Submitted URL: https://timeclock.itgofsc.com/
Effective URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Submission: On September 05 via api from US — Scanned from DE

Summary

This website contacted 22 IPs in 5 countries across 14 domains to perform 55 HTTP transactions. The main IP is 52.73.142.91, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth.ontheclock.com. The Cisco Umbrella rank of the primary domain is 656796.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 21st 2023. Valid for: a year.
This is the only time auth.ontheclock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
1 11 52.73.142.91 14618 (AMAZON-AES)
2 2a04:4e42::729 54113 (FASTLY)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.172.112.55 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:401... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.219.111.148 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 23.213.161.206 20940 (AKAMAI-ASN1)
1 2.16.1.171 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2.17.100.179 20940 (AKAMAI-ASN1)
1 54.228.11.45 16509 (AMAZON-02)
1 13.35.58.27 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
1 2.17.100.162 20940 (AKAMAI-ASN1)
55 22
Apex Domain
Subdomains
Transfer
12 ontheclock.com
www.ontheclock.com — Cisco Umbrella Rank: 362881
auth.ontheclock.com — Cisco Umbrella Rank: 656796
cdn.ontheclock.com
147 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 4547
tracking.crazyegg.com — Cisco Umbrella Rank: 8138
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 9978
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 9638
81 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
135 KB
5 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5874
api.livechatinc.com — Cisco Umbrella Rank: 5307
secure.livechatinc.com — Cisco Umbrella Rank: 6900
34 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
138 KB
5 google.com
accounts.google.com — Cisco Umbrella Rank: 46
region1.analytics.google.com — Cisco Umbrella Rank: 3773
87 KB
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 19182
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
216 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 18241
in.getclicky.com — Cisco Umbrella Rank: 15088
6 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7016
browser.sentry-cdn.com — Cisco Umbrella Rank: 6607
64 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
257 B
1 amazonaws.com
prod-otc-cms-images-bucket.s3.amazonaws.com
304 KB
1 itgofsc.com
timeclock.itgofsc.com
350 B
55 14
Domain Requested by
7 www.ontheclock.com 1 redirects auth.ontheclock.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 analytics.tiktok.com auth.ontheclock.com
analytics.tiktok.com
5 use.typekit.net auth.ontheclock.com
use.typekit.net
4 accounts.google.com auth.ontheclock.com
browser.sentry-cdn.com
accounts.google.com
4 auth.ontheclock.com auth.ontheclock.com
3 api.livechatinc.com cdn.livechatinc.com
2 tracking.g2crowd.com auth.ontheclock.com
tracking.g2crowd.com
2 www.googletagmanager.com auth.ontheclock.com
www.googletagmanager.com
1 secure.livechatinc.com cdn.livechatinc.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tracking.crazyegg.com script.crazyegg.com
1 in.getclicky.com static.getclicky.com
1 www.google.de auth.ontheclock.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com browser.sentry-cdn.com
1 cdn.livechatinc.com auth.ontheclock.com
1 prod-otc-cms-images-bucket.s3.amazonaws.com auth.ontheclock.com
1 p.typekit.net use.typekit.net
1 browser.sentry-cdn.com js.sentry-cdn.com
1 static.getclicky.com auth.ontheclock.com
1 cdn.ontheclock.com auth.ontheclock.com
1 js.sentry-cdn.com auth.ontheclock.com
1 timeclock.itgofsc.com 1 redirects
55 25

This site contains links to these domains. Also see Links.

Domain
www.ontheclock.com
www.google.com
Subject Issuer Validity Valid
*.ontheclock.com
Amazon RSA 2048 M02
2023-10-21 -
2024-11-17
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2
2024-06-04 -
2025-07-06
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-27 -
2025-09-27
a year crt.sh
*.getclicky.com
E6
2024-07-26 -
2024-10-24
3 months crt.sh
accounts.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3
2024-08-02 -
2024-12-31
5 months crt.sh
g2crowd.com
WE1
2024-08-21 -
2024-11-19
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-10 -
2025-07-10
a year crt.sh
*.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google.de
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
crazyegg.com
Amazon RSA 2048 M03
2024-05-24 -
2025-06-23
a year crt.sh

This page contains 4 frames:

Primary Page: https://auth.ontheclock.com/?&AcceptsCookies=True
Frame ID: D17875BF881B2D9856C305F8F100F419
Requests: 45 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=signin_with&size=medium&logo_alignment=left&client_id=843556486448-40i9k8eub7qr9d99g2jjjarj67899e0j.apps.googleusercontent.com&iframe_id=gsi_79428_890813&as=N%2Bp1y3iGpzYKwHcYE0FTNw
Frame ID: E588F1DEF201559223DB0E943BB3A78D
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0123/4995/site/auth.ontheclock.com.json?t=1
Frame ID: EFB764FE272B3CB1E8FB7D326269E8D4
Requests: 5 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8363461&group=3&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: DE63AAE985BA7CB9443CC1CC7CB5FCFF
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://timeclock.itgofsc.com/ HTTP 301
    http://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True HTTP 307
    https://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True HTTP 301
    https://auth.ontheclock.com/?&AcceptsCookies=True Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

