urlscan.io logo urlscan.io
SecurityTrails logo

ortto.app Open in urlscan Pro
18.64.119.23  Public Scan

Go To Rescan Add Verdict Report
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Submission: On December 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 18.64.119.23, located in United States and belongs to AMAZON-02, US. The main domain is ortto.app. The Cisco Umbrella rank of the primary domain is 236372.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 6th 2023. Valid for: a year.
This is the only time ortto.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.64.119.23 16509 (AMAZON-02)
10 18.66.2.92 16509 (AMAZON-02)
3 3.136.207.21 16509 (AMAZON-02)
2 3.139.119.132 16509 (AMAZON-02)
1 18.66.2.40 16509 (AMAZON-02)
1 3.138.217.156 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
19 7
1    18.64.119.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-23.txl50.r.cloudfront.net
ortto.app
10    18.66.2.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-92.txl50.r.cloudfront.net
s.ortto-prod.com
3    3.136.207.21 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-207-21.us-east-2.compute.amazonaws.com
t.ortto.com
2    3.139.119.132 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-119-132.us-east-2.compute.amazonaws.com
assets-api-us.ortto.app
1    18.66.2.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-40.txl50.r.cloudfront.net
m.autopilotapp.com
1    3.138.217.156 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-217-156.us-east-2.compute.amazonaws.com
accounts-api-us.ortto.app
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
10 ortto-prod.com
s.ortto-prod.com
905 KB
4 ortto.app
ortto.app — Cisco Umbrella Rank: 236372
assets-api-us.ortto.app
accounts-api-us.ortto.app — Cisco Umbrella Rank: 379340
14 KB
3 ortto.com
t.ortto.com
49 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 autopilotapp.com
m.autopilotapp.com — Cisco Umbrella Rank: 432980
15 KB
19 5
Domain Requested by
10 s.ortto-prod.com ortto.app
s.ortto-prod.com
3 t.ortto.com ortto.app
t.ortto.com
2 assets-api-us.ortto.app s.ortto-prod.com
1 fonts.googleapis.com s.ortto-prod.com
1 accounts-api-us.ortto.app s.ortto-prod.com
1 m.autopilotapp.com
1 ortto.app
19 7

This site contains links to these domains. Also see Links.

Domain
ortto.com
Subject Issuer Validity Valid
ortto.app
Amazon RSA 2048 M03		 2023-11-06 -
2024-12-05		 a year crt.sh
static.ap3prod.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-13		 a year crt.sh
t.ortto.com
ZeroSSL RSA Domain Secure Site CA		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.ortto.app
Amazon RSA 2048 M02		 2023-02-22 -
2024-03-23		 a year crt.sh
m.autopilotapp.com
Amazon RSA 2048 M02		 2023-09-08 -
2024-10-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Frame ID: 784727DD6E35D46082458E8A0CB35AE8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E-Mail-Einstellungen - Pattern}

