login.totalcsr.com Open in urlscan Pro
52.223.56.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hats.totalcsr.com/
Effective URL:
https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drF...
Submission: On April 16 via manual (April 16th 2024, 11:12:03 am UTC) from IN — Scanned from DE

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 44 HTTP transactions. The main IP is 52.223.56.218, located in United States and belongs to AMAZON-02, US. The main domain is login.totalcsr.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 28th 2023. Valid for: a year.

This is the only time login.totalcsr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	54.204.238.15 54.204.238.15	14618 (AMAZON-AES) (AMAZON-AES)
1	40.140.216.221 40.140.216.221	7029 (WINDSTREAM) (WINDSTREAM)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	52.223.56.218 52.223.56.218	16509 (AMAZON-02) (AMAZON-02)
11	18.173.154.109 18.173.154.109	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.128 54.230.228.128	16509 (AMAZON-02) (AMAZON-02)
44	12

20 54.204.238.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-238-15.compute-1.amazonaws.com

hats.totalcsr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.140.216.221 (United States)

ASN7029 (WINDSTREAM, US)
PTR: h221.216.140.40.ip.windstream.net

app.echosage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.56.218 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a9fabdf042c40ac50.awsglobalaccelerator.com

login.totalcsr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.173.154.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-109.muc50.r.cloudfront.net

ok12static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-128.muc50.r.cloudfront.net

login.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	totalcsr.com 1 redirects hats.totalcsr.com login.totalcsr.com	441 KB
11	oktacdn.com ok12static.oktacdn.com — Cisco Umbrella Rank: 11932	860 KB
1	okta.com login.okta.com — Cisco Umbrella Rank: 3616
1	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 18372	167 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7551	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 87	246 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3076	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	99 KB
1	echosage.com app.echosage.com	899 B
44	10

	Domain	Requested by
20	hats.totalcsr.com	hats.totalcsr.com
11	ok12static.oktacdn.com	login.totalcsr.com ok12static.oktacdn.com
3	login.totalcsr.com	1 redirects hats.totalcsr.com login.totalcsr.com
1	login.okta.com	ok12static.oktacdn.com
1	cdn.lr-ingest.io	hats.totalcsr.com
1	fonts.gstatic.com	hats.totalcsr.com
1	www.google.de	hats.totalcsr.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	hats.totalcsr.com
1	app.echosage.com	hats.totalcsr.com
44	11

This site contains links to these domains. Also see Links.

Domain
www.okta.com

Subject Issuer	Validity	Valid
hats.totalcsr.com R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
app.echosage.com Go Daddy Secure Certificate Authority - G2	`2024-01-01` - `2025-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
lr-ingest.io E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.totalcsr.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-28` - `2024-09-27`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh
accounts.okta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2024-07-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg
Frame ID: E81FE124E975FAA7A5B2A51698B786FB
Requests: 43 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: A5316D48336CB5E7C0D1893937FC85D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Total CSR - Anmelden

Page URL History Show full URLs

http://hats.totalcsr.com/ HTTP 307
https://hats.totalcsr.com/ Page URL
https://login.totalcsr.com/oauth2/v1/authorize/?response_type=code&scope=openid%20profile%20email&state... HTTP 302
https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3De... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Page Statistics

44
Requests

93 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1579 kB
Transfer

5365 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.okta.com/?internal_link=wic_login
Title: Okta

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hats.totalcsr.com/ HTTP 307
https://hats.totalcsr.com/ Page URL
https://login.totalcsr.com/oauth2/v1/authorize/?response_type=code&scope=openid%20profile%20email&state=635ab0b2408bdc35fab8dcd140d19c8157a2f73fee55ef6684e0c7671518de4f&redirect_uri=https%3A%2F%2Fhats.totalcsr.com%2Fapi%2Fauth%2Fcallback%2Fokta&client_id=0oa4uabxccTPpjOJI5d6 HTTP 302
https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hats.totalcsr.com/ HTTP 307
https://hats.totalcsr.com/

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
hats.totalcsr.com/
Redirect Chain

http://hats.totalcsr.com/
https://hats.totalcsr.com/

9 KB
3 KB

416ms
143ms

Document
text/html

54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy / Next.js
Resource Hash: 938793f8c14be4194b01e05fd7b389cd7e908b5acca76311a653a53def812f8a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Apr 2024 11:11:58 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D
Server: Cowboy
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur
X-Powered-By: Next.js

