ortto.app Open in urlscan Pro
3.135.56.197  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request preferences Show response ortto.app/-/m/s/	11 KB 12 KB	463ms 222ms	Document text/html	3.135.56.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.135.56.197 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-135-56-197.us-east-2.compute.amazonaws.com Software / Resource Hash 6ae2e41083566b4cebdd4e528d049f675c0ad118c220a3c8770aed5939608eba Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS allow GET, POST, PUT, DELETE, OPTIONS cache-control no-cache, no-store content-length 11492 content-type text/html; charset=utf-8 date Tue, 05 Sep 2023 16:49:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-apigw-id KytPjGDWCYcFqBw= x-amzn-requestid 581ff40b-e7c1-4ed1-b202-05322931fa7f x-amzn-trace-id Root=1-64f75bfc-3c78669b13c66a102342fdbb;Sampled=0;lineage=f333015f:0 x-frame-options SAMEORIGIN
GET H2	200	ortto-logo.png s.ortto-prod.com/	2 KB 2 KB	75ms 15ms	Image image/png	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ortto-prod.com/ortto-logo.png Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 80e68d435c07603c5004da5ea3242c2539e88a986c7fbd32e2642b50914226e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 06:56:12 GMT via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 31 Mar 2022 04:05:35 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 35953 x-amz-server-side-encryption AES256 etag "e8f279c365de5702f8f9f611cbe1741c" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 1777 x-amz-cf-id 45lHRBNn5i-eM2YBpilLfaTUPUI-DGO2yV1BMHQE1Bcm4Nf6PEnOQg==
GET H2	200	error.png s.ortto-prod.com/	1 KB 1 KB	75ms 16ms	Image image/png	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ortto-prod.com/error.png Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 864a13692ca61640528fb7e71773f3e4beea7e6112fee133e707f68ce227213b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 06:21:15 GMT via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 31 Mar 2022 04:05:34 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 39552 x-amz-server-side-encryption AES256 etag "0e5e187c3222ac03ac4649f63bb95568" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 1032 x-amz-cf-id nDVQsEXBHoUpe7uzphIZsEtAYnFtVNgZ11NS9clvyXppFt11FokGAA==
GET H2	200	polyfill.bundle.js Show response s.ortto-prod.com/messages/master/v1913/dist/	4 KB 2 KB	63ms 16ms	Script text/javascript	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.ortto-prod.com/messages/master/v1913/dist/polyfill.bundle.js Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 805f1fd83b995162f1857201f1edbb7f160ff885da8a85cea053b131744faa48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 07:04:18 GMT content-encoding gzip via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 04 Sep 2023 07:04:09 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 121484 etag W/"4cf4d7d09a5f6f24ca7255d4d888469c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=7776000 x-amz-cf-id Gg97bPx4Yyj9skZmd98lmqfUFJUF-D7tJ1mbVAfAp4uJRLaCsAxRYw==
GET H2	200	vendor.bundle.js Show response s.ortto-prod.com/messages/master/v1913/dist/	1 MB 347 KB	64ms 18ms	Script text/javascript	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.ortto-prod.com/messages/master/v1913/dist/vendor.bundle.js Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 52dba09eaee7b97ec55277b6f006dffcf60227f4e67597d61043a4312a7bc530 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 07:04:18 GMT content-encoding gzip via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 04 Sep 2023 07:04:10 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 121484 etag W/"c16f2ce6690a23a699eda46626014b08" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=7776000 x-amz-cf-id vDHwr2n3NcXoPzUvmvdvFiKNN5DWcyKSkh_C0pQnwGeNqFDXi8lN4w==
GET H2	200	autopilot.bundle.js Show response s.ortto-prod.com/messages/master/v1913/dist/	2 MB 383 KB	73ms 27ms	Script text/javascript	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.ortto-prod.com/messages/master/v1913/dist/autopilot.bundle.js Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 2e36dcaaf361876ea08fc6bd13066c0b1332caac7deb82480f0e81a9cdfc9422 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 07:04:18 GMT content-encoding gzip via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 04 Sep 2023 07:04:08 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 121484 etag W/"069275db66013421e1cfc0cd19a0ce89" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=7776000 x-amz-cf-id BTmolf5ESy-Gj-N1rf4Gfbo1DRstmWwSuRBz02VqKohRMvKKTpo0BA==
