urlscan.io logo urlscan.io
SecurityTrails logo

app.freefinance.at Open in urlscan Pro
80.123.167.199  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.rechnung.freikirche-pradl.at/
Effective URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Submission: On October 05 via automatic, source certstream-suspicious — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 80.123.167.199, located in Krems, Austria and belongs to A1TELEKOM-AT A1 Telekom Austria AG, AT. The main domain is app.freefinance.at.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.
This is the only time app.freefinance.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.178.193.86 207143 (HOSTTECH-AS)
1 16 80.123.167.199 8447 (A1TELEKOM...)
15 1
Apex Domain
Subdomains		 Transfer
16 freefinance.at
app.freefinance.at
3 MB
1 freikirche-pradl.at
www.rechnung.freikirche-pradl.at
101 B
15 2
Domain Requested by
16 app.freefinance.at 1 redirects app.freefinance.at
1 www.rechnung.freikirche-pradl.at 1 redirects
15 2

This site contains links to these domains. Also see Links.

Domain
www.freefinance.at
www.finanzfenster.at
Subject Issuer Validity Valid
freefinance.at
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Frame ID: BDD95EE6AC9B3C116B18EC321FD78CDB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FreeFinance - Das sichere Webportal für die einfache Buchhaltung

Page URL History Show full URLs

  1. https://www.rechnung.freikirche-pradl.at/ HTTP 301
    https://app.freefinance.at/ HTTP 302
    https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

