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
9 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
564 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
35 10
Domain Requested by
13 savingssquare.findexsecure.com savingssquare.findexsecure.com
8 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com savingssquare.findexsecure.com
www.googletagmanager.com
2 www.facebook.com savingssquare.findexsecure.com
2 connect.facebook.net savingssquare.findexsecure.com
connect.facebook.net
1 www.google.de savingssquare.findexsecure.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net savingssquare.findexsecure.com
1 ajax.googleapis.com savingssquare.findexsecure.com
1 www.savingssquare.findexsecure.com 1 redirects
35 13

This site contains links to these domains. Also see Links.

Domain
web11.secureinternetbank.com
kirkpatrickbank.originate.fiservapps.com
Subject Issuer Validity Valid
savingssquare.findexsecure.com
E5		 2024-12-02 -
2025-03-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://savingssquare.findexsecure.com/
Frame ID: DB894DA4CB3068E37E020E9398595A5B
Requests: 34 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsavingssquare.findexsecure.com
Frame ID: 166DE1B61576FC06FF9B1A421FA21FCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

High Yield Savings Account | Savings Square

Page URL History Show full URLs

  1. https://www.savingssquare.findexsecure.com/ HTTP 301
    https://savingssquare.findexsecure.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

749 kB
Transfer

1833 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.savingssquare.findexsecure.com/ HTTP 301
    https://savingssquare.findexsecure.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
savingssquare.findexsecure.com/
Redirect Chain
  • https://www.savingssquare.findexsecure.com/
  • https://savingssquare.findexsecure.com/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
75a8a5ccc007f1806c06501ed4e2e3980a41a57662d35fdbef8f9275b3279018

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 17:25:04 GMT
etag
W/"67447bf0-45ca"
last-modified
Mon, 25 Nov 2024 13:30:24 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Mon, 02 Dec 2024 17:25:04 GMT
location
https://savingssquare.findexsecure.com/
server
nginx
findex-savingssquare.570bb33a1.css
savingssquare.findexsecure.com/public/css/6583662f718971452c4ca7ff/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://savingssquare.findexsecure.com/public/css/6583662f718971452c4ca7ff/css/findex-savingssquare.570bb33a1.css
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
2c7c13521911abca653638b74c1fc68b8124cb4e042ebf5b0e16c0d562e619e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"673c817b-1536d"
date
Mon, 02 Dec 2024 17:25:04 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 12:15:55 GMT
server
nginx
vary
Accept-Encoding
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
gzip
age
355944
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:32:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:32:40 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
findex-66f1e00fd6c8231f9dbb0c3b_SS%20hero%20425.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		120 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-66f1e00fd6c8231f9dbb0c3b_SS%20hero%20425.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
a03b0f64fc6a718934a3852274b7ede4f892ad44bc757e45ae33598902721d7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-1e1b7"
date
Mon, 02 Dec 2024 17:25:04 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6583662f718971452c4ca7ff
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-40.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://savingssquare.findexsecure.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
63694
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
1Wkfoldl3j9lrODevRQb5Bn0rAs6eVI6xwvDHXmY_sniH3_2va2rIw==
date
Sun, 01 Dec 2024 23:43:33 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P11
server
AmazonS3
findex-savingssquare.ffb8fa6d9.js
savingssquare.findexsecure.com/public/js/6583662f718971452c4ca7ff/js/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savingssquare.findexsecure.com/public/js/6583662f718971452c4ca7ff/js/findex-savingssquare.ffb8fa6d9.js
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
c2459f0fda5782767a34dd024e04ce2b04ec5226fb5775488cc3c5d771c32da4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"673c817b-2ae39"
date
Mon, 02 Dec 2024 17:25:05 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 12:15:55 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		70 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2719ad481443d4b0d52acd682ecf90f375c2b9e8df1d29af3e3bb647c9441ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 17:25:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 02 Dec 2024 17:25:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJCN84ZD
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d19805e3bba81f12673fb95ad883c5db5b80ac2831c36434a274ce9896d13f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 02 Dec 2024 17:25:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107021
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8B5SNosw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 17:25:05 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8B5SNosw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4414, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
7X9jJZ8wUv11Dyat948GA9mwfc0L0fw4eF0T3Hi8hoGwRXdOJtup/v/ztmFaWKEA22p7pU1vNOueODOqHFx1JA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
findex-658371537c19249727c2b42e_KPB-Logo-Square.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		840 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-658371537c19249727c2b42e_KPB-Logo-Square.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
bc78ffcc097c0faff13c12b6e0c9ce1b09bb18620b614fe688ca5cfb1f6fb0a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-348"
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-65836a480f91a04017660777_Frame-2.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		777 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-65836a480f91a04017660777_Frame-2.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe3513cad25c0485f33a2a3db02c53b3254dccda12511839b9de7fd5d7cc43d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-309"
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-65836a48ab42844c7a9b68ef_Frame-1.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		976 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-65836a48ab42844c7a9b68ef_Frame-1.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
92d24a95053eebed6a190237279311f20d770744b7b93460bfd5952a1e3d57de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-3d0"
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-65836a4945829bd655e94031_Frame.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		1 KB
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-65836a4945829bd655e94031_Frame.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
3e261f8af1e57590a0dffdfbe027e466b3252ba8b7f6b7e2afeec918c1b4bd13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-52c"
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-658379ee2f0f4ade4e1c5c85_rodion-kutsaiev-su4YXCBHZCw-unsplash%20(1)-p-800.jpg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-658379ee2f0f4ade4e1c5c85_rodion-kutsaiev-su4YXCBHZCw-unsplash%20(1)-p-800.jpg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
d26034abe83cd091f7257031ae6edeefeb0760559151038c03d1a2fa2b19b5df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
etag
"67368988-dd71"
accept-ranges
bytes
content-length
56689
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
findex-6596df0e93f068aa387901e2_noun-square.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-6596df0e93f068aa387901e2_noun-square.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
419efc2c22d2e6eab9aa89645aa71a16ab4faa03bb27530fe54e1f48799f6e67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-2ccc"
date
Mon, 02 Dec 2024 17:25:10 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-6596de05d25eaf40a5d400dd_noun-deposit-2508094.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-6596de05d25eaf40a5d400dd_noun-deposit-2508094.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
baa9e58d0f93cde9b22bffccc99d92f79d40817e0de177da3d14ca85f626ca45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-94f"
date
Mon, 02 Dec 2024 17:25:10 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
findex-6596de051273477ad559c366_noun-withdrawal-2332149.svg
savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savingssquare.findexsecure.com/public/image/6583662f718971452c4ca7ff/findex-6596de051273477ad559c366_noun-withdrawal-2332149.svg
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
af0a1e30f754319cd1fae08c142a6787946a7c446d54bf119058bdb02a3eb655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-d92"
date
Mon, 02 Dec 2024 17:25:10 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
439503
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
5821
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
458040
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
504416
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 21:18:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:18:10 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
583504
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 23:20:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:20:02 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
507231
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 20:31:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 20:31:15 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
439452
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:20:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:20:54 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20144
x-xss-protection
0
server
sffe
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CRoboto:300,regular,italic,500,500italic,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://savingssquare.findexsecure.com
Referer
https://fonts.googleapis.com/

