google.ottm.dev Open in urlscan Pro
52.26.63.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://google.ottm.dev/
Effective URL:
https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Submission: On January 19 via api (January 19th 2022, 3:41:10 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 52.26.63.164, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is google.ottm.dev.
TLS certificate: Issued by R3 on January 19th 2022. Valid for: 3 months.

This is the only time google.ottm.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	52.26.63.164 52.26.63.164	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
33	10

5 52.26.63.164 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-63-164.us-west-2.compute.amazonaws.com

google.ottm.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

overthetopmarketing.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2185 ekr.zdassets.com — Cisco Umbrella Rank: 2460	394 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	155 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 140 accounts.google.com — Cisco Umbrella Rank: 84	127 KB
5	ottm.dev 1 redirects google.ottm.dev	72 KB
3	zendesk.com overthetopmarketing.zendesk.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	gstatic.com ssl.gstatic.com	40 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	85 KB
33	9

	Domain	Requested by
9	static.zdassets.com	google.ottm.dev static.zdassets.com
5	www.facebook.com	connect.facebook.net www.facebook.com
5	google.ottm.dev	1 redirects google.ottm.dev
3	overthetopmarketing.zendesk.com	static.zdassets.com
3	apis.google.com	google.ottm.dev apis.google.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	connect.facebook.net	google.ottm.dev connect.facebook.net
2	www.google-analytics.com	google.ottm.dev www.google-analytics.com
1	ssl.gstatic.com	accounts.google.com
1	ekr.zdassets.com	static.zdassets.com
1	ajax.googleapis.com	google.ottm.dev
33	11

This site contains links to these domains. Also see Links.

Domain
www.overthetop.com

Subject Issuer	Validity	Valid
google.ottm.dev R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-28` - `2022-01-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
overthetopmarketing.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Frame ID: 08EF8D77E9E116D5B0430553FF2DFBF9
Requests: 14 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js
Frame ID: A8067DD4DD838081C756F07BD3DF126B
Requests: 11 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: CA9FFC79D8FE018E6215E1A06609517A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge
Frame ID: 9D2C58C86263BDD17D62C24D779A50C5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advantage - Login

Page URL History Show full URLs

http://google.ottm.dev/ HTTP 307
https://google.ottm.dev/ HTTP 302
https://google.ottm.dev/Login.aspx?ReturnUrl=%2f Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

978 kB
Transfer

2914 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.overthetop.com/
Title: Over The Top

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://google.ottm.dev/ HTTP 307
https://google.ottm.dev/ HTTP 302
https://google.ottm.dev/Login.aspx?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login.aspx Show response
google.ottm.dev/
Redirect Chain

http://google.ottm.dev/
https://google.ottm.dev/
https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

20 KB
20 KB

160ms
159ms

Document
text/html

52.26.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.26.63.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-63-164.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7aae2323fb47c27650057694cdb46ef707692e456bdbf529ea3054cda94945f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Wed, 19 Jan 2022 15:41:05 GMT
content-length: 20583

Redirect headers

cache-control: private
content-type: text/html; charset=utf-8
location: /Login.aspx?ReturnUrl=%2f
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Wed, 19 Jan 2022 15:41:05 GMT
content-length: 142

GET
H2 200 client:platform.js Show response
apis.google.com/js/ 52 KB
21 KB 63ms
39ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js?onload=start

Requested by

Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa9e6d21978185255f68a04ca44d1ea071b2c26efa39f55c2a40f84a3dddf7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5k9w3s9+BlHo8SEBG/hc1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "b40e83c6d8a30db654d6d732708b1dc7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-5k9w3s9+BlHo8SEBG/hc1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 19 Jan 2022 15:41:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
85 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 09:53:51 GMT
x-content-type-options: nosniff
age: 107234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86659
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jan 2023 09:53:51 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 130ms
64ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b

