urlscan.io logo urlscan.io
SecurityTrails logo

app.ornikar.com Open in urlscan Pro
2606:4700:11::6817:8407  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.ornikar.com/?original-offer=code
Submission Tags: 0xscam
Submission: On February 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 53 HTTP transactions. The main IP is 2606:4700:11::6817:8407, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.ornikar.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time app.ornikar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:11::6817:8407 (United States)

ASN13335 (CLOUDFLARENET, US)
app.ornikar.com
assets.ornikar.com
mp.ornikar.com
1    154.85.69.15 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
cdn.polyfill.io
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o153228.ingest.sentry.io
4    35.190.217.127 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 127.217.190.35.bc.googleusercontent.com
auth.ornikar.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:3100::1735:2881 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
1    2600:9000:211e:9600:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.axept.io
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:26db:7800:18:1316:6b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
stonly.com
2    2600:9000:26db:8800:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)
client.axept.io
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)
axeptio.imgix.net
Apex Domain
Subdomains		 Transfer
27 ornikar.com
app.ornikar.com
assets.ornikar.com
auth.ornikar.com
mp.ornikar.com
1 MB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
482 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
3 stonly.com
stonly.com — Cisco Umbrella Rank: 28475
55 KB
3 axept.io
static.axept.io — Cisco Umbrella Rank: 53211
client.axept.io — Cisco Umbrella Rank: 60670
204 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
90 KB
1 imgix.net
axeptio.imgix.net — Cisco Umbrella Rank: 99449
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 4840
12 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
108 KB
1 sentry.io
o153228.ingest.sentry.io
324 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3333
22 KB
53 12
Domain Requested by
18 app.ornikar.com 1 redirects assets.ornikar.com
app.ornikar.com
4 auth.ornikar.com assets.ornikar.com
4 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com app.ornikar.com
www.gstatic.com
www.google.com
4 assets.ornikar.com app.ornikar.com
assets.ornikar.com
3 stonly.com assets.ornikar.com
stonly.com
2 client.axept.io assets.ornikar.com
2 connect.facebook.net app.ornikar.com
connect.facebook.net
1 mp.ornikar.com assets.ornikar.com
1 axeptio.imgix.net app.ornikar.com
1 fonts.googleapis.com static.axept.io
1 static.axept.io www.googletagmanager.com
1 websdk.appsflyer.com assets.ornikar.com
1 www.googletagmanager.com assets.ornikar.com
1 o153228.ingest.sentry.io assets.ornikar.com
1 cdn.polyfill.io app.ornikar.com
53 17

This site contains links to these domains. Also see Links.

Domain
www.ornikar.com
pro.ornikar.com
Subject Issuer Validity Valid
ornikar.com
GTS CA 1P5		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
public.ornikar.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
static.axeptio.eu
Amazon RSA 2048 M02		 2023-06-19 -
2024-07-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-07 -
2024-03-06		 3 months crt.sh
stonly.com
Amazon RSA 2048 M02		 2024-01-07 -
2025-02-04		 a year crt.sh
client.axept.io
Amazon RSA 2048 M01		 2023-08-03 -
2024-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.ornikar.com/?original-offer=code
Frame ID: 0535388BD971EFCE549FB6E1563618ED
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Frame ID: 55A01B99C9E120EDC7A3F68519827893
Requests: 8 HTTP requests in this frame

Frame: https://app.ornikar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: 5A225009C23F04CD43F7E0C137C4EF25
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connexion - Ornikar

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

53
Requests

96 %
HTTPS

80 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

2091 kB
Transfer

6821 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.ornikar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.ornikar.com/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/?original-offer=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86e8ec0c7ad39dc6af72cdc58112f3f681350068e0e07cc78ae62b13ae0db9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=30
cf-cache-status
DYNAMIC
cf-ray
85c8c0d27f4e5a83-VIE
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.ornikar.com;
content-type
text/html
date
Wed, 28 Feb 2024 12:43:26 GMT
expires
Wed, 28 Feb 2024 12:43:56 GMT
last-modified
Wed, 28 Feb 2024 11:19:36 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
3
x-frame-options
deny
x-xss-protection
1; mode=block
polyfill.min.js
cdn.polyfill.io/v3/ 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es2020,es2021,es2022,localStorage,String.prototype.normalize,matchMedia,URLSearchParams,AbortController,MutationObserver,ResizeObserver&unknown=polyfill&flags=gated
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/?original-offer=code
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.85.69.15 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
78bd75701c81a5b1583c487a934f47e5dfdc17eac2da3cd70e505c7acbcfafdc