3305 kB
Transfer

3297 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rechnung.freikirche-pradl.at/ HTTP 301
    https://app.freefinance.at/ HTTP 302
    https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.xhtml
app.freefinance.at/
Redirect Chain
  • https://www.rechnung.freikirche-pradl.at/
  • https://app.freefinance.at/
  • https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
956ace0c3ffbaeee34f126e879e9f1425f5819093e931fd0ebbf4de50df011d0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://api.mqcdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: *.freefinance.at *.finanzfenster.at api.mapbox.com assets.mapquestapi.com; font-src 'self' data:; frame-src 'self' *.freefinance.at *.finanzfenster.at; connect-src 'self' *.mqcdn.com www.mapquestapi.com *.mapquest.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-cache private no-store max-age=0 must-revalidate
content-length
10059
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://api.mqcdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: *.freefinance.at *.finanzfenster.at api.mapbox.com assets.mapquestapi.com; font-src 'self' data:; frame-src 'self' *.freefinance.at *.finanzfenster.at; connect-src 'self' *.mqcdn.com www.mapquestapi.com *.mapquest.com;
content-type
text/html;charset=utf-8
date
Thu, 05 Oct 2023 17:14:23 GMT
expect-ct
enforce, max-age=31536000
expires
Fri, 01 Jan 1990 00:00:00 GMT
permissions-policy
interest-cohort=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Thu, 05 Oct 2023 17:14:23 GMT
expect-ct
enforce, max-age=31536000
location
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
primeicons.css.xhtml
app.freefinance.at/javax.faces.resource/primeicons/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/primeicons/primeicons.css.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
1c3c158a5373d32e468753127f523173396d25650db351e19259dc2cd3d2280d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:22:33 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
components.css.xhtml
app.freefinance.at/javax.faces.resource/ 		106 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/components.css.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
038ba5031983f456a934ecedd535bfa78da1d0f05334e328457ba115d0f5d6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:22:33 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
styles.css
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
ea69fbccdb1e5a818a285cd8151da8bf3fd90896f3c2e550e48ed972a4e9ca2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:23 GMT
jquery.js.xhtml
app.freefinance.at/javax.faces.resource/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 May 2022 10:06:52 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
core.js.xhtml
app.freefinance.at/javax.faces.resource/ 		89 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/core.js.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
23dc4589d8d2fddd4588ea28736e254da0e39377263d0739568b8e5e6cbd3d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 May 2022 10:06:52 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
components.js.xhtml
app.freefinance.at/javax.faces.resource/ 		488 KB
489 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/components.js.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
714fc5b681edcfd6572f1c732f23337ec99662b074563ebbb143d522013471f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 May 2022 10:06:52 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
jquery-plugins.js.xhtml
app.freefinance.at/javax.faces.resource/jquery/ 		355 KB
355 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/jquery/jquery-plugins.js.xhtml?ln=primefaces&v=11.0.1
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
96028c8fe246df5b112a7f6460df934f94b07fd26fbdc14c0d8dbabd39e582d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 May 2022 10:06:52 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
jsf.js.xhtml
app.freefinance.at/javax.faces.resource/ 		117 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/javax.faces.resource/jsf.js.xhtml?ln=javax.faces
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
a033a536a6d1a928e38486c6f85b19de774ee463c97ed585f4ad32a5b22e10ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 16 Oct 2022 07:53:58 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
poll.js
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/ 		785 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/poll.js
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
ea938c34f3a1b4865f6983c64223c7b17b00d920eb321443ae6c66db521246eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
content-length
785
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:23 GMT
bundle.js
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/js/bundle.js
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
8403bf09a0c60d1462a3fbef3d8b577fad334e2993af81c8f3944823470538ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/login.xhtml?target=https%3A%2F%2Fapp.freefinance.at%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:23 GMT
logo.svg
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/images/logo.svg
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
52720abd9ca688440514c205d01905c83b8cda81cefb76de46753d3c73bc1dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
image/svg+xml;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:24 GMT
source-sans-pro-v21-latin-ext_latin-regular.woff2
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/sourceSansPro/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/sourceSansPro/source-sans-pro-v21-latin-ext_latin-regular.woff2
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
1c76a9477b4390842b9d28f8b9cfc05fb2841cbb37e0d2294d4d0c4d58ffe79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Origin
https://app.freefinance.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:24 GMT
source-sans-pro-v21-latin-ext_latin-700.woff2
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/sourceSansPro/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/sourceSansPro/source-sans-pro-v21-latin-ext_latin-700.woff2
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
91b7ab0e04f38285ccee2d1e09a297aef4c8bf2ab7ac4da9aad796df91ce1e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Origin
https://app.freefinance.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:24 GMT
fa-regular-400.woff2
app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/ 		383 KB
384 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/fonts/fa-regular-400.woff2
Requested by
Host: app.freefinance.at
URL: https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.123.167.199 Krems, Austria, ASN8447 (A1TELEKOM-AT A1 Telekom Austria AG, AT),
Reverse DNS
Software
/
Resource Hash
8fe14a5d78d008aaf25a2c12a46a46487eb667240dcb9b37874f6a014f574f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.freefinance.at/faces/javax.faces.resource/9.14.15/manubu/css/styles.css
Origin
https://app.freefinance.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 17:14:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 04 Oct 2023 20:21:51 GMT
expect-ct
enforce, max-age=31536000
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 17:14:24 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQBrowser object| Cookies function| PF object| PrimeFaces function| Class function| autosize object| myfaces object| jsf string| _PFX_UTIL string| _PFX_CORE string| _PFX_XHR string| _PFX_I18N function| _MF_CLS function| _MF_SINGLTN function| _MF_OBJECT object| manubu object| pf

2 Cookies

Domain/Path Name / Value
app.freefinance.at/ Name: JSESSIONID
Value: finapp03~14A63538CA8AD0F0A7FA8E0C838D7B70
app.freefinance.at/ Name: oam.Flash.RENDERMAP.TOKEN
Value: yfqbbgxka

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://api.mqcdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: *.freefinance.at *.finanzfenster.at api.mapbox.com assets.mapquestapi.com; font-src 'self' data:; frame-src 'self' *.freefinance.at *.finanzfenster.at; connect-src 'self' *.mqcdn.com www.mapquestapi.com *.mapquest.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block