GET H2	200	app.js Show response t.ortto.com/	112 KB 26 KB	494ms 212ms	Script text/javascript	3.23.199.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.ortto.com/app.js Requested by Host: ortto.app URL: https://ortto.app/-/m/s/preferences?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.23.199.68 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-199-68.us-east-2.compute.amazonaws.com Software AmazonS3 / Resource Hash aa3308ee8e83804bd16050deb567a4ef179650dc812ebe4ad37cd839ca0a007f Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 05:48:19 GMT content-encoding gzip via 1.1 8d8e064c65472b4d9092417cdcece59c.cloudfront.net (CloudFront) strict-transport-security max-age=63072000 last-modified Tue, 05 Sep 2023 05:48:10 GMT server AmazonS3 x-amz-cf-pop CMH68-P2 age 39643 etag W/"511926608258bfc1b42186fbbf3dde14" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=3600 x-amz-cf-id qRuyvTDt3CSIYizg3DRAWfFjHHTkZq1A4TvBb5L615skiYj9hd99pw==
POST H2	200	get Show response assets-api-us.ortto.app/-/m/s/brandbook/	2 KB 1 KB	341ms 111ms	Fetch application/json	3.130.15.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-api-us.ortto.app/-/m/s/brandbook/get?r=0.07183947038240501 Requested by Host: s.ortto-prod.com URL: https://s.ortto-prod.com/messages/master/v1913/dist/autopilot.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.130.15.207 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-130-15-207.us-east-2.compute.amazonaws.com Software / Resource Hash 020621c05d8e54f25209c9caf64dd88453d49ad69fe3e8f08fcafd04e9ea34ba Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ortto.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-version master-2308300210-5739-2c4e7f4 date Tue, 05 Sep 2023 16:49:01 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains; preload allow GET, POST, PUT, DELETE, OPTIONS access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://ortto.app vary Accept-Encoding access-control-allow-credentials true access-control-allow-headers *, Authorization content-length 735
GET H2	200	85.bundle.js Show response s.ortto-prod.com/messages/master/v1913/dist/	585 B 1017 B	38ms 38ms	Script text/javascript	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.ortto-prod.com/messages/master/v1913/dist/85.bundle.js Requested by Host: s.ortto-prod.com URL: https://s.ortto-prod.com/messages/master/v1913/dist/polyfill.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 5b00ab3db340d8d0fa75f38ab70169e7711b505f3a1fb8232846a8fdd8beed9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 07:16:50 GMT via 1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 04 Sep 2023 07:04:08 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 120732 etag "7d8cf79d0a8a8364cd7a84e8da30bdcc" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes content-length 585 x-amz-cf-id cgb2XZyJNotk3A2_u_g_POEeAqVgW77vAg5WW9mzUqcBd-4X9gqVCQ==
POST H2	200	get Show response assets-api-us.ortto.app/-/m/s/subscriptions/	436 B 790 B	370ms 183ms	Fetch application/json	3.130.15.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-api-us.ortto.app/-/m/s/subscriptions/get?r=0.5005719499846684 Requested by Host: s.ortto-prod.com URL: https://s.ortto-prod.com/messages/master/v1913/dist/autopilot.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.130.15.207 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-130-15-207.us-east-2.compute.amazonaws.com Software / Resource Hash 664a7f8f9fe02f4fc334c84e57781e7c0dc935e50d0dee78149b0c2df543e007 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ortto.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-version master-2308300210-5739-2c4e7f4 date Tue, 05 Sep 2023 16:49:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload allow GET, POST, PUT, DELETE, OPTIONS access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://ortto.app vary Accept-Encoding access-control-allow-credentials true access-control-allow-headers *, Authorization content-length 436
POST H2	200	page-event Show response t.ortto.com/-/events/	68 B 536 B	336ms 119ms	XHR application/json	3.23.199.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.ortto.com/-/events/page-event Requested by Host: t.ortto.com URL: https://t.ortto.com/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.23.199.68 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-199-68.us-east-2.compute.amazonaws.com Software / Resource Hash f5c2d9a3c73eb7ee0c0996a1a277eb030175ab0d44ede6c531e71655b68e01c7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://ortto.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Sep 2023 16:49:01 GMT strict-transport-security max-age=63072000 x-version master-2309050529-4553-8b14504 allow GET, POST, PUT, DELETE, OPTIONS access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://ortto.app cache-control no-cache, must-revalidate access-control-allow-credentials true vary Accept-Encoding, Accept-Encoding content-length 68 expires 0