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-encoding
gzip
server
nginx
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
useragent_normaliser
ios_saf/11.0.0
x-ser
BC8_US-Texas-Dallas-1-cache-3, BC8_US-Texas-Dallas-1-cache-3, BC13_DE-Frankfurt-Frankfurt-11-cache-2
main.3f8dee6c.js
assets.ornikar.com/learner-app/static/js/ 		3 MB
891 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/?original-offer=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
260e5351c494e4d3223966c075b777b92bcbdcf5ad5f35a743af821b627bb897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-guploader-uploadid
ABPtcPoq1oX53CWj5wwtM3PNSz9hmoBfGSIlbQSJuyb_wfJH8k36dHIJk8P2Rz8pzmVeIkjWAClHnEvrTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 28 Feb 2024 11:14:53 GMT
server
cloudflare
etag
W/"687319e3507f31693d40deab79cb8c5d"
vary
Accept-Encoding
x-goog-generation
1709118893067803
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=9fuTqw==, md5=aHMZ41B/MWk9QN6recuMXQ==
access-control-expose-headers
*
cache-control
public, max-age=2678400
x-goog-stored-content-length
3456784
cf-ray
85c8c0d388d85a83-VIE
expires
Wed, 28 Feb 2024 13:43:26 GMT
main.28c2bc89.css
assets.ornikar.com/learner-app/static/css/ 		117 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/css/main.28c2bc89.css
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/?original-offer=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35861cd936d3dbf3e35482a2d6bdb9ca3871123bbfd3f01193e611e989681035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
x-guploader-uploadid
ABPtcPqAejIUmPmGgKo8VN-2bqJKSpbWkb919L7VnaGDULcjiLcatr-yMwTMrJ8cwKTxRI6mtPLvHehgDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
minify
last-modified
Mon, 26 Feb 2024 17:53:34 GMT
server
cloudflare
etag
W/"6df9b9d797a36dc41109bcb976f84c5a"
vary
Accept-Encoding
x-goog-generation
1708970014582562
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=0EGTTg==, md5=bfm515ejbcQRCby5dvhMWg==
access-control-expose-headers
*
cache-control
public, max-age=2678400
x-goog-stored-content-length
114177
cf-ray
85c8c0d388d75a83-VIE
expires
Wed, 28 Feb 2024 13:23:15 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/?original-offer=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b94c27c7743c6321fff5bd7db9a10d5e7ddf26ac8f4d7d2dc2f8e987c237fd5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Feb 2024 12:43:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 07:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 07:31:57 GMT
anchor
www.google.com/recaptcha/api2/ Frame 55A0 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8eb1134f194ca7fe0e63ee05f8c6efb2dc88f964abc37908a50c536b6c65172
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kAp5d3o8KEFTubdwC5MiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kAp5d3o8KEFTubdwC5MiDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 12:43:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Moderat-Regular-webfont.3c312071482f66e599f6.woff2
assets.ornikar.com/learner-app/static/media/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/media/Moderat-Regular-webfont.3c312071482f66e599f6.woff2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/css/main.28c2bc89.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fd74d27f83c5d9e51c2c3025962f166ce04bf554c793391a2841a3434f5803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.ornikar.com/learner-app/static/css/main.28c2bc89.css
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPqFYm4TQgW4ozi1TT8SF7RZfDoBs9Xbu-7FLstHV_FQyYFkPE29YsEQRTjUvHa-kP5aN5o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23596
last-modified
Tue, 27 Feb 2024 15:41:59 GMT
server
cloudflare
etag
"54b449bbd0adf0bd033932865d53e834"
vary
Accept-Encoding
x-goog-generation
1700220723678570
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=8FHksQ==, md5=VLRJu9Ct8L0DOTKGXVPoNA==
access-control-expose-headers
*
cache-control
public, max-age=2678400
x-goog-stored-content-length
23596
accept-ranges
bytes
cf-ray
85c8c0d89e3ac247-VIE
expires
Wed, 28 Feb 2024 13:43:27 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 55A0 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 10:15:32 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 55A0 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 07:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 07:31:57 GMT
oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
www.google.com/js/bg/ Frame 55A0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
100613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6931
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:46:34 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 55A0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:49:56 GMT
x-content-type-options
nosniff
age
100411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:49:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55A0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:49:09 GMT
x-content-type-options
nosniff
age
100458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:49:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:11:37 GMT
x-content-type-options
nosniff
age
99110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:11:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 55A0 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=8odm6olpjvky
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Feb 2024 12:43:27 GMT
/
o153228.ingest.sentry.io/api/1801814/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o153228.ingest.sentry.io/api/1801814/envelope/?sentry_key=0c3eb9b1f3224451bbb172105aa1fb3a&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.65.0
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.ornikar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
mxpnl-browser.eabde17d.chunk.js
app.ornikar.com/learner-app/static/js/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/mxpnl-browser.eabde17d.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf0517157a4cc80e52d759a7f36c752e94b14acbc2a4ead37c6c2b5f0a8cd02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
782
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-16d1d"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dbceed5a83-VIE
1428.6c2c59e9.chunk.js
app.ornikar.com/learner-app/static/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/1428.6c2c59e9.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5bdf96d78054b1cb98e9ca2b1073b10d2ac7667d5d5712bb10933e6c58e319
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
782
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-87b6"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dbef265a83-VIE
logo-fr.ef6548d7.chunk.js
app.ornikar.com/learner-app/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/logo-fr.ef6548d7.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd4978782f9d0592f3808b05c88ff480e144f7966439025ed7584493664c335
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
782
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-1582"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dbef2b5a83-VIE
shared-fr-FR.0dc012df.chunk.js
app.ornikar.com/learner-app/static/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/shared-fr-FR.0dc012df.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af5fcddbed22215a6946a9d1495d8c18e58e84228b353a56225e8b38b55fb7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:27 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
5030
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:02:07 GMT
server
cloudflare
etag
W/"65df12af-7ff0"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dbef305a83-VIE
/
app.ornikar.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:19:36 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/html
cache-control
max-age=30
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dc2fbd5a83-VIE
expires
Wed, 28 Feb 2024 12:43:58 GMT
/
app.ornikar.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:19:36 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/html
cache-control
max-age=30
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dc3fbe5a83-VIE
expires
Wed, 28 Feb 2024 12:43:58 GMT
main.js
app.ornikar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame 5A22
Redirect Chain
  • https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.ornikar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/?original-offer=code
Protocol
H2
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eff62014d53e15f05d8fa7e633a84ea92e5e0322851390e470546d1fab5251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85c8c0dc98735a83-VIE