Response headers

age
438083
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:43:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:43:43 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20160
x-xss-protection
0
server
sffe
926338622483767
connect.facebook.net/signals/config/ 		77 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/926338622483767?v=2.9.176&r=stable&domain=savingssquare.findexsecure.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f01db976b671d59a84461a5d6e1b0240f47848b6ddd572dd092e66b4120d79ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-L5Ry8LUM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-L5Ry8LUM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=6, c=68, mss=1232, tbw=78264, tp=73, tpl=6, uplat=247, ullat=0
pragma
public
x-fb-debug
NqjUXBsC6zSCRrkWxkc/Ed8PfVPY8WdPK4CPr6LrMQvRISSMc25HVu0WR03PZzPL/MwzzRrzOp+4mQxDZxqArQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		369 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4NCNN9T61H&l=dataLayer&cx=c&gtm=45He4bk0v9174838060za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJCN84ZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dc3b3ffe040e9aeb7c8fb7cd821ea8e5b27e2a8bc492cab5d01d16e422a7c30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 17:25:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
124304
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsavingssquare.findexsecure.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1875366941.1733160306&auid=1158485426.1733160306&npa=1&gtm=45He4bk0v9174838060za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733160306173&tfd=2019&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJCN84ZD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 166D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsavingssquare.findexsecure.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJCN84ZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 17:25:06 GMT
expires
Tue, 02 Dec 2025 17:25:06 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4NCNN9T61H&gtm=45je4bk0v9174857049z89174838060za200zb9174838060&_p=1733160305908&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1901610144.1733160306&ecid=1355591904&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1733160306&sct=1&seg=0&dl=https%3A%2F%2Fsavingssquare.findexsecure.com%2F&dt=High%20Yield%20Savings%20Account%20%7C%20Savings%20Square&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2141
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4NCNN9T61H&l=dataLayer&cx=c&gtm=45He4bk0v9174838060za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://savingssquare.findexsecure.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
564 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4NCNN9T61H&cid=1901610144.1733160306&gtm=45je4bk0v9174857049z89174838060za200zb9174838060&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4NCNN9T61H&l=dataLayer&cx=c&gtm=45He4bk0v9174838060za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://savingssquare.findexsecure.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4NCNN9T61H&cid=1901610144.1733160306&gtm=45je4bk0v9174857049z89174838060za200zb9174838060&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2120373439
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 17:25:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=926338622483767&ev=PageView&dl=https%3A%2F%2Fsavingssquare.findexsecure.com&rl=&if=false&ts=1733160306414&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1733160306412.757168365730857314&cs_est=true&pm=1&hrl=aa3914&ler=empty&cdl=API_unavailable&it=1733160306126&coo=false&cs_cc=1&cas=25065461586435859%2C25387274840857758&rqm=GET
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4464, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926338622483767&ev=PageView&dl=https%3A%2F%2Fsavingssquare.findexsecure.com&rl=&if=false&ts=1733160306414&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1733160306412.757168365730857314&cs_est=true&pm=1&hrl=aa3914&ler=empty&cdl=API_unavailable&it=1733160306126&coo=false&cs_cc=1&cas=25065461586435859%2C25387274840857758&rqm=FGET
Requested by
Host: savingssquare.findexsecure.com
URL: https://savingssquare.findexsecure.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443866833302635927"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443866833302635927"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 17:25:06 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
21NN0b7kOMavYwEOxEqTSDXYPADyCPzf2HrY6AL22OxqQuomeOFQHyKAvTWj0ruExjT1aejf74IaQ7WDTsgdpg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443866833302635927", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4832, tp=13, tpl=0, uplat=144, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
findex-65a9b46e600b59d200ec19f6_KPB-favicon2.ico
savingssquare.findexsecure.com/public/link/6583662f718971452c4ca7ff/ 		396 B
579 B 		Other
General
Check archive.org
Download Go to
Full URL
https://savingssquare.findexsecure.com/public/link/6583662f718971452c4ca7ff/findex-65a9b46e600b59d200ec19f6_KPB-favicon2.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.95.201.31 , United States, ASN46416 (BANKONIT, US),
Reverse DNS
Software
nginx /
Resource Hash
d6f9acdcb0513966879edf584e90f37af98016c7340d6fa99ce1d5902f0d3ee6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://savingssquare.findexsecure.com/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
etag
W/"67368988-18c"
date
Mon, 02 Dec 2024 17:25:11 GMT
content-type
image/x-icon
last-modified
Thu, 14 Nov 2024 23:36:40 GMT
server
nginx
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WebFont object| dataLayer function| fbq function| _fbq function| $ function| jQuery object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| tram object| Webflow