95 %
HTTPS

50 %
IPv6

14
Domains

25
Subdomains

22
IPs

5
Countries

1214 kB
Transfer

2931 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://timeclock.itgofsc.com/ HTTP 301
    http://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True HTTP 307
    https://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True HTTP 301
    https://auth.ontheclock.com/?&AcceptsCookies=True Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth.ontheclock.com/
Redirect Chain
  • https://timeclock.itgofsc.com/
  • http://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True
  • https://www.ontheclock.com/frmSignOn.aspx?&AcceptsCookies=True
  • https://auth.ontheclock.com/?&AcceptsCookies=True
16 KB
17 KB
Document
General
Full URL
https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b35336b18579fc411d38cd7038772e002957498519025d11ea6fc3d3e7ed612c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Sep 2024 23:47:58 GMT
server
Microsoft-IIS/10.0
x-otc-server
Prod2
x-powered-by
ASP.NET

Redirect headers

content-length
176
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 23:47:58 GMT
location
https://auth.ontheclock.com/?&AcceptsCookies=True
server
Microsoft-IIS/10.0
x-otc-server
Prod1
x-otcapp
Admin
x-powered-by
ASP.NET
dd561e39437446f0b6641a5483e68bfa.min.js
js.sentry-cdn.com/
3 KB
2 KB
Script
General
Full URL
https://js.sentry-cdn.com/dd561e39437446f0b6641a5483e68bfa.min.js
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a53e73dee6e609dd0805bb83096b37f0bf4b1abbd9a7d355cc024d2b90e3a762
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; object-src 'none'; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-ancestors 'self' *.sentry.io; img-src * blob: data:; media-src *; font-src * data:; worker-src blob:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=2b0a9d296a03cd65549a50dee671decdd8ee2d1a
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.ontheclock.com/
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
base-uri 'none'; object-src 'none'; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-ancestors 'self' *.sentry.io; img-src * blob: data:; media-src *; font-src * data:; worker-src blob:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=2b0a9d296a03cd65549a50dee671decdd8ee2d1a
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Sep 2024 23:47:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
4052
x-envoy-upstream-service-time
19
content-length
1316
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-76988648f-xskqc, cache-chi-klot8100039-CHI, cache-fra-eddf8230093-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
lyd2wbl.css
use.typekit.net/
8 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/lyd2wbl.css
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
734599bcd8c77da613f4d9ac7dc51d4376d76cb2b23eb31999195a50111f076c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 05 Sep 2024 23:47:59 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1012
bootstrap.css
www.ontheclock.com/css2018/
209 KB
27 KB
Stylesheet
General
Full URL
https://www.ontheclock.com/css2018/bootstrap.css?ver=01182023
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9156f273475ee35a285086b88fbf73454803b64245239032f95bcfbec134b9d

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 12:33:54 GMT
server
Microsoft-IIS/10.0
etag
"065d9f38dbdda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
x-otcapp
Admin
accept-ranges
bytes
content-length
26306
x-otc-server
Prod1
style.css
www.ontheclock.com/css2018/
108 KB
19 KB
Stylesheet
General
Full URL
https://www.ontheclock.com/css2018/style.css?ver=01182023
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f00299a3355ce5f77200653b0cf7b2faaa45847bf8b06feca7b1c72b476c66f5

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 12:33:54 GMT
server
Microsoft-IIS/10.0
etag
"065d9f38dbdda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
x-otcapp
Admin
accept-ranges
bytes
content-length
18508
x-otc-server
Prod1
site.min.css
auth.ontheclock.com/css/
523 B
1 KB
Stylesheet
General
Full URL
https://auth.ontheclock.com/css/site.min.css?v=PcfdTxFjmjg9HVFxrZq8A3roakf2EFYDJfGEvcfKK7I
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc411c3c0180b355f0e83e6e398909f1859fc8aa3d359740af4a26e742d863cb

Request headers

Referer
https://auth.ontheclock.com/?&AcceptsCookies=True
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
last-modified
Thu, 11 Apr 2024 00:44:46 GMT
server
Microsoft-IIS/10.0
etag
"1da8ba9733d910b"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
523
x-otc-server
Prod2
ontheclock-logo.svg
cdn.ontheclock.com/
4 KB
2 KB
Image
General
Full URL
https://cdn.ontheclock.com/ontheclock-logo.svg
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19a681b642888c63e892c6b825cb08c8b0026c41553c0a43cd020a10ecb78a3f

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 07:55:54 GMT
content-encoding
br
via
1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 01:54:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
57126
etag
W/"0a6cb806750f24d1a069497720c28d07"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HqCcdhYZlqrK1UYAWmOyhLBKiCv1e45BR39mHmFgenDoOEKZjj_Eow==
adp-login-sso-button.png
www.ontheclock.com/AppImages/
2 KB
3 KB
Image
General
Full URL
https://www.ontheclock.com/AppImages/adp-login-sso-button.png
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
efbf886badf9e84819484fe8882e75d48068ce62606e46e5808273cd89fdcc28

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
last-modified
Thu, 11 Apr 2024 00:44:48 GMT
server
Microsoft-IIS/10.0
etag
"0c06e74a98bda1:0"
x-powered-by
ASP.NET
content-type
image/png
x-otcapp
Admin
accept-ranges
bytes
content-length
2539
x-otc-server
Prod1
jquery-3.3.1.min.js
www.ontheclock.com/js2018/
85 KB
31 KB
Script
General
Full URL
https://www.ontheclock.com/js2018/jquery-3.3.1.min.js?ver=01182023
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Apr 2024 00:44:50 GMT
server
Microsoft-IIS/10.0
etag
"0ed9f75a98bda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
x-otcapp
Admin
accept-ranges
bytes
content-length
30395
x-otc-server
Prod1
popper.min.js
www.ontheclock.com/js2018/
20 KB
8 KB
Script
General
Full URL
https://www.ontheclock.com/js2018/popper.min.js?ver=01182023
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9cea997d720575f98de8285910e11f7a1a725b13fa7e26472aac0f3d6d5e6c66