Requested by

Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MPPGZY0TWBY0P33Z
x-amz-id-2: +sr5ZCyodSLA/cuoF+OSODDqmAD8xfIXZi/J3ojbFW7LJTMtOuhP3EdhOUr+oG/gh4BACCeX+yw=
last-modified: Sun, 09 Jan 2022 23:14:59 GMT
server: cloudflare
etag: W/"301f9083ec60c9321ec7789c905c3232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13YV4lXSVojKL2dzUsZpquTzzCq1i6j9SLV%2F084eqkTyYvOdt09fa9K9lE7Eci3GWXlPibANz4qgdKhxHPVNaMynqau11ZP6FQ95edop%2BME9gV7FZhsX1pDnbBTmL3SRRJzkIhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: oV93LKh3GEBdpA7a6pYv5Alew2GE593j
cf-ray: 6d012a4f8842bfb1-MAN

GET
H2 200 WebResource.axd Show response
google.ottm.dev/ 23 KB
23 KB 157ms
157ms Script
application/x-javascript 52.26.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.ottm.dev/WebResource.axd?d=-z8dzNBl11BjkV1gevOeUsRKT0bsGAij3W7mDvWZRQ2Z0AGJkpMAxjfypZOG0ZdjignGdMtUDal3wO6GdEv4JSn8iYM1&t=637103346965614113
Requested by: Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.26.63.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-63-164.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:05 GMT
last-modified: Tue, 26 Nov 2019 03:11:36 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
content-length: 23063
expires: Thu, 19 Jan 2023 15:10:29 GMT

GET
H2 200 WebResource.axd Show response
google.ottm.dev/ 26 KB
26 KB 313ms
312ms Script
application/x-javascript 52.26.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://google.ottm.dev/WebResource.axd?d=1JTEGfuxjCe7OgTIzcbjBJ4dg079GDfba4Bk7n8BL4eReR_vusF56UijI_y-_TssqRvaUlkjGC1HrwAVwf2ueBskugdkoSwoybLW3YnBMOnJO_KX0&t=637103346965614113
Requested by: Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.26.63.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-63-164.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:05 GMT
last-modified: Tue, 26 Nov 2019 03:11:36 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
content-length: 26951
expires: Thu, 19 Jan 2023 15:10:29 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 309 KB
105 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 23:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107219
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 23:15:00 GMT

GET
H2 200 btn_google_signin_dark_normal_web.png
google.ottm.dev/assets/images/ 2 KB
2 KB 179ms
178ms Image
image/png 52.26.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google.ottm.dev/assets/images/btn_google_signin_dark_normal_web.png
Requested by: Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.26.63.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-63-164.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9124989ddb6a4c54ac930450171639ba9526c8f7ed9d2fdc548345fb3401d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:05 GMT
last-modified: Wed, 01 Apr 2020 16:07:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "223228b33f8d61:0"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2316

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2399
date: Wed, 19 Jan 2022 15:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 19 Jan 2022 17:01:06 GMT

GET
H2 200 ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b Show response
ekr.zdassets.com/compose/ 498 B
1 KB 118ms
62ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7936f260a37fedb933ff179e31483a1de0f2c444af15d5b310e0b6b00b5c9172

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 5b3c7b48-3522-468b-a4f2-9d56f7b014f0
x-runtime: 0.002618
server: cloudflare
etag: W/"7936f260a37fedb933ff179e31483a1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1TEf%2FfQ3WtoR1ajfpGxRmuC%2F5nn7j4KVs9OxF422ysDEware%2BNO7P52DfOgc%2BGQvkndy9TvaEcsB3Vzw%2Bh%2F9Y3HlhyeRFkT1FMhuLVCo5tBNtCc1Xo%2Bv0PKRnn6V8%2Fo2KE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6d012a505bc754e2-MAN