GET H2	200	l_3ca37777-8ead-463c-8b17-4fa483641fb9.png m.autopilotapp.com/vsimple/logo/	8 KB 9 KB	72ms 10ms	Image image/png	108.138.7.63 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.autopilotapp.com/vsimple/logo/l_3ca37777-8ead-463c-8b17-4fa483641fb9.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-63.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3f9a4abdb1a259e3f8fbe0b16061d6810bc3103bbfc31c232d72028ef2b5c580 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 20:58:11 GMT via 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains age 71451 x-amz-cf-pop FRA56-P6 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 8293 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 11 Jul 2022 16:52:59 GMT server AmazonS3 etag "57ae5d9866bd9bbafdffb894df4e995e" x-frame-options SAMEORIGIN vary Origin content-type image/png accept-ranges bytes x-amz-cf-id qrM96ro5GKeao3cU5S1aVu15w7p2EuIUwgD3OM0cIueV50MEhABzkw==
GET H2	200	NeueHaasGrotTextRound-55Roman-Web.cd2e66fdee191ad57ad1f40b6c151abb.woff2 s.ortto-prod.com/messages/master/v1913/dist/	29 KB 30 KB	44ms 15ms	Font font/woff2	18.65.39.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.ortto-prod.com/messages/master/v1913/dist/NeueHaasGrotTextRound-55Roman-Web.cd2e66fdee191ad57ad1f40b6c151abb.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-45.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 07c337004472ae74e4743ff98f946094fbc00f2b16d4ff8991272dd6e2093656 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ortto.app/ Origin https://ortto.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 07:04:22 GMT via 1.1 b0062bb33b961b53be87d688f2bdd9f8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop AMS1-P1 age 121480 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 30181 last-modified Mon, 04 Sep 2023 07:04:08 GMT server AmazonS3 etag "cd2e66fdee191ad57ad1f40b6c151abb" access-control-max-age 0 access-control-allow-methods GET, HEAD content-type font/woff2 access-control-allow-origin * cache-control public, max-age=7776000 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id QYMZOCN7DhBQd9adE9R5mQCHmWyuIA9Nnfp162BFy8KjkKxLPQ4D7A==
GET H2	200	custom-fonts.css accounts-api-us.ortto.app/-/settings/	1 B 257 B	383ms 114ms	Stylesheet text/css	3.20.166.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://accounts-api-us.ortto.app/-/settings/custom-fonts.css?k=B3ZzaW1wbGUAYsxRGoIqHGFfmQBgZPc0fOU1JfV1DQzPADmP&family=Space%20Grotesk&family=Montserrat Requested by Host: s.ortto-prod.com URL: https://s.ortto-prod.com/messages/master/v1913/dist/autopilot.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.20.166.56 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-20-166-56.us-east-2.compute.amazonaws.com Software / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers x-version master-2309010029-8145-c8a5d5a date Tue, 05 Sep 2023 16:49:02 GMT strict-transport-security max-age=63072000; includeSubDomains; preload allow GET, POST, PUT, DELETE, OPTIONS access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css access-control-allow-origin * content-length 1
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	45ms 20ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Space%20Grotesk:wght@400;700&family=Montserrat:wght@400;700 Requested by Host: s.ortto-prod.com URL: https://s.ortto-prod.com/messages/master/v1913/dist/autopilot.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a0c33411f68200442cf60078bcfe701b2112979cca7289b971ea7d008ac9025e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ortto.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 05 Sep 2023 16:49:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 05 Sep 2023 16:49:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Sep 2023 16:49:01 GMT