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Apr 2024 00:44:50 GMT
server
Microsoft-IIS/10.0
etag
"0ed9f75a98bda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
x-otcapp
Admin
accept-ranges
bytes
content-length
7230
x-otc-server
Prod1
bootstrap.js
www.ontheclock.com/js2018/
124 KB
21 KB
Script
General
Full URL
https://www.ontheclock.com/js2018/bootstrap.js?ver=01182023
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c7cdd1daca46aaafb4616f941be7e1f30f8f91d00d59c4439b7a0792a1085b67

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Apr 2024 00:44:50 GMT
server
Microsoft-IIS/10.0
etag
"0ed9f75a98bda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
x-otcapp
Admin
accept-ranges
bytes
content-length
20761
x-otc-server
Prod1
js
static.getclicky.com/
15 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/js
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:e1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 21:26:20 GMT
server
cloudflare
age
267698
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
8bea1b87ea509142-FRA
alt-svc
h3=":443"; ma=86400
x-proxy-cache
MISS
site.js
auth.ontheclock.com/js/
387 B
1 KB
Script
General
Full URL
https://auth.ontheclock.com/js/site.js?v=dX_z-NJMM9Z7x6QRqbfOQspDZEJijPj471eTFpsmeFg
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66c9575b63d29512044fd67adb7553e1f3d10b1cd8aac3c1bb34948aecabdda9

Request headers

Referer
https://auth.ontheclock.com/?&AcceptsCookies=True
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
last-modified
Thu, 11 Apr 2024 00:44:46 GMT
server
Microsoft-IIS/10.0
etag
"1da8ba9733d9283"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
387
x-otc-server
Prod2
client
accounts.google.com/gsi/
226 KB
86 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2df5910a7070b3e49b3cb8e7769a2b700c63c5cde5136952bbd3327e7b16e8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lASOYqcBlLc04uUdupZL9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lASOYqcBlLc04uUdupZL9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 05 Sep 2024 23:47:59 GMT
bundle.replay.min.js
browser.sentry-cdn.com/7.119.0/
192 KB
62 KB
Script
General
Full URL
https://browser.sentry-cdn.com/7.119.0/bundle.replay.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/dd561e39437446f0b6641a5483e68bfa.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
066b6b7c2199396aca7db4664f49d36c6c9f23394d0479da5943d336d31ecd0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://auth.ontheclock.com/
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 14 Aug 2024 10:19:44 GMT
server
Fastly
age
1943660
etag
"06532d7d5c69c7d61883c1ce3b94a817"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
62925
expires
Thu, 14 Aug 2025 11:53:39 GMT
p.css
p.typekit.net/
5 B
174 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=lyd2wbl&ht=tk&f=137.139.169.173.174.175.176.5474.5475.25136.25137&a=12958951&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lyd2wbl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/
298 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQBWK6R
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d9fe1aedb89a1a4707d98165712193b5917a2c20a7f239bc76138bd44843905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103143
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 22:08:14 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 23:47:59 GMT
login-bg-2.jpg
prod-otc-cms-images-bucket.s3.amazonaws.com/
304 KB
304 KB
Image
General
Full URL
https://prod-otc-cms-images-bucket.s3.amazonaws.com/login-bg-2.jpg
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/css/site.min.css?v=PcfdTxFjmjg9HVFxrZq8A3roakf2EFYDJfGEvcfKK7I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.111.148 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6c4e0c8545f541bd9cf629e83557bcc12c80dd026c3aadd5ad0b71119b4675b8

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 23:48:00 GMT
Last-Modified
Thu, 12 Jan 2023 10:00:54 GMT
Server
AmazonS3
x-amz-request-id
WSCH0YDFBMXPTB8J
ETag
"fe6bf7b99b99351e3b9653da77d9845c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
310977
x-amz-id-2
C6a+f5JyfjuyR6XT7MjMzO5YtQCqcsv3GVEtWQwZPXfXJNzDUQfE/zspeHN9ZVPm1TpGx8k7B0E=
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/
34 KB
34 KB
Font
General
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lyd2wbl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer
https://use.typekit.net/lyd2wbl.css
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
server
nginx
etag
"b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34336
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/
33 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lyd2wbl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

Referer
https://use.typekit.net/lyd2wbl.css
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
server
nginx
etag
"79fea02668402fc378c129193093131a2db2577c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33576
0c99237b-a61f-436a-b9bd-35df91a19338
https://auth.ontheclock.com/ Frame
0
0

js
www.googletagmanager.com/gtag/
343 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZVBT0D0Q16&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQBWK6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb9a98210f3200f0b0a87957958353c36e320864fd0ce0fe5b9bfd5acbe5f9d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
117458
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Sep 2024 23:47:59 GMT
4995.js
script.crazyegg.com/pages/scripts/0123/
7 KB
3 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0123/4995.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQBWK6R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fe1484aa21336784b1752d5a5ed4e3c93b57790adfeff13b1804692321a69f