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
15ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=901971369&t=pageview&_s=1&dl=https%3A%2F%2Fgoogle.ottm.dev%2FLogin.aspx%3FReturnUrl%3D%252f&ul=en-us&de=UTF-8&dt=Advantage%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=630040216&gjid=1953427655&cid=931393417.1642606866&tid=UA-31612315-2&_gid=1452142766.1642606866&_r=1&_slc=1&z=298006238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://google.ottm.dev/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 15:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://google.ottm.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 140ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: google.ottm.dev
URL: https://google.ottm.dev/Login.aspx?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00c138f9706ecbb6e3a79f20540e36d2eae2ae519a3b0a39646d91946a28af3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sPrs1oXUvo+G0n/6BQuNig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: TGm/3tINQCQ4UPjefbcFLGiopHtSrBPuWwa1cIzXanvQMlw9rOm6G7/Crcs9zu7w4aZx00pkSAVVI85oFDh/kA==
x-fb-trip-id: 917726464
x-fb-content-md5: a16639a719f30edaf0e0996f1c2b50b7
x-frame-options: DENY
date: Wed, 19 Jan 2022 15:41:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "31fe3a915ae344fcda93ce69d89ceb63"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 19 Jan 2022 15:59:56 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 62 B
86 B 10ms
9ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 19:54:36 GMT
x-content-type-options: nosniff
age: 589590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 19:54:36 GMT

GET
H2 200 web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js Show response
static.zdassets.com/web_widget/latest/ Frame A806 213 KB
72 KB 79ms
79ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8770d012b92c867ad0a91fd62ac05bac24fee0a8b1c42637f4f96a91220cd9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: NG3YDKCA0WQGRC2H
x-amz-id-2: rIi7G1AC3Dk7v6KZiNq1GW+1Yew+mpw7Lp5rQ/Ezc6lGoI6uzJSl6rcMT728l60nJTq2tV1Kik8=
last-modified: Mon, 17 Jan 2022 02:29:23 GMT
server: cloudflare
etag: W/"65735e9542fe416058770af83dcfdfb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sUs6gnQ0qtpE%2BO3qfWSexMxP%2FuJ3LKcWeWjUyIFd7p4m%2BJyXJMAgRfyw6iGdZf21yXkm7BKmPc0RRjXle7j9CGCreHMcDar%2B1%2FFETWuy9PACfSauiZirZr278Pa5XMZeQIBk9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wRcMImozEU0HbZSkhqyFQQsG65Uga0SN
cf-ray: 6d012a51491abfb1-MAN
expires: Tue, 17 Jan 2023 02:29:22 GMT

GET
H2 200 web-widget-chat-sdk-58987df92c8073e96c0f.js Show response
static.zdassets.com/web_widget/latest/ Frame A806 203 KB
52 KB 64ms
63ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ecaefdb9-c8c6-4bc3-bfc3-10ebc20b641b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6614771
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 9YZ3AJVPTBMZCNTN
x-amz-id-2: 5Z6OQ6jbej+ILay5GcR/jjPft4n/9MaP8zqg/pxd1pQGp4xZinyTV9k4wTcO/O/8lR3UsIfCwe4=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"f4e9b6a21f729895e00473e7f3947ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMRMK22tV70PNfghaTm0yIBQH5hPW86qJSq8cxq31tAneBAEG0bajRvJGfVsqS88866t5FwaWfGMOyjObGZ%2FK8p%2BTEU0IeM6y7EsV6m%2BdjUy%2FusXRZjt5M9vlBFO31USLSKpEa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VCxuCJi40dVya7RnPTXVZ9S02BueApP5
cf-ray: 6d012a51491bbfb1-MAN
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame CA9F 512 B
902 B 49ms
27ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec9acdebaf37f4e72a99b7a8c483809bde1345cfc9cac1e80d32c5ca8075d32a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QSJVJT4tECd0V3ysxMgjDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Jan 2022 15:41:06 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-QSJVJT4tECd0V3ysxMgjDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f5e9f6540962873ddc277019df29c746