Redirect headers

Location: https://hats.totalcsr.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 embed.js Show response
app.echosage.com/xprt/sdk/ 1 KB
899 B 512ms
176ms Script
application/javascript 40.140.216.221
WINDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://app.echosage.com/xprt/sdk/embed.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.140.216.221 , United States, ASN7029 (WINDSTREAM, US),
Reverse DNS: h221.216.140.40.ip.windstream.net
Software: WildFly/10 / Undertow/1
Resource Hash: 488382910005ac92756f67ce19dbf4e56f3135342e50e2238f4a359cab4e3141

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 11:11:58 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 12:12:26 GMT
server: WildFly/10
x-powered-by: Undertow/1
content-type: application/javascript
cache-control: max-age=28800, public, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
content-length: 717

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
99 KB 170ms
68ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LZ2CV2ZQ6B

Requested by

Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e45d26a7de7d4a7105f550fb21c21b7125d51016ecc8331a01afa63869a461eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 11:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 11:11:58 GMT

GET
H/1.1 200
OK cd465a18950af8c5.css
hats.totalcsr.com/_next/static/css/ 230 KB
47 KB 124ms
124ms Stylesheet
text/css 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/css/cd465a18950af8c5.css
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 3172fb1d35851e3da2e8dac16d007aa8da31fd2ab56707058126e0b0cb4f4d91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"399c2-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

GET
H/1.1 200
OK aa3553d4660b9bfa.css
hats.totalcsr.com/_next/static/css/ 2 KB
2 KB 363ms
122ms Stylesheet
text/css 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/css/aa3553d4660b9bfa.css
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba1445c6152bbbb75c2e11be43fc6ea784a15fd2ca2b452a1ab6a77b396f7794

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"89a-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

GET
H/1.1 200
OK webpack-55e59b75e284d6e9.js Show response
hats.totalcsr.com/_next/static/chunks/ 4 KB
3 KB 122ms
122ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/webpack-55e59b75e284d6e9.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b0d1b882c36b8157b331f2161c9ecda1726a635afd5e13968468d7b343cc58f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"1009-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

GET
H/1.1 200
OK framework-35a244ac51cb8401.js Show response
hats.totalcsr.com/_next/static/chunks/ 138 KB
45 KB 125ms
124ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/framework-35a244ac51cb8401.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 682b828e7f8a044009defb983289b5db4b02eef4be9757f19a4beff3d4b86e67

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"22698-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

GET
H/1.1 200
OK main-4c2c9bec55265dd4.js Show response
hats.totalcsr.com/_next/static/chunks/ 114 KB
35 KB 211ms
124ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/main-4c2c9bec55265dd4.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c75264cc46049d4a62f6226c3034f6c56c13ed8c3e25f2b7e15b24d02e093a09

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"1c88f-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

GET
H/1.1 200
OK _app-4dfd55cec547898a.js Show response
hats.totalcsr.com/_next/static/chunks/pages/ 178 KB
52 KB 245ms
124ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 31c72f100d188c38d5721dae7e25c8d6dae5752c1db2a4be7c2a03ba338b92be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"2c948-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK 896-ce7a68f81b8aa5de.js Show response
hats.totalcsr.com/_next/static/chunks/ 164 KB
53 KB 254ms
124ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/896-ce7a68f81b8aa5de.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b6ed10b4d9afe756c0eb1646e7dea3daa57b1f19aed5c394806e9901c62e2cb0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"29104-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK 499-9ab86d5ca3bf3cc2.js Show response
hats.totalcsr.com/_next/static/chunks/ 218 KB
53 KB 251ms
124ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/499-9ab86d5ca3bf3cc2.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 1e0097629db7e14ed10e81be2f5fc16746ded37b17be97be3df86c655f2a3534

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"3684a-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK 676-3d25c1bd3a07d2f4.js Show response
hats.totalcsr.com/_next/static/chunks/ 102 KB
34 KB 256ms
128ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/676-3d25c1bd3a07d2f4.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: a2885d46585de86b052abd410c908e16eb496d02b061bfb96cefffd2b0407173