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15507
cf-polished
origSize=6998
ce-version
11.5.274
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 05 Sep 2024 19:29:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8bea1b888e101919-FRA
6137.js
tracking.g2crowd.com/attribution_tracking/conversions/
2 KB
2 KB
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/6137.js?p=https://auth.ontheclock.com/?&AcceptsCookies=True&e=
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19f5fefa9bf69ddd6dadc4a0bfc7685bf971e4f940eef9352db67236fd8b3aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-disposition
inline
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
cf-ray
8bea1b889e3e377c-FRA
events.js
analytics.tiktok.com/i18n/pixel/
6 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVI75RC77U5EBTL780G&lib=ttq
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-206.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d52b8c18d8808d8ab11c80a3cc04e3c96b7cbfdf1a3962dbcf55c99b2cbface

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
87f6ab43.a3b51de6
date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409052347597EDB93DF62F8AFC72F5F-235ABB72F44B520B-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
x-parent-response-time
94,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=5
content-length
2027
pragma
no-cache
server
nginx
x-tt-logid
202409052347597EDB93DF62F8AFC72F5F
x-cache-remote
TCP_MISS from a23-55-100-84.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.55.100.84
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55e21bfb0831f64e33112213d787eb525520d84daaac2c429e5804e3e7a74259b7d45fd51ab502f005ae8eae13d204b17074facb21867a42a07eadb46afae45e616a2535bf10fba1e98ffae2030724344bd20f224d8d413c14b84d4779200e15969
expires
Thu, 05 Sep 2024 23:47:59 GMT
tracking.js
cdn.livechatinc.com/
83 KB
28 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f8a2a25291408e653faab748a2adc9aadc945cda40104e6774cdf471f524b6bf

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Wuwj.29tKcyI_FRQNSm3boJgRkAdmwrL
content-encoding
br
date
Thu, 05 Sep 2024 23:47:59 GMT
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
cross-origin-resource-policy
cross-origin
content-length
28541
last-modified
Thu, 05 Sep 2024 13:02:10 GMT
server
AmazonS3
etag
W/"9d8b4a4c3f073e8a8e929b956eebdc78"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
PeSSjENgUFQdrbqouhyhuwpBtxZsEGWSimfjKrOCt75fmGkjmlZ2vA==
expires
Fri, 06 Sep 2024 07:47:59 GMT
log
accounts.google.com/gsi/
0
23 B
XHR
General
Full URL
https://accounts.google.com/gsi/log?client_id=undefined&as=undefined&event=id.init.relativeLoginUri.%2Fgoogle-login-callback
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.replay.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Zal1o8Oymxt06LncIDTvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Zal1o8Oymxt06LncIDTvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://auth.ontheclock.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/
533 B
586 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KnmyWLb1jz0KWt66m-OTng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-KnmyWLb1jz0KWt66m-OTng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 05 Sep 2024 23:47:59 GMT
button
accounts.google.com/gsi/ Frame E588
0
0
Document
General
Full URL
https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=signin_with&size=medium&logo_alignment=left&client_id=843556486448-40i9k8eub7qr9d99g2jjjarj67899e0j.apps.googleusercontent.com&iframe_id=gsi_79428_890813&as=N%2Bp1y3iGpzYKwHcYE0FTNw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-o0ofMzUWcCn10RK1fOrpiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-o0ofMzUWcCn10RK1fOrpiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Thu, 05 Sep 2024 23:47:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
257 B
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVBT0D0Q16&gtm=45je4940v893045684z8832779006za200zb832779006&_p=1725580079248&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=628275164.1725580079&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725580079&sct=1&seg=0&dl=https%3A%2F%2Fauth.ontheclock.com%2F%3F%26AcceptsCookies%3DTrue&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1089
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.replay.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 23:47:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.ontheclock.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
257 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZVBT0D0Q16&cid=628275164.1725580079&gtm=45je4940v893045684z8832779006za200zb832779006&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVBT0D0Q16&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 23:47:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.ontheclock.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZVBT0D0Q16&cid=628275164.1725580079&gtm=45je4940v893045684z8832779006za200zb832779006&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=872792259
Requested by
Host: auth.ontheclock.com
URL: https://auth.ontheclock.com/?&AcceptsCookies=True
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 23:47:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auth.ontheclock.com.json
script.crazyegg.com/pages/data-scripts/0123/4995/site/ Frame EFB7
6 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0123/4995/site/auth.ontheclock.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/4995.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fecd5d6e812c85d65eda8fc1d6c6ed6e303c4f2402706dbfd743d4ab0f7559

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15556
ce-version
11.5.274
alt-svc
h3=":443"; ma=86400
content-length
2203
last-modified
Thu, 05 Sep 2024 19:28:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bea1b890ee45d6f-FRA
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/
359 B
581 B
Script
General
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=8363461&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fauth.ontheclock.com%2F%3F%26AcceptsCookies%3DTrue&channel_type=code&implementation_type=potentially_gtm&jsonp=__oxpnbs1gwbn
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5cc0eca26afc94d9c94964c028806d0fec7b34d8d59f92236483d00cfed36c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://auth.ontheclock.com/;
X-Frame-Options allow-from https://auth.ontheclock.com/