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0837e999726a07a9c448373356cc7627a86910104b08d577c5297cf08949b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://google.ottm.dev/
Origin: https://google.ottm.dev
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TYFLQyn8WXT+9RdBwYtvrg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83467
x-fb-rlafr: 0
x-fb-debug: KjRn/BhxkuN0Ptie1FatSXwLXrmk+rYZXvgOXfoaowOdwGYiYQvvOOMiKsmTGpjumRLKRdkCSVbh1yoLyBM46g==
x-fb-content-md5: 5c8d6893d8e85904661d95722cf8f8bc
x-frame-options: DENY
date: Wed, 19 Jan 2022 15:41:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c2b8f1d688280776a0a69ae2f24a3316"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Jan 2023 14:05:54 GMT

GET
H2 200 config Show response
overthetopmarketing.zendesk.com/embeddable/ Frame A806 658 B
1 KB 177ms
96ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://overthetopmarketing.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e133ecbb51b0e1b838032b6412a14e5ea57c737048a5cb1bbb937ffd2c9e7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25
x-zendesk-origin-server: embeddable-app-server-b8c578c7d-7bft2
x-envoy-upstream-service-time: 2
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6d0129b68f873607-IAD
x-runtime: 0.001392
last-modified: Wed, 19 Jan 2022 15:40:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9mHazAkUTiTxFPq3GbSWY7KF%2B0u7JX5%2Fax9s9PTuaur%2FZMYjXleoOoUt%2Bs1FCrTzAmOegMkbOUi3j9Z9uVQZ4c7XbAUBf%2BWcY9PQ96xRqe8i64kYDgPBhg%2BGIj2Of%2FlrpIEdW5YPiwMuu5%2B44%2FHXEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6d012a52bc5a54ab-MAN

GET
H2 200 341124057-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame CA9F 113 KB
40 KB 43ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/341124057-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbd87106866a83309ba4615e41aee575d89c2064baad0465b199456ae654994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 18:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39857
x-xss-protection: 0
last-modified: Sat, 08 Jan 2022 03:08:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 18:41:32 GMT

GET
H2 200 login_button.php Show response
www.facebook.com/v2.4/plugins/ Frame 9D2C 35 KB
16 KB 171ms
146ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f5e9f6540962873ddc277019df29c746

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

916b804c31a78ef8f243333bc22f228252253fee8259d97ac72dc1cd35d998dd

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://google.ottm.dev/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 1dyfRz6rIzJyDq29GF8xiF2hxL/xN+aCvSEzDJrYWZkN/dPXYkDIjSrWmIIVxgqXO19PRTqDMblMKiz9aqMCkw==
date: Wed, 19 Jan 2022 15:41:06 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame CA9F 15 B
59 B 52ms
32ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fgoogle.ottm.dev&client_id=937351949275-kt7fm2par20jdd2v235hjsip734sc9nr.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/341124057-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 19 Jan 2022 16:41:06 GMT

GET
H2 200 web-widget-39900-bad8471d2b7add37a93f.js Show response
static.zdassets.com/web_widget/latest/ Frame A806 372 KB
114 KB 71ms
70ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-39900-bad8471d2b7add37a93f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 662070
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JMM6PADSZNBYHZ0P
x-amz-id-2: RpOu1knBPB0jicm1uQBzgI8GS3l2M1ngSXwzrPljUjnQwi8t+mCSGIrHg6bmCsR9X38MwUAVhmE=
last-modified: Tue, 11 Jan 2022 05:36:15 GMT
server: cloudflare
etag: W/"f529f07bc9a9b52c28c54dfb5ac3d537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTImdo0NhcOBZPl%2B1XB%2BEr6V4nIiXLXd9hWQKri3nL7KTB3nrC0VZ%2FgRNCJH1uCcmzE2vC8uaU5tDcJazB9XxHqXliV2CgaFsh4mvfp%2BZSygMihDcqHbyi1Rv8Ek1oCSwVDJDpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Hu3EjwxEwLvswnoi3og_NUhh.Z0ZPntm
cf-ray: 6d012a535a08bfb1-MAN
expires: Wed, 11 Jan 2023 05:36:14 GMT