Redirect headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
cache-control
max-age=300, public
cf-ray
85c8c0dc3fc65a83-VIE
refresh
auth.ornikar.com/api/v1/tokens/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.ornikar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,Cache-Control
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE
access-control-allow-origin
https://app.ornikar.com
access-control-max-age
86400
content-security-policy
frame-ancestors 'self' *.ornikar.com;
date
Wed, 28 Feb 2024 12:43:27 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
deny
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-533VNT
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a999bb9f24ab896cb0f91539e9e95d55c44f61f309580ef551adf5639431629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110398
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 12:43:28 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2881 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 12:43:28 GMT
Content-Encoding
gzip
x-amz-request-id
YNGC7PCXVN28Z00Q
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1526
Accept-Ranges
bytes
X-DataStream-Cache-Status
1
Expires
Wed, 28 Feb 2024 13:08:54 GMT
refresh
auth.ornikar.com/api/v1/tokens/ 		82 B
935 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
20
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
istio-envoy
x-download-options
noopen
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
85c8c0d27f4e5a83
app.ornikar.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5A22 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/cdn-cgi/challenge-platform/h/g/jsd/r/85c8c0d27f4e5a83
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
85c8c0dd49e05a83-VIE
content-type
text/plain; charset=UTF-8
sdk.js
static.axept.io/ 		737 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.axept.io/sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-533VNT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26c40c3493f2412cac94ecf692b6e6b7e390163640f568e6757f2f95a3292208