GET H2	200	V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 fonts.gstatic.com/s/spacegrotesk/v15/	21 KB 21 KB	40ms 15ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Space%20Grotesk:wght@400;700&family=Montserrat:wght@400;700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ortto.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Fri, 01 Sep 2023 19:45:54 GMT x-content-type-options nosniff age 334987 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21096 x-xss-protection 0 last-modified Thu, 15 Dec 2022 21:08:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 31 Aug 2024 19:45:54 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	32ms 8ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Space%20Grotesk:wght@400;700&family=Montserrat:wght@400;700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ortto.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sat, 02 Sep 2023 06:58:18 GMT x-content-type-options nosniff age 294643 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Sep 2024 06:58:18 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 30 KB	42ms 18ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Space%20Grotesk:wght@400;700&family=Montserrat:wght@400;700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ortto.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sat, 02 Sep 2023 06:58:18 GMT x-content-type-options nosniff age 294643 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Sep 2024 06:58:18 GMT
POST H2	200	get Show response t.ortto.com/-/widgets/	194 KB 14 KB	118ms 118ms	XHR application/json	3.23.199.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.ortto.com/-/widgets/get Requested by Host: t.ortto.com URL: https://t.ortto.com/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.23.199.68 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-199-68.us-east-2.compute.amazonaws.com Software / Resource Hash f222e31a0a12fae83b195bc2427b37a530c35b1e5a8fd9d16c14493abe36e6bb Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://ortto.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-version master-2309050529-4553-8b14504 date Tue, 05 Sep 2023 16:49:01 GMT content-encoding gzip strict-transport-security max-age=63072000 vary Accept-Encoding, Accept-Encoding allow GET, POST, PUT, DELETE, OPTIONS access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin https://ortto.app content-type application/json access-control-allow-credentials true

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| AP3_ENV string| AP3_JWTM string| AP3_DEVICE_TYPE object| AP3_DISCOVERY string| AP3_DOCS_URL string| AP3_GOOGLE_MAP_API_KEY object| AP3_FEATURES string| AP3_CDN_PATH string| AP3_LANG object| ap3c object| s object| t object| webpackJsonp object| scCGSHMRCache object| __deprecated function| googleMapsScriptOnload boolean| __DEV__ number| TIMEOUT number| BASE_NEEDLE_ANGLE number| START_NEEDLE_MOVE_ANGLE number| END_NEEDLE_MOVE_ANGLE number| NEEDLE_ANGLE_INCREMENT number| DECIMAL_MULTIPLIER string| CLOSE_WIDGET_LINK string| PUSH_PERMISSION_LINK string| AP3_WIDGETS_PREFIX object| cookies object| frequencies boolean| isMobile object| validShopifyCartAddPaths object| validShopifyCartAddStatuses function| getFieldType function| getDefaultValue function| populateSelectOptions function| getTimeFromSeconds string| uA string| vendor undefined| submitter undefined| submitterSelector function| jsonFromXhr function| sortObjectAndToString function| calcTrackKey function| readCookie function| removeCookie function| convertLegacyCookies function| convertLegacyPageFilter function| isKnownSession object| widgetsAccepted function| getShopifyProductCurrentVariantId function| polyfillDateInput

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ortto.app/	1969-12-31 23:59:59	Name: ap3pages Value: 1
			.ortto.app/	1970-01-20 23:19:14	Name: ap3c Value: IGT3W_0rnKFLUaEDAGT3W_0MhQe4L0RPfSSDGhx78LHN20muUw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-api-us.ortto.app
assets-api-us.ortto.app
fonts.googleapis.com
fonts.gstatic.com
m.autopilotapp.com
ortto.app
s.ortto-prod.com
t.ortto.com
108.138.7.63
18.65.39.45
2a00:1450:4001:808::200a
2a00:1450:4001:828::2003
3.130.15.207
3.135.56.197
3.20.166.56
3.23.199.68
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
020621c05d8e54f25209c9caf64dd88453d49ad69fe3e8f08fcafd04e9ea34ba
07c337004472ae74e4743ff98f946094fbc00f2b16d4ff8991272dd6e2093656
2e36dcaaf361876ea08fc6bd13066c0b1332caac7deb82480f0e81a9cdfc9422
3f9a4abdb1a259e3f8fbe0b16061d6810bc3103bbfc31c232d72028ef2b5c580
52dba09eaee7b97ec55277b6f006dffcf60227f4e67597d61043a4312a7bc530
5b00ab3db340d8d0fa75f38ab70169e7711b505f3a1fb8232846a8fdd8beed9c
664a7f8f9fe02f4fc334c84e57781e7c0dc935e50d0dee78149b0c2df543e007
6ae2e41083566b4cebdd4e528d049f675c0ad118c220a3c8770aed5939608eba
805f1fd83b995162f1857201f1edbb7f160ff885da8a85cea053b131744faa48
80e68d435c07603c5004da5ea3242c2539e88a986c7fbd32e2642b50914226e4
864a13692ca61640528fb7e71773f3e4beea7e6112fee133e707f68ce227213b
a0c33411f68200442cf60078bcfe701b2112979cca7289b971ea7d008ac9025e
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
aa3308ee8e83804bd16050deb567a4ef179650dc812ebe4ad37cd839ca0a007f
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
f222e31a0a12fae83b195bc2427b37a530c35b1e5a8fd9d16c14493abe36e6bb
f5c2d9a3c73eb7ee0c0996a1a277eb030175ab0d44ede6c531e71655b68e01c7