GET
H2 200 web-widget-82496-589058dacc8ab84d7796.js Show response
static.zdassets.com/web_widget/latest/ Frame A806 85 KB
23 KB 64ms
64ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-82496-589058dacc8ab84d7796.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 662070
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: JMMEQWGG4J3MEQ6T
x-amz-id-2: XlkL/F1fksbrV0ZhoVeVPWwPi6JGCPjk9vAXb4N4kt6+0R2tmlXBWo5izXCcb8CptaDMBKL8I4w=
last-modified: Tue, 11 Jan 2022 05:36:15 GMT
server: cloudflare
etag: W/"a578a65dad91fe91cb0130ffd39b46ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rGK2MbGAMZyYW2KHcNXY9zPINVBLzqyygpYYtFmeNeFwxiaP%2BI43r3y9nlDm86HT1sdpbqX%2FuLip0%2FjXCKgEGob6dQZ1Xc9EARWktSE4N4f3FF%2B9LZEOQaferz8Wkm%2FPeYf0gk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: XmBfchOa1nU_Xj55gYxYavG4mPwtakPM
cf-ray: 6d012a535a0bbfb1-MAN
expires: Wed, 11 Jan 2023 05:36:14 GMT

GET
H2 200 web_widget-d6af41dad816bf183e73.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame A806 443 KB
98 KB 66ms
65ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-d6af41dad816bf183e73.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e6d954617517f5c8d2b0f0dbf60f1b577a32d074d4e0e3666f24feb63a0cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 5H67DD6RR46DRDM1
x-amz-id-2: H0at9eJ05C0kCmmfuC8V62HttDFAvHpf8ZecKt86fCn+glDlhRuuZz6XiNBFpkMuqcqNqBa1FeQ=
last-modified: Mon, 17 Jan 2022 02:26:08 GMT
server: cloudflare
etag: W/"3adb20b8257e5276c629bfce9770bbbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pQgb246o%2BzI0W5vSsCafYh0TBdeMIkeRQMKQSr%2Bn4YpZO5sryva0ZRb6g0wczl4V%2F1OIuDS%2Fv3mdgc%2Br5mV3gbHjRra0bHvMbvno7KHOLnH3cbQ%2FJ3mSUDQ07waxuqeM7GhVLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: HKiHZ29YGZeEkLrn_GuweD6luQPDhsfu
cf-ray: 6d012a535a0cbfb1-MAN
expires: Tue, 17 Jan 2023 02:26:06 GMT

GET
H2 200 embeddable_blip Show response
overthetopmarketing.zendesk.com/ Frame A806 0
446 B 469ms
469ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://overthetopmarketing.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIyN2NmNzlhZjE4YTM0Yjg2OGQ3OWVkMmQyNGZmNzVjZCIsInN1aWQiOiJhMjA1MzZlYWQ1YjY0NjZmYWJjZDg4NzNmNzMyOWY2MiIsInZlcnNpb24iOiIyNzg2OGRhIiwidGltZXN0YW1wIjoiMjAyMi0wMS0xOVQxNTo0MTowNi41OThaIiwidXJsIjoiaHR0cHM6Ly9nb29nbGUub3R0bS5kZXYvTG9naW4uYXNweD9SZXR1cm5Vcmw9JTJmIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: acba7a996997cde92fc6faef72f3fd11
last-modified: Wed, 19 Jan 2022 15:41:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9wj1zKJ1a0cUGnBV4TZRiutrx1MmMHkpBnoEPBOgtTlLsHSGVIWnckbxqQqAMhXe6j%2Bd779plbiZXf%2F99vnADqWpMm74pFQ2OTcSya3kLu8q1dMVHmNUyktF03%2FO165gDtrnzpkqZni7azz%2B3fgLTI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://google.ottm.dev
accept-ranges: bytes
cf-ray: 6d012a54584654ab-MAN