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 13:27:54 GMT
content-encoding
br
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified
Tue, 27 Feb 2024 13:27:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
83735
etag
W/"54b7dcb13ef9da7721fcc3d62590ef0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tq4dc3tjMqLelndnFLlGi-opXVoVbwhtHdfsM12ynvNBne_kVjXcSA==
refresh
auth.ornikar.com/api/v1/tokens/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.ornikar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,Cache-Control
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE
access-control-allow-origin
https://app.ornikar.com
access-control-max-age
86400
content-security-policy
frame-ancestors 'self' *.ornikar.com;
date
Wed, 28 Feb 2024 12:43:27 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
deny
x-xss-protection
1; mode=block
544.5dd8ba27.chunk.js
app.ornikar.com/learner-app/static/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/544.5dd8ba27.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa5544f1b6562b73f76db1780a47f51d9a83b7335b7e1b018f4aea24b417970
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
5027
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-414a"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9a935a83-VIE
6511.59b2bf12.chunk.js
app.ornikar.com/learner-app/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/6511.59b2bf12.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c593636fe69340865d46d46b013bbbfbfac38aa5a1b70ea3d1783e741a421bfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-18af"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9a975a83-VIE
authentication.52934546.chunk.css
app.ornikar.com/learner-app/static/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/css/authentication.52934546.chunk.css
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9622401071abbe4c2747361d1bdf03bd16975df0b14f699279874a679e609f8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
cf-polished
origSize=5512
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-1588"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9aa45a83-VIE
authentication.2bd6e806.chunk.js
app.ornikar.com/learner-app/static/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/authentication.2bd6e806.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2932331c0600ac86fbf5f6b6d94f4eaabee67849cc6dcd8aebd5146018910008
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-8ecf"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9aa75a83-VIE
authentication-fr-FR.e28186d4.chunk.js
app.ornikar.com/learner-app/static/js/ 		1 KB
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/authentication-fr-FR.e28186d4.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b62aba5183002b81ecc9b8382d1cb2eecf44e032c09a253f2212947e11b4ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-506"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9aaa5a83-VIE
LAS-authentication-fr-FR.51d5e58f.chunk.js
app.ornikar.com/learner-app/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/LAS-authentication-fr-FR.51d5e58f.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5787015b0a7cf654e78a19d8c87133120bbcbd1261a86a58fc52bb50c7a9b9e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-d23"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9aae5a83-VIE
appPageWithoutShell-appLegalFooter.a30c34ef.chunk.css
app.ornikar.com/learner-app/static/css/ 		3 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/css/appPageWithoutShell-appLegalFooter.a30c34ef.chunk.css
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b51291e803c4d8e4c7b3bc117f9b28f0c7f43657e9a3ebccc628a36512d9537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
cf-polished
origSize=2794
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-aea"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9ab25a83-VIE
appPageWithoutShell-appLegalFooter.131ddc18.chunk.js
app.ornikar.com/learner-app/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/appPageWithoutShell-appLegalFooter.131ddc18.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71276d263cb0cd327b3515a4ff0e221c313f4e06eac32234bd041c7cac594285
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
783
x-dns-prefetch-control
off
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 28 Feb 2024 11:12:17 GMT
server
cloudflare
etag
W/"65df1511-147d"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85c8c0dd9ab35a83-VIE
refresh
auth.ornikar.com/api/v1/tokens/ 		82 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
20
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
istio-envoy
x-download-options
noopen
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
Moderat-Bold.abb84fcf0b87af9278c2.woff2
assets.ornikar.com/learner-app/static/media/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/media/Moderat-Bold.abb84fcf0b87af9278c2.woff2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/css/main.28c2bc89.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9d6ddf4e61d4b5d3698b3d2b8ea841d6ce97794f4fbdf46a6580393113c3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.ornikar.com/learner-app/static/css/main.28c2bc89.css
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPpDFMJJjfhYgUgbSpL8AblFR8JH2JTnPF4YDvxDcjC5tH1Nk2L-adJwUD9KfG24cctsQoDCb_oyHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
59224
last-modified
Fri, 23 Feb 2024 10:13:33 GMT
server
cloudflare
etag
"c9ec19eadba15303b78625a6c260fd0d"
vary
Accept-Encoding
x-goog-generation
1702552522836821
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=RRdvLA==, md5=yewZ6tuhUwO3hiWmwmD9DQ==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2678400
x-goog-stored-content-length
59224
accept-ranges
bytes
cf-ray
85c8c0de0e95c247-VIE
expires
Wed, 28 Feb 2024 13:43:28 GMT
sdk.js
connect.facebook.net/fr_FR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/learner-app/static/js/544.5dd8ba27.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70fac56571be85001b110b4cdff6321b1ef3cc6880ec93be2956388ea82f70f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 12:43:28 GMT
content-md5
MwQvAM7XfZF/Afn8sBMETQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
DvTfwLsrTWJZSlEpmp6o2hWmDMwnpFAck4aExgf+BLG5X6hxWjhpasOeQbl5tp8cWfSEbyuut3OF+uNPYwbZsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6a630e1181813a38c28e221a0d3d1e86
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b43080f7e50ae86726df24b193a32d62"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 28 Feb 2024 12:47:03 GMT
stonly-widget.js
stonly.com/js/widget/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/stonly-widget.js?v2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:7800:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ceb5011e40d3db09c3279cffea01e439d1d877b8942bce9ade8327838fd0eca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 08cfbbb6f1b1bf4bc1e8ab1a071b4154.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
540026
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-4a65"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