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"198cb-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK 788-01783d8fb598ea83.js Show response
hats.totalcsr.com/_next/static/chunks/ 53 KB
15 KB 244ms
125ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/788-01783d8fb598ea83.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 226077196075e34ea1ce6ac50805f126a89f5f7407bd41953258346abcc307e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"d55c-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK index-a5f0f294547670b0.js Show response
hats.totalcsr.com/_next/static/chunks/pages/ 25 KB
8 KB 161ms
127ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/chunks/pages/index-a5f0f294547670b0.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: bfff6941e09e4db7d3219563a31d281d4369cceb6cc6199a8c1b2feb19d7b08e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"62c4-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK _buildManifest.js Show response
hats.totalcsr.com/_next/static/-Omy-FHJVz0-40f4NUQWc/ 3 KB
2 KB 122ms
122ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/-Omy-FHJVz0-40f4NUQWc/_buildManifest.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 83826469c612b4bbcf418f6560954c20c52ff2f49906b009856162639ddb78ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"bd1-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK _ssgManifest.js Show response
hats.totalcsr.com/_next/static/-Omy-FHJVz0-40f4NUQWc/ 77 B
932 B 124ms
123ms Script
application/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/_next/static/-Omy-FHJVz0-40f4NUQWc/_ssgManifest.js
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:25:17 GMT
Etag: W/"4d-18b621358c8"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK logo.png
hats.totalcsr.com/ 70 KB
71 KB 365ms
124ms Image
image/png 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hats.totalcsr.com/logo.png
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 8065cb1f3198d8456dd29fd6897ffd3704368e657e76f461e3e4565ef5279a26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:58 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:21:40 GMT
Etag: W/"1174d-18b62100920"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D"}]}
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71501
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265918&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=HrWBZIsN9I33J9rzMWEmIJHEkYtGy%2Fb5LdKa3XiTfPo%3D

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 97ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LZ2CV2ZQ6B&gtm=45je44f0v870458628za200&_p=1713265918825&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1183217805.1713265919&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713265918&sct=1&seg=0&dl=https%3A%2F%2Fhats.totalcsr.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=959
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZ2CV2ZQ6B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 11:11:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hats.totalcsr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 105ms
35ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LZ2CV2ZQ6B&cid=1183217805.1713265919&gtm=45je44f0v870458628za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZ2CV2ZQ6B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 11:11:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hats.totalcsr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 167ms
72ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LZ2CV2ZQ6B&cid=1183217805.1713265919&gtm=45je44f0v870458628za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1951919235

Requested by

Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 11:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 147ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Origin: https://hats.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 18:59:34 GMT
x-content-type-options: nosniff
age: 317544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Apr 2025 18:59:34 GMT

GET
H3 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 844 KB
167 KB 111ms
71ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab8eca4156c17a6d02e8f0332c556d0cbebd0a2de33c9b7e1b32d0881dbe6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 11:11:59 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-cph2320024-CPH
last-modified: Fri, 12 Apr 2024 22:46:51 GMT
server: cloudflare
x-timer: S1712962270.635930,VS0,VE67
etag: W/"82a3247d9a85ac4854430900bd5545c30dd07713487852236b85ae9d69909b79-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ESlWdTcUi8IlMJtGZFcBI3Jfr1R4NrUuzOdHvK0OOQ9DROnrufUBqnZQXl3NElFDIyq0QWlWl421BeEBFhmnaLWwOGmAufU8pv5wy0umnTo8kSy9SlDORikbBPbRaL3ylg2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8753bcdc0fb092e5-CPH
x-cache-hits: 0

GET
H/1.1 200
OK providers Show response
hats.totalcsr.com/api/auth/ 394 B
1 KB 122ms
121ms Fetch
application/json 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/api/auth/providers
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 4c0a6c45abf54335becc66493cf40812f86f47dd8fec311c30283bbc67e27cd2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Etag: "tpm3fuvmzyay"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 394
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK session Show response
hats.totalcsr.com/api/auth/ 2 B
1 KB 123ms
123ms Fetch
application/json 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/api/auth/session
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Etag: "bwc9mymkdm2"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 2
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1 200
OK csrf Show response
hats.totalcsr.com/api/auth/ 80 B
805 B 123ms
121ms Fetch
application/json 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/api/auth/csrf
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c9d70279e120547635c2bf06fdf5ac5818d17529b6bddae9589d644418a451d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Etag: "oyemsj6a0428"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 80
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
BLOB 200
OK a9fcd651-beee-4e43-9e1e-9abc34ec14c7
https://hats.totalcsr.com/ 471 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hats.totalcsr.com/a9fcd651-beee-4e43-9e1e-9abc34ec14c7
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af0650e2d738b21bb8222abeb5e104ebe58bcbd4d75a3b2b54619f76dd863d52