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://auth.ontheclock.com/;
date
Thu, 05 Sep 2024 23:48:00 GMT
cross-origin-resource-policy
cross-origin
content-length
359
vary
Accept-Encoding
x-frame-options
allow-from https://auth.ontheclock.com/
content-type
application/javascript; charset=UTF-8
5e721483a6b8d23c33da1af34e751f01.js
script.crazyegg.com/pages/versioned/common-scripts/
103 KB
35 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/5e721483a6b8d23c33da1af34e751f01.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/4995.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52163d0f5da50fcfaeff240157a410384cb9dffa7697855446a46802c9b74714

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 30 Aug 2024 10:45:11 GMT
server
cloudflare
age
15756
cf-polished
origSize=105124
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8bea1b893e771919-FRA
alt-svc
h3=":443"; ma=86400
main.MTZlYmMyNjliMQ.js
analytics.tiktok.com/i18n/pixel/static/
339 KB
95 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVI75RC77U5EBTL780G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-206.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95e25130fdfe5aa05ae385ef9f12ed6b8105a4f0aab709c5f06fc6ca796006b1

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
a3b51f83
date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022528FF507622C8F63787CAAD
x-tt-trace-id
00-240830022528FF507622C8F63787CAAD-071FA73D47900408-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053dd489de9cc74b12ad4fa1783e4cce35b70d18ec4dee80dc1c8d1a77dc5070597bf6544a12353713e30451d44366f494e4f55ca8bc8c038bdf81b79a7364c020d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
96251
in.php
in.getclicky.com/
161 B
367 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=100985629&href=%2F%3F%26AcceptsCookies%3DTrue&title=&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=4lliux
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:e1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5edb04c38056f8a586edbc3a2721a5bbec9f3c7cfa1a7d242ae8422377fd2ced

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-ray
8bea1b898b4e9142-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
auth.ontheclock.com.json
script.crazyegg.com/pages/data-scripts/0123/4995/sampling/ Frame EFB7
164 B
362 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0123/4995/sampling/auth.ontheclock.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5e721483a6b8d23c33da1af34e751f01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1b379e5e6d0dd3029570789b55cdfda73d37e87c9531f74824f5e2292e6693

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
257
ce-version
11.5.274
alt-svc
h3=":443"; ma=86400
content-length
148
last-modified
Thu, 05 Sep 2024 23:43:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bea1b898f185d6f-FRA
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-206.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
a3b52062
date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024083002252950025D613AEAED5E2E70
x-tt-trace-id
00-24083002252950025D613AEAED5E2E70-5FCAA6CF46C69E27-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053ed8bacb2facd45510bd70fd5888da7ef0bb467635bf5910beb0397f1ea6f235de9eceeaeab5dc847218a3c21479232eaedc14dee6e452a6b12499eec72aa4719
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
39330
pixel
analytics.tiktok.com/api/v2/
0
846 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-206.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
87f6b2aa.a3b5207d
date
Thu, 05 Sep 2024 23:47:59 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240905234759B951A32B287B7FC02A57-0B995BF28C368C14-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
x-parent-response-time
144,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=47, inner; dur=43
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240905234759B951A32B287B7FC02A57
x-cache-remote
TCP_MISS from a23-55-100-84.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
47,23.55.100.84
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55e21bfb0831f64e33112213d787eb525520d84daaac2c429e5804e3e7a74259b7de32a29d2a63d7706e30a23032a5173331176a2a3219c8013041a180c17f0830eaf6f0af4b3e21de8f177137e2bff2fd48a0f1ad55a0b3c2dbec2458ef397f7bc
access-control-allow-headers
Authorization,*
expires
Thu, 05 Sep 2024 23:47:59 GMT
clock
tracking.crazyegg.com/ Frame EFB7
39 B
147 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1&tk=f34ed5a4ce70005a389104c31a9cb545&u=1234995&s=443536&p=%2F&v=69bb9d05ed7f243c3dd6ae2eff528f88ca7e5746&f=auth.ontheclock.com&ul=https%3A%2F%2Fauth.ontheclock.com%2F%3F%26AcceptsCookies%3DTrue
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5e721483a6b8d23c33da1af34e751f01.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.11.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-11-45.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
552b509888cc865887943f6ea933fca1620fbe4240745946b81fd814fc601b5b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Sep 2024 23:47:59 GMT
cache-control
no-store
server
awselb/2.0
content-length
39
content-type
text/plain
healthcheck
pagestates-tracking.crazyegg.com/ Frame EFB7
19 B
463 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5e721483a6b8d23c33da1af34e751f01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 133ff3be92540995db4a7234eada8b80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
30405872
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
6zGH2kVfbq7IJx2Oawej5HjyMOP38TVB1Y88tpHJfKMpEqPqlIF6sA==
healthcheck
assets-tracking.crazyegg.com/ Frame EFB7
19 B
462 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5e721483a6b8d23c33da1af34e751f01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
22544671
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
OlM_nPKdUelTbu9xPiByJsZ8k5T_RjcVhqgqo8lbQEYqJ60nJjjn4A==
dd09361e-bd49-4931-ad63-f5efcadea3ef
https://auth.ontheclock.com/ Frame
0
0