0S_P39fVhez1bJyfaAycYI3Ed0PZARTZhLiIQnw68WrsRiV67XDSWA==
expires
Thu, 07 Mar 2024 06:43:02 GMT
60521f519bb62c0f5c1d0b70.json
client.axept.io/ 		113 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/60521f519bb62c0f5c1d0b70.json?r=0
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8800:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9990950fb4c4c8e57d5f65d4cebcb23a5711bc82ae459198b9640775721bece8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
Gmhw58zhgpFqnNRr3mhL9lLx1GPqm5st
content-encoding
gzip
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
date
Wed, 28 Feb 2024 12:38:36 GMT
x-amz-cf-pop
MUC50-P3
age
293
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Feb 2024 07:58:58 GMT
server
AmazonS3
etag
W/"db26eef6b4cfb905a8dbd0d3ea188d95"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
fjIfGjRGudT1CYjAPbok5X_qIHcV-mZrc2b3jr3Dt8Cv8jjfQz8I4g==
sdk.js
connect.facebook.net/fr_FR/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js?hash=c6bb489b8ce6f172402cbd657488d600
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f5e58fd2aeaf6ed53e6b2e4f9bcd3b04c8ae6ad62f23cc2124c08bd0d6f37ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 12:43:28 GMT
content-md5
8+yG3xrNC+0IAS34Tbqq3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88731
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
VplVbYCjplnl+tnOvciAWAgXW99EgO9RHgXPvYG1hWGko0j8i0dWGzSZIpdLU9krH0lVEPbFfOWOwTUZA4vG4A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
348023737a91be243d466c433cb3d738
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e9624c05ca96bfff60974d05ef41f7cd"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 27 Feb 2025 11:50:14 GMT
vendors~widget-f4ca974e2cc4bec4dc02.stonly.js
stonly.com/js/widget/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/vendors~widget-f4ca974e2cc4bec4dc02.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/stonly-widget.js?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:7800:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
51654b39d75619af3208ab885473aa47dae982e09c439125e7e22fb1560b557b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 08cfbbb6f1b1bf4bc1e8ab1a071b4154.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
540026
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-16801"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
LusIk_mWYE8blBvQr9d-zkOPBvf2vtXkF5GwvEgTZe352FXvL4pQVg==
expires
Thu, 07 Mar 2024 06:43:02 GMT
widget-010e097e616c1371cf37.stonly.js
stonly.com/js/widget/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/widget-010e097e616c1371cf37.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/stonly-widget.js?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:7800:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5f0b3db99ba8db1126a8bc44d6c0518c16f0faafa3bc4c8f4ce7f40acab5613c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 08cfbbb6f1b1bf4bc1e8ab1a071b4154.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
540026
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-f8c8"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
wy90YArCwdK0y2g53ouZDEdktnZWHMMgYPoYbDyuiI58NhwW-XEBcg==
expires
Thu, 07 Mar 2024 06:43:02 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 12:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 12:43:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 12:43:28 GMT
fr
client.axept.io/pack/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/pack/fr
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8800:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ campsi
Resource Hash
be0c798b4c296cb3c1c059a34e4ca93828a349c81fc3a22acaecc7616a19c7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 09:03:58 GMT
content-encoding
gzip
via
1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
531570
x-powered-by
campsi
etag
W/"2767-ygVVv4iGKwiafqcoxqL5kpf2CwQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
G0kxPZPbowB8aQo3dKgxceKLyZfaijkMdysyDF0cJv96Ii70eSmoVw==
79ba3c1b-de8b-408b-a174-d8018654b996.png
axeptio.imgix.net/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axeptio.imgix.net/2022/04/79ba3c1b-de8b-408b-a174-d8018654b996.png?auto=format&fit=crop&w=170&h=auto&dpr=1
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/connexion
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b57b92f6fa37f50cce9bbdc4da5882b5dff3536ad0898201a33fa4a4499ef5f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:43:28 GMT
x-content-type-options
nosniff
age
3107024
x-cache
HIT, HIT
x-imgix-id
34b4c01ffed05a52dd87255d6cc2ae0c77cda97e
cross-origin-resource-policy
cross-origin
content-length
7235
x-served-by
cache-sjc1000116-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm
02.131624
last-modified
Tue, 23 Jan 2024 13:39:44 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:53 GMT
x-content-type-options
nosniff
age
100475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:48:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:53:04 GMT
x-content-type-options
nosniff
age
100224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:53:04 GMT
integration
stonly.com/api/v1/widget/ 		0
0
/
mp.ornikar.com/track/ 		25 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.ornikar.com/track/?verbose=1&ip=1&_=1709124210103
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.3f8dee6c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ornikar.com *.staging-fr-onroad.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Feb 2024 12:43:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
content-security-policy
default-src 'self' *.ornikar.com *.staging-fr-onroad.com;
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
x-envoy-upstream-service-time
13
content-length
25
x-xss-protection
1; mode=block
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cloud-trace-context
337c9d5ea4946d194cf5c746f1216d6c
cf-ray
85c8c0e949685a83-VIE
access-control-allow-headers
X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stonly.com
URL
https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| parseBoolean object| _ornikar object| head object| script string| STONLY_WID object| STONLY_WIDGET_CONFIG object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_97128 object| webpackChunk_ornikar_learner_webapp object| __SENTRY__ object| __REACT_INTL_CONTEXT__ function| _makeShareableClone function| _scheduleOnJS boolean| _WORKLET function| _log boolean| __reactResponderSystemActive function| SET_DEPRECATED_NOTIFICATION object| __APOLLO_CLIENT__ object| dataLayer string| AppsFlyerSdkObject function| AF object| google_tag_manager object| google_tag_data object| axeptioSettings function| onYouTubeIframeAPIReady object| AF_cleanupMethods object| AF_SDK function| fbAsyncInit object| webpackChunkcaas_styleguide function| setImmediate function| clearImmediate object| regeneratorRuntime object| __axeptioSDK object| _axcb function| gtag object| axeptioSDK string| axeptioBuildTimestamp object| FB object| jsonpStonlyWidget function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton object| __buffer

