Submitted URL: http://demo-api.finmason.com/
Effective URL: https://demo-api.finmason.com/
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 172.67.0.64, located in United States and belongs to CLOUDFLARENET, US. The main domain is demo-api.finmason.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.
This is the only time demo-api.finmason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.20.231.19 13335 (CLOUDFLAR...)
3 172.67.0.64 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
12 5
Apex Domain
Subdomains
Transfer
4 gstatic.com
fonts.gstatic.com
78 KB
4 finmason.com
demo-api.finmason.com
14 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425
1 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
88 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
12 5
Domain Requested by
4 fonts.gstatic.com demo-api.finmason.com
fonts.googleapis.com
4 demo-api.finmason.com 1 redirects unpkg.com
3 unpkg.com 1 redirects demo-api.finmason.com
2 cdnjs.cloudflare.com demo-api.finmason.com
cdnjs.cloudflare.com
1 fonts.googleapis.com demo-api.finmason.com
12 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-27 -
2024-04-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://demo-api.finmason.com/
Frame ID: C6350A9F89FCF50435B3A9CB318C2550
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Finmason: Finriver API

Page URL History Show full URLs

  1. http://demo-api.finmason.com/ HTTP 301
    https://demo-api.finmason.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

12
Requests

92 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1370 kB
Transfer

3404 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://demo-api.finmason.com/ HTTP 301
    https://demo-api.finmason.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/rapipdf/dist/rapipdf-min.js HTTP 302
  • https://unpkg.com/rapipdf@2.2.1/dist/rapipdf-min.js

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
demo-api.finmason.com/
Redirect Chain
  • http://demo-api.finmason.com/
  • https://demo-api.finmason.com/
2 KB
2 KB
Document
General
Full URL
https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.0.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc47b23c2e19fa9b818a692463bbd26313a5c9479362ddf0840c7c57957288ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80d5bd1a3fb6f860-CDG
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=utf-8
date
Wed, 27 Sep 2023 18:16:36 GMT
expires
0
pragma
no-cache
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
80d5bd192d5b3a96-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 27 Sep 2023 18:16:36 GMT
Expires
Wed, 27 Sep 2023 19:16:36 GMT
Location
https://demo-api.finmason.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
rapidoc-min.js
unpkg.com/rapidoc@9.1.3/dist/
580 KB
165 KB
Script
General
Full URL
https://unpkg.com/rapidoc@9.1.3/dist/rapidoc-min.js
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26eb6c082f42c2b7318d8c2690f4c2478e26d0d1671a7ebe9f8d2f01fbbd2a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://demo-api.finmason.com/
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 18:16:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20880
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HBB9SKGZ39D640903FPYDWX2-fra
server
cloudflare
etag
W/"9103f-eARiIC7ZpbDfw3izleulv1UrLqU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80d5bd1d5b5930c6-FRA
rapipdf-min.js
unpkg.com/rapipdf@2.2.1/dist/
Redirect Chain
  • https://unpkg.com/rapipdf/dist/rapipdf-min.js
  • https://unpkg.com/rapipdf@2.2.1/dist/rapipdf-min.js
2 MB
1023 KB
Script
General
Full URL
https://unpkg.com/rapipdf@2.2.1/dist/rapipdf-min.js
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7c192c7ef3cc3862badcb3aab19924e7d16813bc00c72440ae2d8ec361ceda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo-api.finmason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 18:16:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
106644
last-modified
Sun, 05 Apr 2020 19:28:12 GMT
fly-request-id
01HB8R099P21FJED3GSSR0DJST-fra
server
cloudflare
etag
W/"276eae-2AGlBYKV8lBuj2wUTPN7nKV3BCY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80d5bd221fce1ac7-FRA