8e75b4e8-c2b2-4060-b90e-a7ca2ba4417e
https://auth.ontheclock.com/ Frame
0
0

ca6be1649b2c6bd5aa79ebaa229fa676.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/
20 KB
8 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ca6be1649b2c6bd5aa79ebaa229fa676.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/4995.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 05 Sep 2024 19:15:23 GMT
server
cloudflare
age
15758
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8bea1b8a9f4f1919-FRA
alt-svc
h3=":443"; ma=86400
8e79add6aeaf90cd1340abda9eaa1260.js
script.crazyegg.com/pages/versioned/tracking-scripts/
95 KB
31 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/8e79add6aeaf90cd1340abda9eaa1260.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0123/4995.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab83eaa448857805d4c8a3f575c9bc49e941398d1a9d6519cc173327f28f1ba

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:47:59 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 29 Aug 2024 22:59:59 GMT
server
cloudflare
age
15756
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8bea1b8abf6d1919-FRA
alt-svc
h3=":443"; ma=86400
act
analytics.tiktok.com/api/v2/pixel/
0
867 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-206.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
12bc58fb.a3b523c6
date
Thu, 05 Sep 2024 23:47:59 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409052347594BF5C55B654BE0BA9EE2-2C42FD739FE04DF2-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
x-parent-response-time
108,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=21, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202409052347594BF5C55B654BE0BA9EE2
x-cache-remote
TCP_MISS from a104-78-78-116.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,104.78.78.116
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55e9746905c81be98a0fd2b04c12edfd12b5cd040a111a91f2d5890e6c240be6699b17d3c7d33b72c4b3c57ab8db44a3f7edcf529dea7de317513dd55f23f3b3842b19e3e428b5310de1c254e789a286168bdcb495052607acf7dbc2d8122d9b420
access-control-allow-headers
Authorization,*
expires
Thu, 05 Sep 2024 23:47:59 GMT
get_configuration
api.livechatinc.com/v3.4/customer/action/
4 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=45835960-86d0-4bae-9fe2-0d435f87c6e7&version=3343.0.10.1533.6.31.42.16.5.17.5.14.1&group_id=3&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29594cbd63f438b7fb31fc2f4ebd1bf0163be6e08f068bfb0201e4de0f99463e

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
deprecation
2024-11-30
cache-control
public, max-age=600
cross-origin-resource-policy
cross-origin
content-length
1415
expires
Thu, 05 Sep 2024 23:58:00 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame DE63
0
0
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=8363461&group=3&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://auth.ontheclock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
742
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Sep 2024 23:48:00 GMT
Vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
get_localization
api.livechatinc.com/v3.4/customer/action/
11 KB
4 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=45835960-86d0-4bae-9fe2-0d435f87c6e7&version=470b74842e9d45ce9f156d1d5a957bad&language=en&group_id=3&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b5f85dfe715ad05b49501aa63c5294f69c822ec0441152bbcdca9bd2abbe298

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
deprecation
2024-11-30
cache-control
public, max-age=600
cross-origin-resource-policy
cross-origin
content-length
3957
expires
Thu, 05 Sep 2024 23:58:00 GMT
assign
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Ping
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/6137.js?p=https://auth.ontheclock.com/?&AcceptsCookies=True&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://auth.ontheclock.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPmV1rN1xkfSERMHj

Response headers

l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/
34 KB
34 KB
Font
General
Full URL
https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lyd2wbl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158

Request headers

Referer
https://use.typekit.net/lyd2wbl.css
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
server
nginx
etag
"d9c559430b0162ff50e16cf6dad5514fa963f9ff"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35100
l
use.typekit.net/af/6e816b/00000000000000003b9b3064/27/
33 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/6e816b/00000000000000003b9b3064/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lyd2wbl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f8d3c0b0f92db9629b4d13d41f1aa4c858cd12c4ccffd4b8d587dc72abd4a5b

Request headers

Referer
https://use.typekit.net/lyd2wbl.css
Origin
https://auth.ontheclock.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
server
nginx
etag
"8ae17cf0eecce59afa191d331a008a4661e1553d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33428
favicon.ico
auth.ontheclock.com/
15 KB
16 KB
Other
General
Full URL
https://auth.ontheclock.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.142.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-142-91.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b5b10bbc190fec2bd510644e11e46aadf3212570c00b43fb9e2435ae1de918f7

Request headers

Referer
https://auth.ontheclock.com/?&AcceptsCookies=True
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 23:48:00 GMT
last-modified
Thu, 11 Apr 2024 00:44:46 GMT
server
Microsoft-IIS/10.0
etag
"1da8ba9733da9ee"
x-powered-by
ASP.NET
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
x-otc-server
Prod2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.ontheclock.com
URL
blob:https://auth.ontheclock.com/0c99237b-a61f-436a-b9bd-35df91a19338
Domain
auth.ontheclock.com
URL
blob:https://auth.ontheclock.com/dd09361e-bd49-4931-ad63-f5efcadea3ef
Domain
auth.ontheclock.com
URL
blob:https://auth.ontheclock.com/8e75b4e8-c2b2-4060-b90e-a7ca2ba4417e

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| Sentry object| dataLayer function| $ function| jQuery function| Popper string| SENTRY_SDK_SOURCE object| __SENTRY__ object| __sentry_instrumentation_handlers__ object| bootstrap object| clicky_obj object| clicky object| clicky_custom object| clicky_site_ids object| _cgen object| _cgen_custom function| setVisible function| pleaseWait function| setError function| setSuccess function| setMode function| onSubmit function| onExitKiosk object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq object| __lc object| LiveChatWidget object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_85605 function| onYouTubeIframeAPIReady object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL boolean| __lc_inited object| LC_API string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| _heatmaps_g2g_100985629