5 Cookies

Domain/Path Name / Value
.ornikar.com/ Name: cf_clearance
Value: wu6fPeSgDqSk6Nfcp1FcEhlFXdgIXQ4KnqoWZvDMG7Y-1709124208-1.0-Ad6YT7it4avyX1YqgyzNpTiMPQ9Mvp4h+BMNZ2jWCCe1jWU3fAXNU/OhycOT1TB1bqr/TR+IJkcq1KYVaVI2umg=
.ornikar.com/ Name: mp_f1ffd1be7875893b8ce2d22e88b7b44b_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218defbdc5e7a7-0a1e61c16b4bde-14313374-1d4c00-18defbdc5e81966%22%2C%22%24device_id%22%3A%20%2218defbdc5e7a7-0a1e61c16b4bde-14313374-1d4c00-18defbdc5e81966%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22app_configuration%22%3A%20%7B%22version%22%3A%20%225.186.1%22%2C%22market%22%3A%20%22fr%22%2C%22locale%22%3A%20%22fr-FR%22%2C%22from%22%3A%20%22webapp%22%7D%2C%22page_view%22%3A%20%7B%22page_path%22%3A%20%22%2Fconnexion%22%2C%22page_path_previous%22%3A%20%22%2F%22%2C%22page_collection%22%3A%20%22learner_webapp%22%7D%7D
app.ornikar.com/ Name: axeptio_cookies
Value: {%22$$token%22:%22iw0u6tobmcqnlwovf1m03r%22%2C%22$$date%22:%222024-02-28T12:43:28.387Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
app.ornikar.com/ Name: axeptio_authorized_vendors
Value: %2C%2C
app.ornikar.com/ Name: axeptio_all_vendors
Value: %2C%2C