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 482242
Content-Type

GET
H/1.1 200
OK favicon.png
hats.totalcsr.com/ 1 KB
2 KB 124ms
124ms Other
image/png 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 24 Oct 2023 14:21:40 GMT
Etag: W/"465-18b62100920"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1125
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

POST
H/1.1 200
OK okta
hats.totalcsr.com/api/auth/signin/ 285 B
1 KB 122ms
122ms Fetch
application/json 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hats.totalcsr.com/api/auth/signin/okta?
Requested by: Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-238-15.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hats.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 16 Apr 2024 11:11:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Etag: "14yczp4oge77x"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D"}]}
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 285
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713265919&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=7H1oj2jXhIb0zw2oHSLDjh4tQfLfbbZV6bixJvawR9M%3D

GET
H/1.1

200
OK

Primary Request login.htm Show response
login.totalcsr.com/login/
Redirect Chain

https://login.totalcsr.com/oauth2/v1/authorize/?response_type=code&scope=openid%20profile%20email&state=635ab0b2408bdc35fab8dcd140d19c8157a2f73fee55ef6684e0c7671518de4f&redirect_uri=https%3A%2F%2Fh...
https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

17 KB
8 KB

215ms
215ms

Document
text/html

52.223.56.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Requested by

Host: hats.totalcsr.com
URL: https://hats.totalcsr.com/_next/static/chunks/pages/_app-4dfd55cec547898a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.56.218 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9fabdf042c40ac50.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f70260da1f5ab32104f69dec679d7bc6826b9c8d6876976bc4c0bb7d5b4ac859

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; connect-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com tcsr.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; style-src 'unsafe-inline' 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; frame-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com login.okta.com; img-src 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tcsr.okta.com login.totalcsr.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://hats.totalcsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Tue, 16 Apr 2024 11:12:00 GMT
Keep-Alive: timeout=5, max=99
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: de
content-security-policy: default-src 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; connect-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com tcsr.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; style-src 'unsafe-inline' 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; frame-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com login.okta.com; img-src 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tcsr.okta.com login.totalcsr.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-okta-request-id: Zh5dADU_R-XQkKYvu7fJbQAABbQ
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1198
x-rate-limit-reset: 1713265953
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 16 Apr 2024 11:12:00 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: de
expires: 0
location: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-okta-request-id: Zh5dADU_R-XQkKYvu7fJagAABbQ
x-rate-limit-limit: 2000
x-rate-limit-remaining: 1998
x-rate-limit-reset: 1713265953
x-xss-protection: 0

POST collect
region1.analytics.google.com/g/ 0
0

GET
H2 200 okta-sign-in.min.js Show response
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/js/ 2 MB
483 KB 199ms
90ms Script
application/javascript 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/js/okta-sign-in.min.js

Requested by

Host: login.totalcsr.com
URL: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

2f40321a9500cc4ed585f3f5150c40687ad1258d1d70c977809403289973a5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Origin: https://login.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 21:01:37 GMT
x-amz-meta-sha1sum: 66f3f80ec339791e9e3b225a38ba6b30906c6a0b
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 569423
x-cache: Hit from cloudfront
last-modified: Tue, 09 Apr 2024 20:26:54 GMT
server: nginx
etag: W/"2cb6c763b2dfff8ba952a5e7482bfa4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: T2bOQcdOealskxhYpAfydQDgLHWeoAV-T8glTnXHR33TOlPTBwUXDw==
expires: Wed, 09 Apr 2025 21:01:37 GMT

GET
H2 200 okta-sign-in.min.css
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/css/ 217 KB
37 KB 157ms
48ms Stylesheet
text/css 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/css/okta-sign-in.min.css

Requested by

Host: login.totalcsr.com
URL: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Origin: https://login.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 21:01:37 GMT
x-amz-meta-sha1sum: 4cfa8d8c88cf536e49e478565a2da853267beb22
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 569423
x-cache: Hit from cloudfront
last-modified: Tue, 09 Apr 2024 20:25:56 GMT
server: nginx
etag: W/"14a902da0701755f1c3dc816ee428221"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: mpFRaCqaFu5JVFx7QLBudyNFjHjjY-1H9CdI4gQpH7koi3oJh5WnQg==
expires: Wed, 09 Apr 2025 21:01:37 GMT