Redirect headers

date
Wed, 27 Sep 2023 18:16:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01HBBXPVK1SBGSJY434B2AXG8Q-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/rapipdf@2.2.1/dist/rapipdf-min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
80d5bd1d5fa51ac7-FRA
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;600&family=Roboto+Mono&display=swap
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d77b736f72169829671b8ec5726e23d428a1198352d877576ee9ce211298652b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo-api.finmason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Sep 2023 18:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 18:16:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Sep 2023 18:16:36 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 18:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1716692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8H0mhvEm%2FKvD7NpLbTmo06uu9sGLm6lMZXH5fO70npmeUhUK9nJjbTmqxn3ovitl4LgFGfSf%2BQzFWCb5wNx3Bfcplp9nZ34NlMMpbsWB1op2sYJsGZAKWhs93KGA6mbvfVavV7YUU4ITtV8bkxHPI9i6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80d5bd1d4aa51e45-FRA
expires
Mon, 16 Sep 2024 18:16:36 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 18:16:37 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4191799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7BzAY5PL8bPhoiPDuX%2BOvR8PqqaenHJrvtzfJycQ46cdM5PYv0Gaderbq5DlSYPbvCLYBxo0aX6H7tfM6yNXaiJZRz9R7gqyvqduuLPoxT%2FeyTcRf5RlO9Q84y5Jr8AcTPrDxFCKiAdFElgHD%2B7gARX"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80d5bd23fa8c1e45-FRA
expires
Mon, 16 Sep 2024 18:16:37 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo-api.finmason.com/
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 06:34:12 GMT
x-content-type-options
nosniff
age
128545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9016
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 06:34:12 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: demo-api.finmason.com
URL: https://demo-api.finmason.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo-api.finmason.com/
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 04:07:02 GMT
x-content-type-options
nosniff
age
482975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9180
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 04:07:02 GMT
api-docs
demo-api.finmason.com/internal/
78 KB
12 KB
Fetch
General
Full URL
https://demo-api.finmason.com/internal/api-docs
Requested by
Host: unpkg.com
URL: https://unpkg.com/rapidoc@9.1.3/dist/rapidoc-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.0.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079c4294f1a500c232591273aea992182330c2f590825b85c211e3a2f4d92c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, application/yaml
Referer
https://demo-api.finmason.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Sep 2023 18:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
80d5bd24993ef860-CDG
x-xss-protection
1; mode=block
expires
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;600&family=Roboto+Mono&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 18:17:53 GMT
x-content-type-options
nosniff
age
518324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Sep 2024 18:17:53 GMT
api-docs
demo-api.finmason.com/internal/internal/
119 B
538 B
Fetch
General
Full URL
https://demo-api.finmason.com/internal/internal/api-docs
Requested by
Host: unpkg.com
URL: https://unpkg.com/rapidoc@9.1.3/dist/rapidoc-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.0.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae7f0d09d909caaf87601de1186d14e4bc57da5c28f6980a7cfae329cd6a549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, application/yaml
Referer
https://demo-api.finmason.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Sep 2023 18:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
must-revalidate,no-cache,no-store
access-control-allow-credentials
true
cf-ray
80d5bd26acfff860-CDG
x-xss-protection
1; mode=block
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v23/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;600&family=Roboto+Mono&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo-api.finmason.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 18:17:36 GMT
x-content-type-options
nosniff
age
518342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12764
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:16:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Sep 2024 18:17:36 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| webpackHotUpdate function| setImmediate function| clearImmediate function| saveAs object| pdfMake object| __core-js_shared__ object| regeneratorRuntime object| btnEl function| webpackHotUpdaterapidoc object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| Prism

3 Cookies

Domain/Path Name / Value
demo-api.finmason.com/ Name: _a4119
Value: ae1b93b219376f8f
demo-api.finmason.com/ Name: AWSALB
Value: jnNXzAOuigVvzWMMZYAK2nwiMZRWLviHQT1sZ0q/YTJlJGphgF8M8kgwCnZdtkIFfHB2MB1Fyn8ODSurDZSQ376eud5KkQhMhDzbizUgtS9CM87afn/lGFh53dek
demo-api.finmason.com/ Name: AWSALBCORS
Value: jnNXzAOuigVvzWMMZYAK2nwiMZRWLviHQT1sZ0q/YTJlJGphgF8M8kgwCnZdtkIFfHB2MB1Fyn8ODSurDZSQ376eud5KkQhMhDzbizUgtS9CM87afn/lGFh53dek

1 Console Messages

Source Level URL
Text
network error URL: https://demo-api.finmason.com/internal/internal/api-docs
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block