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

100 %
HTTPS

14 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

985 kB
Transfer

3880 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request preferences
ortto.app/-/m/s/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-23.txl50.r.cloudfront.net
Software
/
Resource Hash
e628cf00a161d5a6bfba1a10d17edd3ad084c3b39f1231bce67c74c3d0d8c4b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
allow
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-length
11449
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 23:03:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 5ea5681c91ed88c9c3af7fc72fa26702.cloudfront.net (CloudFront)
x-amz-apigw-id
QNolOG4iiYcEjfA=
x-amz-cf-id
50G1R8bJjBg65Q2u54ITqLaUPVoaB2X_1rXWlyBOnH4jjkY3WuQuMA==
x-amz-cf-pop
TXL50-P4
x-amzn-requestid
339d4fc6-ee02-4a30-8055-def2d299e81c
x-amzn-trace-id
Root=1-65822154-1f932ffa5c7de1202fc10127;Sampled=0;lineage=f333015f:0
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
ortto-logo.png
s.ortto-prod.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ortto-prod.com/ortto-logo.png
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80e68d435c07603c5004da5ea3242c2539e88a986c7fbd32e2642b50914226e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:53:25 GMT
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 31 Mar 2022 04:05:35 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
61824
etag
"e8f279c365de5702f8f9f611cbe1741c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1777
x-amz-cf-id
ojvwZU-7z2bmUsIm4bTiMqNiL1ixn0YdGUQtNIfA2JgGyWNqZimtqA==
error.png
s.ortto-prod.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ortto-prod.com/error.png
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
864a13692ca61640528fb7e71773f3e4beea7e6112fee133e707f68ce227213b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:03:54 GMT
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 31 Mar 2022 04:05:34 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
46795
etag
"0e5e187c3222ac03ac4649f63bb95568"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1032
x-amz-cf-id
mPf_qxbng4r_DwnIgZynsG5BdLzRVr5rLlorXTQ9Am2VtR9i__Abdw==
polyfill.bundle.js
s.ortto-prod.com/messages/master/v2045/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/polyfill.bundle.js
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f924cd36d367078cbd609e7393d83a7a3cf447725b6552729c2add8bfd7697e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 04:22:06 GMT
content-encoding
gzip
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Dec 2023 01:37:45 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
67303
etag
W/"c34059ddbcc00a81514e392f97f76f1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7776000
x-amz-cf-id
erUTXE6Tjn2zsG2hvW2O9Y_9vipw-NX5vh5_KVfUQkFg1_W5lEWpag==
vendor.bundle.js
s.ortto-prod.com/messages/master/v2045/dist/ 		1 MB
364 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/vendor.bundle.js
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12fd80b65530bfed61c4732fcdfeac490477071ed2d9ed1f9561d1345281cf7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:39:17 GMT
content-encoding
gzip
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Dec 2023 01:37:45 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
77072
etag
W/"54f474fbc59abdda0df4be67c69b7e91"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7776000
x-amz-cf-id
34hoVGXQmBgpM11PItcb9FhDUE2XnNdsp5YnO7_4Gs-x6KmJb2lvxg==
autopilot.bundle.js
s.ortto-prod.com/messages/master/v2045/dist/ 		2 MB
439 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/autopilot.bundle.js
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77635276bd385b76c5c3d8b634cd4c4f187bd7995c10071ad92588787731a85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:39:17 GMT
content-encoding
gzip
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Dec 2023 01:37:44 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
77072
etag
W/"65a8d3a8c0a19473831d629a9a4f152b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7776000
x-amz-cf-id
U8eyrZLL_IAYmY71p-l9-5ZzgfrYbjdsLVkQLz4XOTgLtghVNXDm3A==
app.js
t.ortto.com/ 		119 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ortto.com/app.js
Requested by
Host: ortto.app
URL: https://ortto.app/-/m/s/preferences?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.136.207.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-207-21.us-east-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
a89822922a8bc80ae9369ce513536a592ae4c2490d174c97556eb611c81093fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 04:22:43 GMT
content-encoding
gzip
via
1.1 f81ddd3d706425245c1c9b0c3055c8b2.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
last-modified
Tue, 19 Dec 2023 04:22:33 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P2
age
67266
etag
W/"f54841d353f0472ad9298ac4460dc351"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-id
N3d985CZn9JzdTBimVjCSL584jRzJWBSy9uXW3j2Qd3MzW4VtMEwuw==
messages-preference-center-view.bundle.js
s.ortto-prod.com/messages/master/v2045/dist/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/messages-preference-center-view.bundle.js
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/polyfill.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e88bfed0b3976a7ae2df8e3221e347e3c983144385b598b2152281c2ced3292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:44:44 GMT
content-encoding
gzip
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Dec 2023 01:37:44 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
76746
etag
W/"2963cc40635e7b5e44cfa7561d8830fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7776000
x-amz-cf-id
8ZZbcFPfvQ_8p5aqwDviSyxGpXYJhoo6CS9lgs7c1Jia8rhXNIF9pg==
get
assets-api-us.ortto.app/-/m/s/brandbook/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets-api-us.ortto.app/-/m/s/brandbook/get?r=0.2953027325887263
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/autopilot.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.119.132 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-119-132.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0242b24ff6b53e331b563ca9b2bc6a29baa31d5a8f2ae73ffc07c3954b8cdf47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ortto.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-version
master-2312140309-6050-dd55700
date
Tue, 19 Dec 2023 23:03:49 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
allow
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ortto.app
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
*, Authorization
content-length
729
151.bundle.js
s.ortto-prod.com/messages/master/v2045/dist/ 		586 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/151.bundle.js
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/polyfill.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
491b7b62edb5cc24a5b27f97aeab7ff186e508783a98c40d91ce9d777b20209c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 03:28:42 GMT
via
1.1 a7a57ed5dae93341c1cc3784ae7d9628.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Dec 2023 01:37:42 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
70508
etag
"7ca8c007ef14021911f2f3bfb7515f5d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
content-length
586
x-amz-cf-id
bJtuJ-5l1XiKWl3uXAutxasV8VM49GaxILCmkG9kr0cNEBnKXfmlfQ==
get
assets-api-us.ortto.app/-/m/s/subscriptions/ 		376 B
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets-api-us.ortto.app/-/m/s/subscriptions/get?r=0.43635288230314284
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/autopilot.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.119.132 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-119-132.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
51e0d2ad138eb89cf3fcdedfd3f2517a8d624bee541bd1f296fe0d1b976275c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ortto.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-version
master-2312140309-6050-dd55700
date
Tue, 19 Dec 2023 23:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
allow