GET
H2 200 loginpage-theme.e0d37a504604ef874bad26435d62011f.css
ok12static.oktacdn.com/assets/loginpage/css/ 10 KB
3 KB 151ms
43ms Stylesheet
text/css 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

Requested by

Host: login.totalcsr.com
URL: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

c39ff65e2a102e644eb0bf2e31d2bad3d18f7afb25b3b9ba7a4d46263a711179

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 4301f0d2b729ae22adece657d79eccaa25f429b1
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Thu, 04 Apr 2024 00:32:04 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1075196
x-cache: Hit from cloudfront
last-modified: Thu, 14 Mar 2024 00:00:37 GMT
server: nginx
etag: W/"e0d37a504604ef874bad26435d62011f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: agpjQKGTXIPfcUueGmC1HSD2uizUDD2OrhsRLI4qV20h9OwPH66Vjg==
expires: Fri, 04 Apr 2025 00:32:04 GMT

GET
H/1.1 200
OK style-sheet
login.totalcsr.com/api/internal/brand/theme/ 556 B
2 KB 187ms
187ms Stylesheet
text/css 52.223.56.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.totalcsr.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=41e504e6268bc5ad24497b3e1f4d11b4ca314aa159f9677572ae1fdd2b865831f251005de3bda2e3cf28a47ab8b5be71

Requested by

Host: login.totalcsr.com
URL: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.223.56.218 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9fabdf042c40ac50.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b6fbc63988cd65887db6e6a2901f0f5384e782b38c71978c584aad8d59d756d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; connect-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com tcsr.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; style-src 'unsafe-inline' 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com; frame-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com login.okta.com; img-src 'self' tcsr.okta.com login.totalcsr.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tcsr.okta.com login.totalcsr.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: Zh5dADU_R-XQkKYvu7fJcQAABbQ
Date: Tue, 16 Apr 2024 11:12:00 GMT
content-security-policy: default-src 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; connect-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com tcsr.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; style-src 'unsafe-inline' 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com; frame-src 'self' tcsr.okta.com tcsr-admin.okta.com login.totalcsr.com login.okta.com; img-src 'self' tcsr.okta.com login.totalcsr.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' tcsr.okta.com login.totalcsr.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 2400
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 2398
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding
Content-Type: text/css
x-rate-limit-reset: 1713265954
cache-control: max-age=31536000, must-revalidate
Keep-Alive: timeout=5, max=98
expires: Wed, 16 Apr 2025 11:12:00 GMT

GET
H2 200 initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js Show response
ok12static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 43ms
43ms Script
application/javascript 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Requested by

Host: login.totalcsr.com
URL: https://login.totalcsr.com/login/login.htm?fromURI=%2Foauth2%2Fv1%2Fauthorize%2Fredirect%3Fokta_key%3DeDkVNhrpJtOgfc56g5drFF1Q-f1ciBk2Ly3xefo84rg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Origin: https://login.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 07:48:55 GMT
x-amz-meta-sha1sum: 91eca02abf11239ec4af7a30b1da6e2610f1b9a6
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1480985
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 00:50:57 GMT
server: nginx
etag: W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: LnhZBTstu8wgGNUHAEVLbVmOOEESSbydfbDqBDuNRWLtPhtLWzdBjw==
expires: Sun, 30 Mar 2025 07:48:55 GMT

GET
H2 200 proximanova-reg-webfont.353416ed0ff540352235.woff2
ok12static.oktacdn.com/assets/loginpage/font/assets/ 20 KB
20 KB 45ms
45ms Font
application/font-woff2 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
Origin: https://login.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: 2b5fcd8431953c44e410d0489899e74f6d2cfecc
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 21:23:32 GMT
x-amz-cf-pop: MUC50-P3
age: 1603664
x-cache: Hit from cloudfront
content-length: 20416
last-modified: Thu, 09 Nov 2023 00:52:06 GMT
server: nginx
etag: "d99a7377dabb55772ca9f986b0a04b57"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: grsUMeqpkRgdOMkqcEr6EAWOH87-NV-2KlBqb8FL6GHc7W5D7HnNwg==
expires: Fri, 28 Mar 2025 21:44:16 GMT