GET
H2 200 de-de-json-0e7b9ae3b696a34b6d22.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame A806 28 KB
7 KB 54ms
54ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6614607
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: N3HASRFX6HDCVAYT
x-amz-id-2: X5mqvSxWfX7oUypcFGxz1Evw80xyv+TtowQX/FJHLKhnpIBNvfSYAH1YRwWKaL0Oxv8tcJL+Oa0=
last-modified: Wed, 03 Nov 2021 23:47:17 GMT
server: cloudflare
etag: W/"8fc7b388e5d1886d801f856533dc1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIfmXav1O33ePXWWyfvGOLMtY6Ww5%2B9%2FetX2mpmupy1KFV5SteEZnIkskY2G%2BHGfdNbyTg%2FqCu4YekNPIPHHWh5b0tKhpE%2B1ji3XhXKExr5fQ56wZ6Vz%2B%2FRBuZUuE0cn0BQzaYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6RmU.xLcJA.EQghxyd1xkwY2BBWkSgbD
cf-ray: 6d012a546a84bfb1-MAN
expires: Thu, 03 Nov 2022 23:47:15 GMT

GET
H3 200 WEFqCY7wUmM.png
www.facebook.com/rsrc.php/v3/yH/r/ Frame 9D2C 554 B
606 B 28ms
12ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/WEFqCY7wUmM.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bb2cc8d80b66d5712fc86f0320242a5085a031141eb6f20ee2973a3c2135cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 03:59:15 GMT
x-content-type-options: nosniff
content-md5: Ot6UCEJeVuKPi2IX3HXzrA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 554
x-fb-rlafr: 0
x-fb-debug: lp4I/ovn1YsC1HRWfmvVNTwEVJ577F9CskqSePmqLP2PWVKIs5emqLgVVm6Fq0YTZ+h6YmLqMe6YSE/wN/o3rQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 16 Jan 2023 03:59:15 GMT

GET
H3 200 luFYNPLo3dO.gif
www.facebook.com/rsrc.php/v3/yT/r/ Frame 9D2C 1 KB
1 KB 21ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/luFYNPLo3dO.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78a4e31b4d526946ad7e5f3317032843312c050e00ad68dafeadeecbf2cea078

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 05:22:53 GMT
x-content-type-options: nosniff
content-md5: ac11L2RsnxG0UF4BBl4cDQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 1407
x-fb-rlafr: 0
x-fb-debug: 7OJ4W04fLygobfrD5Tt8Y0rTZJgzkXUm/zQVkGH4vi5G/Gdu4VFLMRx6vwnJoqwBJt8NM1Ip4ttxdDBMTpS/6g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 16 Jan 2023 05:22:53 GMT

GET
H3 200 MnHUYIJTK5w.js Show response
www.facebook.com/rsrc.php/v3i7M54/yI/l/en_US/ Frame 9D2C 520 KB
137 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7M54/yI/l/en_US/MnHUYIJTK5w.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a884760cb96cfeee330a187b75f52dcd110681d1eee8eef7f79b1e509abb821d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 12:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h/KpcQFYfe8ddl9uNB0QVg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 140145
x-fb-rlafr: 0
x-fb-debug: wwPl9PNyJ86RwT6trsFU0eakjHYpzKKR5BjyP7WUA9XpmwfDIJxC26/fA7UdVBoVqIz3srMN6l1SAF2wvtB4dA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Jan 2023 12:59:06 GMT