26 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: fcab3858-7eb0-4dec-86aa-6410160d4cca
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: a839dab0e37786052c1bcdc0f10af2bf02a2a30eacf60bafc58c7af429ca351eaab0436e98e6ff16fab77bc154c7b4a966e37870dfae59a10a475a26d222
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: fcab3858-7eb0-4dec-86aa-6410160d4cca
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: a839dab0e37786052c1bcdc0f10af2bf02a2a30eacf60bafc58c7af429ca351eaab0436e98e6ff16fab77bc154c7b4a966e37870dfae59a10a475a26d222
www.ontheclock.com/ Name: AWSALBTG
Value: L7KjcXQ8Mx1DlwWn1KIFj3Bs3fxOnhWr6c4sLBGvsb5MSYvRSFf4SOEirz08O8AQfRLPPxnzxWDiwtlsjH0iMwkXbdhXtoTjlPb3+y+q1JThggAJcasQquxOgEv4yxajU3wuUHUVOgCQ7CtNIT7M+udkRNiTvKxaln/23P3wdNH0EBqgjU0=
www.ontheclock.com/ Name: AWSALBTGCORS
Value: L7KjcXQ8Mx1DlwWn1KIFj3Bs3fxOnhWr6c4sLBGvsb5MSYvRSFf4SOEirz08O8AQfRLPPxnzxWDiwtlsjH0iMwkXbdhXtoTjlPb3+y+q1JThggAJcasQquxOgEv4yxajU3wuUHUVOgCQ7CtNIT7M+udkRNiTvKxaln/23P3wdNH0EBqgjU0=
www.ontheclock.com/ Name: AWSALB
Value: EwzlcTrkcGCpXEP2x2TpGNQyPoxqZ7hNL39CIUWUSsU5Fajgvaj/fVMLD6cfNLgj96ahGUcWsgAdF67uaeSNbFaJtWa6R5XXhaY0xoHvcKHZcN5tXXM1Nazn7xHV
www.ontheclock.com/ Name: AWSALBCORS
Value: EwzlcTrkcGCpXEP2x2TpGNQyPoxqZ7hNL39CIUWUSsU5Fajgvaj/fVMLD6cfNLgj96ahGUcWsgAdF67uaeSNbFaJtWa6R5XXhaY0xoHvcKHZcN5tXXM1Nazn7xHV
.ontheclock.com/ Name: _gcl_au
Value: 1.1.315120567.1725580079
.ontheclock.com/ Name: _ga
Value: GA1.1.628275164.1725580079
.tiktok.com/ Name: _ttp
Value: 2lfnciHF1AjQ6I8TS8mgaHSFq7Y
.ontheclock.com/ Name: _tt_enable_cookie
Value: 1
.ontheclock.com/ Name: _ttp
Value: tDMN3KDLSncZJBlFiiu2NtQ_LEn
.ontheclock.com/ Name: _ce.irv
Value: new
.ontheclock.com/ Name: cebs
Value: 1
.ontheclock.com/ Name: _ce.clock_event
Value: 1
.ontheclock.com/ Name: _ce.clock_data
Value: 25%2C45.141.152.74%2C1%2C9d1d68e5c1dc3c213377efe8cbc2564a%2CChrome%2CDE
.ontheclock.com/ Name: cebsp_
Value: 1
.ontheclock.com/ Name: _ce.s
Value: v~69bb9d05ed7f243c3dd6ae2eff528f88ca7e5746~lcw~1725580079767~lva~1725580079644~vpv~0~v11.fhb~1725580079766~v11.lhb~1725580079766~v11.cs~443536~v11.s~485d4360-6be1-11ef-88ce-994891b2fc64~lcw~1725580079767
.g2crowd.com/ Name: __cf_bm
Value: 4BNALQAFdTjLfYu6YW9ZaOpbjqOkOcj3N5T9VcFDIQs-1725580080-1.0.1.1-Fr8Tcpe3.TNLRtQ3LKLDyW__9p32tkCk.rVLTes101FOmRi5DDWojpgSdBTspBeYgkU56QAT_LcZT951SDBxtQ
.ontheclock.com/ Name: _ga_ZVBT0D0Q16
Value: GS1.1.1725580079.1.0.1725580080.59.0.0
auth.ontheclock.com/ Name: AWSALBTG
Value: YzjYLrAJYHU290Ki3aP+ddMelvNBXpmCw3hMuTxQWmZq/WZ66ANH6y1Ckd/+QWQa44Ob84kHjr09x9xFLQ0153UNfNhsfcjWdtpXjoSaexOS7mkuGelV3o6pQ8tzKHt4o7T12pt50VdeVxUcFnfbUzXHvz5CmBF2/RmrCaPzQ+DgAdOtSXE=
auth.ontheclock.com/ Name: AWSALBTGCORS
Value: YzjYLrAJYHU290Ki3aP+ddMelvNBXpmCw3hMuTxQWmZq/WZ66ANH6y1Ckd/+QWQa44Ob84kHjr09x9xFLQ0153UNfNhsfcjWdtpXjoSaexOS7mkuGelV3o6pQ8tzKHt4o7T12pt50VdeVxUcFnfbUzXHvz5CmBF2/RmrCaPzQ+DgAdOtSXE=
auth.ontheclock.com/ Name: AWSALB
Value: w++d9rR+WvezxP5LpSmBX3flMVGMAxwAio5rPzCqtZEMhouQngtkHkrtI3Fr9Xke2kQpB3f2CrtLQCFbk3Ekv/+a03NbPSlDCKi961WadSZy6elstIuP09Z86Hl1
auth.ontheclock.com/ Name: AWSALBCORS
Value: w++d9rR+WvezxP5LpSmBX3flMVGMAxwAio5rPzCqtZEMhouQngtkHkrtI3Fr9Xke2kQpB3f2CrtLQCFbk3Ekv/+a03NbPSlDCKi961WadSZy6elstIuP09Z86Hl1
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1725580110&tag=6c23e78a770cb72c136bd333d4c5c46574ca062f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.tiktok.com
api.livechatinc.com
assets-tracking.crazyegg.com