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ortto.app
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
*, Authorization
content-length
376
page-event
t.ortto.com/-/events/ 		68 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ortto.com/-/events/page-event
Requested by
Host: t.ortto.com
URL: https://t.ortto.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.136.207.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-207-21.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
04ab216cc8471647597bab7b88d2300675d46aff16df0ba6b86fd28c96d1438f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ortto.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:03:49 GMT
strict-transport-security
max-age=63072000
x-version
master-2312142308-4782-44713ef
allow
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ortto.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Accept-Encoding
content-length
68
expires
0
l_c4d40e5c-c80f-45c8-bc07-68ca1b524118.png
m.autopilotapp.com/patternmain/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.autopilotapp.com/patternmain/logo/l_c4d40e5c-c80f-45c8-bc07-68ca1b524118.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-40.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de85fd37344201d30ed18d37237d9a458733bbbcf927a870131e0278c15f446e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 23:03:49 GMT
via
1.1 8ba5a7db0f86d152bf852f67ddf89e84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
TXL50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14995
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 08 Sep 2023 14:34:27 GMT
server
AmazonS3
etag
"278b98bf1e7f2c442e24c9ed1ade1629"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
tStG9bE0PVZuo86uyfi6e6sA3rf7KSYWWIQNGjxgKWf1Wle8Ex0ZiQ==
NeueHaasGrotDispRound-75Bold-Web.9a84cd4999fde9815ee48c1470e8fb54.woff2
s.ortto-prod.com/messages/master/v2045/dist/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/NeueHaasGrotDispRound-75Bold-Web.9a84cd4999fde9815ee48c1470e8fb54.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79f6d41e7c918283c8709b2d8b21274b79847ed06dd94247f8397d8c686626dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ortto.app/
Origin
https://ortto.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:39:22 GMT
via
1.1 cc4ec7b00e99f66f65c59b638212180e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
TXL50-P1
age
77068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29469
last-modified
Tue, 19 Dec 2023 01:37:43 GMT
server
AmazonS3
etag
"9a84cd4999fde9815ee48c1470e8fb54"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
hiPxLRN3KL9gv84z8U2QN53ddwMGdp7sovdNWhzQju0BT_crXa0rCw==
NeueHaasGrotTextRound-55Roman-Web.cd2e66fdee191ad57ad1f40b6c151abb.woff2
s.ortto-prod.com/messages/master/v2045/dist/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/NeueHaasGrotTextRound-55Roman-Web.cd2e66fdee191ad57ad1f40b6c151abb.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07c337004472ae74e4743ff98f946094fbc00f2b16d4ff8991272dd6e2093656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ortto.app/
Origin
https://ortto.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:39:22 GMT
via
1.1 cc4ec7b00e99f66f65c59b638212180e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
TXL50-P1
age
77068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30181
last-modified
Tue, 19 Dec 2023 01:37:43 GMT
server
AmazonS3
etag
"cd2e66fdee191ad57ad1f40b6c151abb"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Ps43pjypBwcF3Mm4B1-dPmzjwaWd27MYyr0lIKuwoJJ9KbSC1FB-Yw==
NeueHaasGrotTextRound-75Bold-Web.95b4c95f18f032429e5952e0c9fad413.woff2
s.ortto-prod.com/messages/master/v2045/dist/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ortto-prod.com/messages/master/v2045/dist/NeueHaasGrotTextRound-75Bold-Web.95b4c95f18f032429e5952e0c9fad413.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-92.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b14e8e4b51709ab29381c9361d5b70dad4e54f86b044e07010c049b2bf986f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ortto.app/
Origin
https://ortto.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:39:22 GMT
via
1.1 cc4ec7b00e99f66f65c59b638212180e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
TXL50-P1
age
77068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31429
last-modified
Tue, 19 Dec 2023 01:37:43 GMT
server
AmazonS3
etag
"95b4c95f18f032429e5952e0c9fad413"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
59Laa_oF-u_52ZGoUY2E3b7StcuBsEhB340EszNWkRrUTJglxRMFCg==
custom-fonts.css
accounts-api-us.ortto.app/-/settings/ 		1 B
257 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-api-us.ortto.app/-/settings/custom-fonts.css?k=C3BhdHRlcm5tYWluAGNIgD0HCPtlAYIDEGWCIIUS_NA_Svn4SSqodGQBAG0mgwrhXp4Ygg&family=Open%20Sans&family=Open%20Sans
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/autopilot.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.217.156 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-217-156.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-version
master-2312190238-8720-7f6c95a
date
Tue, 19 Dec 2023 23:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
allow
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
content-length
1
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Open%20Sans:wght@400;700&family=Open%20Sans:wght@400;700
Requested by
Host: s.ortto-prod.com
URL: https://s.ortto-prod.com/messages/master/v2045/dist/autopilot.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b3915528adf7fa37e092c38ffc6d93f4be2a7f083f616d7259a78d09b11df59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ortto.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 23:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 23:03:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 23:03:49 GMT
get
t.ortto.com/-/widgets/ 		280 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ortto.com/-/widgets/get
Requested by
Host: t.ortto.com
URL: https://t.ortto.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.136.207.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-207-21.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
19d78e6ccf1bd60e13accc3cd9d8f5b990a8a8dc7477a0cd9f22775f4554c437
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ortto.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-version
master-2312142308-4782-44713ef
date
Tue, 19 Dec 2023 23:03:49 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
vary
Accept-Encoding, Accept-Encoding
allow
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://ortto.app
content-type
application/json
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| AP3_ENV string| AP3_JWTM string| AP3_DEVICE_TYPE object| AP3_DISCOVERY string| AP3_DOCS_URL string| AP3_GOOGLE_MAP_API_KEY object| AP3_FEATURES string| AP3_CDN_PATH string| AP3_LANG object| ap3c object| s object| t object| webpackJsonp object| scCGSHMRCache object| __deprecated function| googleMapsScriptOnload boolean| __DEV__ number| TIMEOUT number| BASE_NEEDLE_ANGLE number| START_NEEDLE_MOVE_ANGLE number| END_NEEDLE_MOVE_ANGLE number| NEEDLE_ANGLE_INCREMENT number| DECIMAL_MULTIPLIER string| CLOSE_WIDGET_LINK string| PUSH_PERMISSION_LINK string| AP3_WIDGETS_PREFIX object| HIDDEN_FIELDS_REGEX string| HIDDEN_FIELDS_SUBSTITUTION object| cookies object| frequencies object| preFillOptionIds object| visibilityOptionIds boolean| isMobile boolean| isIOSWebView function| isAndroidWebView object| validShopifyCartAddPaths object| validShopifyCartAddStatuses object| urlParamKeys object| platforms function| getUrlParams function| getFieldType function| getDefaultValue function| populateSelectOptions function| replacePlatformLinks function| getTimeFromSeconds string| uA string| vendor undefined| submitter undefined| submitterSelector function| jsonFromXhr function| sortObjectAndToString function| calcTrackKey function| readCookie function| removeCookie function| convertLegacyCookies function| convertLegacyPageFilter function| isKnownSession object| widgetsAccepted function| getShopifyProductCurrentVariantId function| polyfillDateInput