GET
H/1.1 200
OK iframe.html
login.okta.com/discovery/ Frame A531 0
0 135ms
39ms Document
text/html 54.230.228.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.okta.com/discovery/iframe.html

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-128.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://login.totalcsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Age: 29657
Connection: keep-alive
Content-Length: 451
Content-Type: text/html
Date: Tue, 16 Apr 2024 02:57:45 GMT
ETag: "cb4083f71191b66321c4e0310d0383ab"
Last-Modified: Mon, 25 Mar 2024 16:51:14 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7CVd5d6EhlKOuH_5AC1vZgcwH_9CSDxmleQn7gH1ynZ7N-3VcuJaCA==
X-Amz-Cf-Pop: MUC50-P5
X-Cache: Hit from cloudfront

GET
H2 200 fileStoreRecord
ok12static.oktacdn.com/bc/image/ 86 KB
88 KB 50ms
50ms Other
image/png 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/bc/image/fileStoreRecord?id=fs0b8xe8l40KheHhN5d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

04072c5b440abc55897ef93db31295025a4f203bb1d2f88e88a5b6538aa48f15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ok12-okta.okta.com .oktacdn.com; connect-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com ok12-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok12-okta.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' ok12-okta.okta.com .oktacdn.com; frame-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com login.okta.com; img-src 'self' ok12-okta.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok12-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: faacdec13802b3ade8d42b7c80a8ee9e
date: Mon, 15 Apr 2024 14:12:49 GMT
content-security-policy: default-src 'self' ok12-okta.okta.com *.oktacdn.com; connect-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ok12-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok12-okta.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ok12-okta.okta.com *.oktacdn.com; frame-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com login.okta.com; img-src 'self' ok12-okta.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok12-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 600
x-content-type-options: nosniff
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-rate-limit-remaining: 596
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: MUC50-P3
age: 75551
content-security-policy-report-only: default-src 'self' ok12-okta.okta.com *.oktacdn.com; connect-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ok12-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok12-okta.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'nonce-iQHsOW7CA8ytASFJyBsoQA' 'self' ok12-okta.okta.com *.oktacdn.com; frame-src 'self' ok12-okta.okta.com ok12-okta-admin.okta.com login.okta.com; img-src 'self' ok12-okta.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok12-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-cache: Hit from cloudfront
p3p: CP="HONK"
content-length: 87813
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 20:32:42 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version
content-type: image/png
access-control-allow-origin: *
x-rate-limit-reset: 1713190375
cache-control: public,max-age=31536000,s-maxage=1814400
x-robots-tag: noindex,nofollow
x-amz-cf-id: qCMgoeZBLlRaoO-YDZXpEVmGiGYK8y4yngVH3CVJH8xlS0iwszqbKQ==
expires: Tue, 15 Apr 2025 14:12:49 GMT

GET
H2 200 login_de.json Show response
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/labels/json/ 114 KB
115 KB 43ms
43ms XHR
application/json 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/labels/json/login_de.json

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

c72d18b9c0efac5a6844a75651a7ab5163152cf5e371e4cff8750b447dec9e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain
accept: application/json
Referer: https://login.totalcsr.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 21:20:03 GMT
x-amz-meta-sha1sum: 3b77d149eee503d29a2cc275a2da551ea2e6289c
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: MUC50-P3
age: 568317
x-cache: Hit from cloudfront
content-length: 117214
last-modified: Tue, 09 Apr 2024 20:27:00 GMT
server: nginx
etag: "d80a0c3392392948c28563c965b793c9"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: bpkiza-uXJVzM9J0PY2ZOP2FZFb1cOolNj-4TfLWyeDJVYjSivzeWQ==
expires: Wed, 09 Apr 2025 21:20:03 GMT

GET
H2 200 country_de.json Show response
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/labels/json/ 5 KB
5 KB 49ms
49ms XHR
application/json 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/labels/json/country_de.json