4 Cookies

Domain/Path Name / Value
.findexsecure.com/ Name: _gcl_au
Value: 1.1.1158485426.1733160306
.findexsecure.com/ Name: _ga_4NCNN9T61H
Value: GS1.1.1733160306.1.0.1733160306.60.0.1355591904
.findexsecure.com/ Name: _ga
Value: GA1.1.1901610144.1733160306
.findexsecure.com/ Name: _fbp
Value: fb.1.1733160306412.757168365730857314

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
savingssquare.findexsecure.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.savingssquare.findexsecure.com
142.250.185.227
142.250.186.35
157.240.0.6
157.240.253.35
18.244.20.40
2001:4860:4802:34::36
208.95.201.31
216.58.206.36
2a00:1450:4001:81d::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::9d
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
2719ad481443d4b0d52acd682ecf90f375c2b9e8df1d29af3e3bb647c9441ee4
2c7c13521911abca653638b74c1fc68b8124cb4e042ebf5b0e16c0d562e619e4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e261f8af1e57590a0dffdfbe027e466b3252ba8b7f6b7e2afeec918c1b4bd13
419efc2c22d2e6eab9aa89645aa71a16ab4faa03bb27530fe54e1f48799f6e67
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5dc3b3ffe040e9aeb7c8fb7cd821ea8e5b27e2a8bc492cab5d01d16e422a7c30
75a8a5ccc007f1806c06501ed4e2e3980a41a57662d35fdbef8f9275b3279018
7fe3513cad25c0485f33a2a3db02c53b3254dccda12511839b9de7fd5d7cc43d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
92d24a95053eebed6a190237279311f20d770744b7b93460bfd5952a1e3d57de
a03b0f64fc6a718934a3852274b7ede4f892ad44bc757e45ae33598902721d7c
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af0a1e30f754319cd1fae08c142a6787946a7c446d54bf119058bdb02a3eb655
baa9e58d0f93cde9b22bffccc99d92f79d40817e0de177da3d14ca85f626ca45
bc78ffcc097c0faff13c12b6e0c9ce1b09bb18620b614fe688ca5cfb1f6fb0a3
c2459f0fda5782767a34dd024e04ce2b04ec5226fb5775488cc3c5d771c32da4
d19805e3bba81f12673fb95ad883c5db5b80ac2831c36434a274ce9896d13f00
d26034abe83cd091f7257031ae6edeefeb0760559151038c03d1a2fa2b19b5df
d6f9acdcb0513966879edf584e90f37af98016c7340d6fa99ce1d5902f0d3ee6
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01db976b671d59a84461a5d6e1b0240f47848b6ddd572dd092e66b4120d79ae
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d