2 Cookies

Domain/Path Name / Value
ortto.app/ Name: ap3pages
Value: 1
.ortto.app/ Name: ap3c
Value: IGWCIVV2DIv79ZcBAGWCIVWWQIxkIyi-3NR9kKT2EfvjT_7wMA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-api-us.ortto.app
assets-api-us.ortto.app
fonts.googleapis.com
m.autopilotapp.com
ortto.app
s.ortto-prod.com
t.ortto.com
18.64.119.23
18.66.2.40
18.66.2.92
2a00:1450:4001:810::200a
3.136.207.21
3.138.217.156
3.139.119.132
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0242b24ff6b53e331b563ca9b2bc6a29baa31d5a8f2ae73ffc07c3954b8cdf47
04ab216cc8471647597bab7b88d2300675d46aff16df0ba6b86fd28c96d1438f
07c337004472ae74e4743ff98f946094fbc00f2b16d4ff8991272dd6e2093656
12fd80b65530bfed61c4732fcdfeac490477071ed2d9ed1f9561d1345281cf7c
19d78e6ccf1bd60e13accc3cd9d8f5b990a8a8dc7477a0cd9f22775f4554c437
2b14e8e4b51709ab29381c9361d5b70dad4e54f86b044e07010c049b2bf986f6
2e88bfed0b3976a7ae2df8e3221e347e3c983144385b598b2152281c2ced3292
491b7b62edb5cc24a5b27f97aeab7ff186e508783a98c40d91ce9d777b20209c
51e0d2ad138eb89cf3fcdedfd3f2517a8d624bee541bd1f296fe0d1b976275c1
6b3915528adf7fa37e092c38ffc6d93f4be2a7f083f616d7259a78d09b11df59
77635276bd385b76c5c3d8b634cd4c4f187bd7995c10071ad92588787731a85e
79f6d41e7c918283c8709b2d8b21274b79847ed06dd94247f8397d8c686626dd
80e68d435c07603c5004da5ea3242c2539e88a986c7fbd32e2642b50914226e4
864a13692ca61640528fb7e71773f3e4beea7e6112fee133e707f68ce227213b
a89822922a8bc80ae9369ce513536a592ae4c2490d174c97556eb611c81093fa
de85fd37344201d30ed18d37237d9a458733bbbcf927a870131e0278c15f446e
e628cf00a161d5a6bfba1a10d17edd3ad084c3b39f1231bce67c74c3d0d8c4b7
f924cd36d367078cbd609e7393d83a7a3cf447725b6552729c2add8bfd7697e0