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain
accept: application/json
Referer: https://login.totalcsr.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 21:20:03 GMT
x-amz-meta-sha1sum: 251dd1ccca4c80570aee52db71eed703ac579ad8
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: MUC50-P3
age: 568317
x-cache: Hit from cloudfront
content-length: 4805
last-modified: Tue, 09 Apr 2024 20:26:58 GMT
server: nginx
etag: "51bec6463b4f7c5a26ede1fd8ee067f8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: O39i9ji6tQqdTDyADXZ1acwQn9_jM6dYDCSpRZ-bU_Shrgguql11_A==
expires: Wed, 09 Apr 2025 21:20:03 GMT

GET
H2 200 fs0a42k017v5IHVcv5d7
ok12static.oktacdn.com/fs/bco/1/ 7 KB
8 KB 107ms
107ms Image
image/png 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok12static.oktacdn.com/fs/bco/1/fs0a42k017v5IHVcv5d7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

58bc22b6275f0344b25b439c32dbf80a945e56ce9a1a8c52e0e4ab561baaba84

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://login.totalcsr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 11:10:27 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 94
x-cache: Hit from cloudfront
content-length: 7429
last-modified: Sat, 24 Jun 2023 09:04:35 GMT
server: nginx
etag: "c343ec8271c8bdb4b98ad366205a8b6e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: FHwHnok8ekQmU3mI60pmxngBE2fOHFSSwAkf4PNMu2MT9WlwGKPFaA==
expires: Wed, 16 Apr 2025 11:10:27 GMT

GET
H2 200 checkbox-sign-in-widget.png
ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/img/ui/forms/ 3 KB
4 KB 44ms
44ms Image
image/png 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/img/ui/forms/checkbox-sign-in-widget.png

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ok12static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.17.0/css/okta-sign-in.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 21:01:38 GMT
x-amz-meta-sha1sum: e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: MUC50-P3
age: 569423
x-cache: Hit from cloudfront
content-length: 3141
last-modified: Tue, 09 Apr 2024 20:26:51 GMT
server: nginx
etag: "7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: Rbydn_LD3V4Hohh9FL3AYtVMQDbS1aE3dF3uhfhrgympfHHUXrhSTA==
expires: Wed, 09 Apr 2025 21:01:38 GMT

GET
H2 200 proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok12static.oktacdn.com/assets/loginpage/font/assets/ 20 KB
20 KB 44ms
44ms Font
application/font-woff2 18.173.154.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2

Requested by

Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-109.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ok12static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
Origin: https://login.totalcsr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-sha1sum: dd4beda27e8057403b27d1276ca9d68902692615
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
date: Tue, 02 Apr 2024 06:11:15 GMT
x-amz-cf-pop: MUC50-P3
age: 1227646
x-cache: Hit from cloudfront
content-length: 20328
last-modified: Thu, 09 Nov 2023 00:52:42 GMT
server: nginx
etag: "27429b092c0595aa8803b611bd7508f3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: -BKoIaa6raKyw4NchES4hmGXJVJMsJWkfCsOiMi1sKR1IBubDYxoJg==
expires: Wed, 02 Apr 2025 06:11:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LZ2CV2ZQ6B&gtm=45je44f0v870458628za200&_p=1713265918825&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1183217805.1713265919&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713265918&sct=1&seg=0&dl=https%3A%2F%2Fhats.totalcsr.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=7&tfd=2606

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LZ2CV2ZQ6B&gtm=45je44f0v870458628za200&_p=1713265918825&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1183217805.1713265919&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=3&sid=1713265918&sct=1&seg=0&dl=https%3A%2F%2Fhats.totalcsr.com%2F&dt=&en=user_engagement&_et=1637&tfd=2606