auth.ontheclock.com
browser.sentry-cdn.com
cdn.livechatinc.com
cdn.ontheclock.com
in.getclicky.com
js.sentry-cdn.com
p.typekit.net
pagestates-tracking.crazyegg.com
prod-otc-cms-images-bucket.s3.amazonaws.com
region1.analytics.google.com
script.crazyegg.com
secure.livechatinc.com
static.getclicky.com
stats.g.doubleclick.net
timeclock.itgofsc.com
tracking.crazyegg.com
tracking.g2crowd.com
use.typekit.net
www.google.de
www.googletagmanager.com
www.ontheclock.com
auth.ontheclock.com
13.35.58.27
18.172.112.55
18.66.122.74
2.16.1.171
2.17.100.162
2.17.100.179
2001:4860:4802:32::36
23.213.161.206
2606:4700::6810:e1f0
2606:4700::6812:1fb0
2606:4700::6813:9408
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2003
2a00:1450:400c:c0b::9a
2a00:1450:4013:c06::54
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a04:4e42::729
3.33.251.168
52.219.111.148
52.73.142.91
54.228.11.45
066b6b7c2199396aca7db4664f49d36c6c9f23394d0479da5943d336d31ecd0e
0b5f85dfe715ad05b49501aa63c5294f69c822ec0441152bbcdca9bd2abbe298
19a681b642888c63e892c6b825cb08c8b0026c41553c0a43cd020a10ecb78a3f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
29594cbd63f438b7fb31fc2f4ebd1bf0163be6e08f068bfb0201e4de0f99463e
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
3f8d3c0b0f92db9629b4d13d41f1aa4c858cd12c4ccffd4b8d587dc72abd4a5b
4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158
52163d0f5da50fcfaeff240157a410384cb9dffa7697855446a46802c9b74714
552b509888cc865887943f6ea933fca1620fbe4240745946b81fd814fc601b5b
5edb04c38056f8a586edbc3a2721a5bbec9f3c7cfa1a7d242ae8422377fd2ced
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
66c9575b63d29512044fd67adb7553e1f3d10b1cd8aac3c1bb34948aecabdda9
6c4e0c8545f541bd9cf629e83557bcc12c80dd026c3aadd5ad0b71119b4675b8
6d52b8c18d8808d8ab11c80a3cc04e3c96b7cbfdf1a3962dbcf55c99b2cbface
6e1b379e5e6d0dd3029570789b55cdfda73d37e87c9531f74824f5e2292e6693
6f2df5910a7070b3e49b3cb8e7769a2b700c63c5cde5136952bbd3327e7b16e8
734599bcd8c77da613f4d9ac7dc51d4376d76cb2b23eb31999195a50111f076c
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83fecd5d6e812c85d65eda8fc1d6c6ed6e303c4f2402706dbfd743d4ab0f7559
95e25130fdfe5aa05ae385ef9f12ed6b8105a4f0aab709c5f06fc6ca796006b1
9cea997d720575f98de8285910e11f7a1a725b13fa7e26472aac0f3d6d5e6c66
9d9fe1aedb89a1a4707d98165712193b5917a2c20a7f239bc76138bd44843905
a53e73dee6e609dd0805bb83096b37f0bf4b1abbd9a7d355cc024d2b90e3a762
b0fe1484aa21336784b1752d5a5ed4e3c93b57790adfeff13b1804692321a69f
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
b35336b18579fc411d38cd7038772e002957498519025d11ea6fc3d3e7ed612c
b5b10bbc190fec2bd510644e11e46aadf3212570c00b43fb9e2435ae1de918f7
c5cc0eca26afc94d9c94964c028806d0fec7b34d8d59f92236483d00cfed36c4
c7cdd1daca46aaafb4616f941be7e1f30f8f91d00d59c4439b7a0792a1085b67
cb9a98210f3200f0b0a87957958353c36e320864fd0ce0fe5b9bfd5acbe5f9d5
d19f5fefa9bf69ddd6dadc4a0bfc7685bf971e4f940eef9352db67236fd8b3aa
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
dc411c3c0180b355f0e83e6e398909f1859fc8aa3d359740af4a26e742d863cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9156f273475ee35a285086b88fbf73454803b64245239032f95bcfbec134b9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf886badf9e84819484fe8882e75d48068ce62606e46e5808273cd89fdcc28
f00299a3355ce5f77200653b0cf7b2faaa45847bf8b06feca7b1c72b476c66f5
f8a2a25291408e653faab748a2adc9aadc945cda40104e6774cdf471f524b6bf
fab83eaa448857805d4c8a3f575c9bc49e941398d1a9d6519cc173327f28f1ba