GET
H2 200 embeddable_blip Show response
overthetopmarketing.zendesk.com/ Frame A806 0
380 B 205ms
204ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://overthetopmarketing.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9nb29nbGUub3R0bS5kZXYvTG9naW4uYXNweD9SZXR1cm5Vcmw9JTJmIiwidGltZSI6OTUsImxvYWRUaW1lIjoxMDYuODk5OTk5NjE4NTMwMjcsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJBZHZhbnRhZ2UgLSBMb2dpbiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiIyN2NmNzlhZjE4YTM0Yjg2OGQ3OWVkMmQyNGZmNzVjZCIsInN1aWQiOiJhMjA1MzZlYWQ1YjY0NjZmYWJjZDg4NzNmNzMyOWY2MiIsInZlcnNpb24iOiIyNzg2OGRhIiwidGltZXN0YW1wIjoiMjAyMi0wMS0xOVQxNTo0MTowNi42OTRaIiwidXJsIjoiaHR0cHM6Ly9nb29nbGUub3R0bS5kZXYvTG9naW4uYXNweD9SZXR1cm5Vcmw9JTJmIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 282e2d3f8ffe6159ec506ea4c1f8366b
last-modified: Wed, 19 Jan 2022 15:41:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCqW1Qf3qlgsLDn4lZuWXN7ZOIpGvjYQ93yGSU0s0NBCXRuPtK4OiYrgQEJMVFWjg7S1%2FEQneUq6WKFgclgHCWJreOprbDUmwhvImqZ5YJvk%2BlxxTrqBPEbCWAzECvL%2BGgA6vNNtK3QQepDjV8LRutg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://google.ottm.dev
accept-ranges: bytes
cf-ray: 6d012a54e9e254ab-MAN