5 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network error URL: https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://app.ornikar.com/connexion
Message:
Access to XMLHttpRequest at 'https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion' from origin 'https://app.ornikar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ornikar.com
assets.ornikar.com
auth.ornikar.com
axeptio.imgix.net
cdn.polyfill.io
client.axept.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mp.ornikar.com
o153228.ingest.sentry.io
static.axept.io
stonly.com
websdk.appsflyer.com
www.google.com
www.googletagmanager.com
www.gstatic.com
stonly.com
154.85.69.15
2600:9000:211e:9600:1c:f638:2940:93a1
2600:9000:26db:7800:18:1316:6b80:93a1
2600:9000:26db:8800:19:61a3:b200:93a1
2606:4700:11::6817:8407
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a02:26f0:3100::1735:2881
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:400::720
34.120.195.249
35.190.217.127
0b51291e803c4d8e4c7b3bc117f9b28f0c7f43657e9a3ebccc628a36512d9537
1a999bb9f24ab896cb0f91539e9e95d55c44f61f309580ef551adf5639431629
1af5fcddbed22215a6946a9d1495d8c18e58e84228b353a56225e8b38b55fb7c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ceb5011e40d3db09c3279cffea01e439d1d877b8942bce9ade8327838fd0eca
1f5e58fd2aeaf6ed53e6b2e4f9bcd3b04c8ae6ad62f23cc2124c08bd0d6f37ba
260e5351c494e4d3223966c075b777b92bcbdcf5ad5f35a743af821b627bb897
26c40c3493f2412cac94ecf692b6e6b7e390163640f568e6757f2f95a3292208
2932331c0600ac86fbf5f6b6d94f4eaabee67849cc6dcd8aebd5146018910008
35861cd936d3dbf3e35482a2d6bdb9ca3871123bbfd3f01193e611e989681035
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40b62aba5183002b81ecc9b8382d1cb2eecf44e032c09a253f2212947e11b4ee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
48eff62014d53e15f05d8fa7e633a84ea92e5e0322851390e470546d1fab5251
51654b39d75619af3208ab885473aa47dae982e09c439125e7e22fb1560b557b
5787015b0a7cf654e78a19d8c87133120bbcbd1261a86a58fc52bb50c7a9b9e9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f0b3db99ba8db1126a8bc44d6c0518c16f0faafa3bc4c8f4ce7f40acab5613c
6b86e8ec0c7ad39dc6af72cdc58112f3f681350068e0e07cc78ae62b13ae0db9
70fac56571be85001b110b4cdff6321b1ef3cc6880ec93be2956388ea82f70f2
71276d263cb0cd327b3515a4ff0e221c313f4e06eac32234bd041c7cac594285
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78bd75701c81a5b1583c487a934f47e5dfdc17eac2da3cd70e505c7acbcfafdc
7cf0517157a4cc80e52d759a7f36c752e94b14acbc2a4ead37c6c2b5f0a8cd02
9622401071abbe4c2747361d1bdf03bd16975df0b14f699279874a679e609f8c
9990950fb4c4c8e57d5f65d4cebcb23a5711bc82ae459198b9640775721bece8
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
9fa5544f1b6562b73f76db1780a47f51d9a83b7335b7e1b018f4aea24b417970
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
ab9d6ddf4e61d4b5d3698b3d2b8ea841d6ce97794f4fbdf46a6580393113c3a5
b57b92f6fa37f50cce9bbdc4da5882b5dff3536ad0898201a33fa4a4499ef5f5
b94c27c7743c6321fff5bd7db9a10d5e7ddf26ac8f4d7d2dc2f8e987c237fd5a
be0c798b4c296cb3c1c059a34e4ca93828a349c81fc3a22acaecc7616a19c7f5
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c593636fe69340865d46d46b013bbbfbfac38aa5a1b70ea3d1783e741a421bfe
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
da5bdf96d78054b1cb98e9ca2b1073b10d2ac7667d5d5712bb10933e6c58e319
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd74d27f83c5d9e51c2c3025962f166ce04bf554c793391a2841a3434f5803
efd4978782f9d0592f3808b05c88ff480e144f7966439025ed7584493664c335
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8eb1134f194ca7fe0e63ee05f8c6efb2dc88f964abc37908a50c536b6c65172