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.totalcsr.com/	1970-01-21 05:30:25	Name: _ga Value: GA1.1.1183217805.1713265919
hats.totalcsr.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: 79e2b844daa6bc624ed451193179dd713190b86f5e1327e5f5166ca630666f55%7Cb2c806db4b5d4655b2f940e6fcc5ea9faa14c0d39f28be7a0d6e3dfcdc04ae1d
hats.totalcsr.com/	1970-01-20 19:55:52	Name: _lr_tabs_-g11wfu%2Ftotal-csr-hats Value: {%22sessionID%22:0%2C%22recordingID%22:%225-c5ae6c69-7c1d-4be0-b2d4-eeaff22b7d39%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713265919547}
hats.totalcsr.com/	1970-01-20 19:55:52	Name: _lr_hb_-g11wfu%2Ftotal-csr-hats Value: {%22heartbeat%22:1713265919547}
hats.totalcsr.com/	1969-12-31 23:59:59	Name: _lr_uf_-g11wfu Value: e0cf3a22-53cb-4267-b247-d893918e003b
hats.totalcsr.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fhats.totalcsr.com%2F
login.totalcsr.com/	1969-12-31 23:59:59	Name: t Value: spring
login.totalcsr.com/	1970-01-21 05:30:25	Name: DT Value: DI1b91JxqORTv-1qZNRzPTgcQ
.totalcsr.com/	1970-01-21 05:30:25	Name: _ga_LZ2CV2ZQ6B Value: GS1.1.1713265918.1.0.1713265920.58.0.0
login.totalcsr.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0EC279256ADD217C56384B5338266CDE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.echosage.com
cdn.lr-ingest.io
fonts.gstatic.com
hats.totalcsr.com
login.okta.com
login.totalcsr.com
ok12static.oktacdn.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
region1.analytics.google.com
142.250.186.35
18.173.154.109
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:810::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9b
40.140.216.221
52.223.56.218
54.204.238.15
54.230.228.128
04072c5b440abc55897ef93db31295025a4f203bb1d2f88e88a5b6538aa48f15
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
1e0097629db7e14ed10e81be2f5fc16746ded37b17be97be3df86c655f2a3534
226077196075e34ea1ce6ac50805f126a89f5f7407bd41953258346abcc307e7
2f40321a9500cc4ed585f3f5150c40687ad1258d1d70c977809403289973a5f6
3172fb1d35851e3da2e8dac16d007aa8da31fd2ab56707058126e0b0cb4f4d91
31c72f100d188c38d5721dae7e25c8d6dae5752c1db2a4be7c2a03ba338b92be
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
488382910005ac92756f67ce19dbf4e56f3135342e50e2238f4a359cab4e3141
4c0a6c45abf54335becc66493cf40812f86f47dd8fec311c30283bbc67e27cd2
58bc22b6275f0344b25b439c32dbf80a945e56ce9a1a8c52e0e4ab561baaba84
682b828e7f8a044009defb983289b5db4b02eef4be9757f19a4beff3d4b86e67
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
8065cb1f3198d8456dd29fd6897ffd3704368e657e76f461e3e4565ef5279a26
83826469c612b4bbcf418f6560954c20c52ff2f49906b009856162639ddb78ba
938793f8c14be4194b01e05fd7b389cd7e908b5acca76311a653a53def812f8a
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
a2885d46585de86b052abd410c908e16eb496d02b061bfb96cefffd2b0407173
aab8eca4156c17a6d02e8f0332c556d0cbebd0a2de33c9b7e1b32d0881dbe6f0
af0650e2d738b21bb8222abeb5e104ebe58bcbd4d75a3b2b54619f76dd863d52
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
b0d1b882c36b8157b331f2161c9ecda1726a635afd5e13968468d7b343cc58f3
b6ed10b4d9afe756c0eb1646e7dea3daa57b1f19aed5c394806e9901c62e2cb0
b6fbc63988cd65887db6e6a2901f0f5384e782b38c71978c584aad8d59d756d7
ba1445c6152bbbb75c2e11be43fc6ea784a15fd2ca2b452a1ab6a77b396f7794
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bfff6941e09e4db7d3219563a31d281d4369cceb6cc6199a8c1b2feb19d7b08e
c39ff65e2a102e644eb0bf2e31d2bad3d18f7afb25b3b9ba7a4d46263a711179
c72d18b9c0efac5a6844a75651a7ab5163152cf5e371e4cff8750b447dec9e98
c75264cc46049d4a62f6226c3034f6c56c13ed8c3e25f2b7e15b24d02e093a09
c9d70279e120547635c2bf06fdf5ac5818d17529b6bddae9589d644418a451d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d26a7de7d4a7105f550fb21c21b7125d51016ecc8331a01afa63869a461eb
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70260da1f5ab32104f69dec679d7bc6826b9c8d6876976bc4c0bb7d5b4ac859

login.totalcsr.com Open in urlscan Pro 52.223.56.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

36 %IPv6

10 Domains

11 Subdomains

12 IPs

4 Countries

1579 kBTransfer

5365 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.totalcsr.com Open in urlscan Pro
52.223.56.218 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1579 kB
Transfer

5365 kB
Size

10
Cookies

44 HTTP transactions
0 data transactions