GET
H3 200 cavalry_endpoint.php
www.facebook.com/platform/ Frame 9D2C 67 B
99 B 130ms
128ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1642606866614&t_start=1642606866614&t_domcontent=1642606866625&t_layout=1642606866752&t_onload=1642606866752&t_paint=1642606866752&t_creport=1642606866752&t_tti=1642606866625&lid=7054942769881642621-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.4/plugins/login_button.php?app_id=320438014708940&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df888be71b8c64%26domain%3Dgoogle.ottm.dev%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgoogle.ottm.dev%252Ff26d6d03f8e26d8%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&scope=public_profile%2Cemail&sdk=joey&size=xlarge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: acBShyEmuYr6C+EVsT+IUHA7ikp/Tp6X8SvaxbgglkMjA1ii3qsKuUVOmZD5cpqNwarOWVm06PkVrYsJQh7ljw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 19 Jan 2022 15:41:06 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js Show response
static.zdassets.com/web_widget/latest/ Frame A806 337 B
707 B 52ms
52ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a4cbf2c0d8c9ce7cfa6c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:41:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1352620
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 2K6H5T521ES451A6
x-amz-id-2: ZiYHUDbbMHngLgf3Qu6+LOFGhyD3Kn3ie0Iqe34qfDWdOlK70YLNmouyWYc34Php1PxTbfWKVoo=
last-modified: Mon, 03 Jan 2022 23:37:01 GMT
server: cloudflare
etag: W/"a7069caa3d0c66a01d617c556d15afe7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWYRVbiLfaPAmBxSyZgM%2FlQE5MlZA7kxSraA6zf5q0G%2BmTXE1TYbHtJlEccdLrmaqQ%2B7T2%2FDE2fSbQw79qRbQHa%2Fp%2BdYudl5MtJuIR2VJje4rGC5Gg7EztfTB8RZY7r57YNKTZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YowV3WS1hDd.dYN.KkLiopXUJEH2mOUT
cf-ray: 6d012a569b96bfb1-MAN
expires: Tue, 03 Jan 2023 23:37:00 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame A806 19 KB
20 KB 80ms
80ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 19 Jan 2022 15:41:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6675529
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 15MEH6W02FQ3S6G3
x-amz-id-2: XABs8OEqM6XEDtFci0V87Rz2lrQl/423EgT/5eBL6SpOed8saQ1w/pitSqL2fpXxmDDeuS2s0zQ=
last-modified: Sun, 31 Oct 2021 23:56:03 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCk5OD5lAhusMWib%2BcspKu9f2gmEIZOzxktjBkhJpyoUKRGW%2Fyyih8nDAXf2AS4Z9xJRWulnq%2BeyjNKkGYZaKZjIdcGab1z3hgPYkj5xDvq86hDuHYobMLJo1rLbcQts6nAi1c8%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: a0QtVsEthBGL.bZmpPgOndbiQY6mkobg
Content-Length: 19698
cf-ray: 6d012a56ebc3bfb1-MAN
expires: Mon, 31 Oct 2022 23:56:02 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
google.ottm.dev/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: c4jn1kfczmzbwijredkkzyyi
.google.com/	1970-01-20 04:40:18	Name: NID Value: 511=Ak6BbWBKlmmzQP50laMVA6YASsBAuEDatm-PDZ5kwv8lbxMs1UD7x_QtWWbHdu9lYx5nqGMLUqgsqQGsNocHYWUSxhTAjQ5CuaIgTe77ccAK9tRESte4wOLOJ8YPh-BTr4VE72VQBhi4NbXtyUIEC_ze6_q3cf_Nw6jf0-HLXX8
.ottm.dev/	1970-01-20 17:47:58	Name: _ga Value: GA1.2.931393417.1642606866
.ottm.dev/	1970-01-20 00:18:13	Name: _gid Value: GA1.2.1452142766.1642606866
.ottm.dev/	1970-01-20 00:16:46	Name: _gat Value: 1
.google.ottm.dev/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
widget-mediator.zopim.com/	1970-01-20 00:26:51	Name: AWSALBCORS Value: Lh9G6MDVgMIKCsZmaEZ091q1rCvxrqeq6+K3sNqHJ3h5xsTjXZHlutDnvTSpfwrM/ra396xRru9mQHNR7Q8ZQXuuIrSxcXe7/6XZAT42HUNxRwZD0CiAgBcr1JRe
.ottm.dev/	1970-01-20 09:02:22	Name: __zlcmid Value: 187kdttNVp6gXHb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
apis.google.com
connect.facebook.net
ekr.zdassets.com
google.ottm.dev
overthetopmarketing.zendesk.com
ssl.gstatic.com
static.zdassets.com
www.facebook.com
www.google-analytics.com
104.16.53.111
104.18.72.113
2a00:1450:4001:803::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
52.26.63.164
00c138f9706ecbb6e3a79f20540e36d2eae2ae519a3b0a39646d91946a28af3c
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
3aa9e6d21978185255f68a04ca44d1ea071b2c26efa39f55c2a40f84a3dddf7c
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4e133ecbb51b0e1b838032b6412a14e5ea57c737048a5cb1bbb937ffd2c9e7ea
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
5bb2cc8d80b66d5712fc86f0320242a5085a031141eb6f20ee2973a3c2135cc9
70e6d954617517f5c8d2b0f0dbf60f1b577a32d074d4e0e3666f24feb63a0cab
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
78a4e31b4d526946ad7e5f3317032843312c050e00ad68dafeadeecbf2cea078
7936f260a37fedb933ff179e31483a1de0f2c444af15d5b310e0b6b00b5c9172
835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8770d012b92c867ad0a91fd62ac05bac24fee0a8b1c42637f4f96a91220cd9fb
916b804c31a78ef8f243333bc22f228252253fee8259d97ac72dc1cd35d998dd
96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00
a884760cb96cfeee330a187b75f52dcd110681d1eee8eef7f79b1e509abb821d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
afbd87106866a83309ba4615e41aee575d89c2064baad0465b199456ae654994
b7aae2323fb47c27650057694cdb46ef707692e456bdbf529ea3054cda94945f
c9124989ddb6a4c54ac930450171639ba9526c8f7ed9d2fdc548345fb3401d67
d0837e999726a07a9c448373356cc7627a86910104b08d577c5297cf08949b25
da87fe5f0d211f53391640723a6ecb7bb6fbb53145c1f069b6d6dd5c066fae0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9acdebaf37f4e72a99b7a8c483809bde1345cfc9cac1e80d32c5ca8075d32a
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

google.ottm.dev Open in urlscan Pro 52.26.63.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

10 IPs

3 Countries

978 kBTransfer

2914 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

google.ottm.dev Open in urlscan Pro
52.26.63.164 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

978 kB
Transfer

2914 kB
Size

8
Cookies

33 HTTP transactions
0 data transactions