employee.nanoramic.com Open in urlscan Pro
3.220.16.99  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response employee.nanoramic.com/	1 KB 1 KB	302ms 97ms	Document text/html	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash 14c0ce865cbe11449da863f4977f4af46ffeaf5a81c4c6bb945cc7653d2c7940 Request headers Host employee.nanoramic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.21.0 Date Tue, 26 Oct 2021 21:46:10 GMT Content-Type text/html Content-Length 1119 Connection keep-alive Last-Modified Tue, 26 Oct 2021 21:42:04 GMT ETag "6178762c-45f" Accept-Ranges bytes
GET H/1.1	200 OK	app.7b2590d8.css employee.nanoramic.com/css/	2 MB 2 MB	194ms 194ms	Stylesheet text/css	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/css/app.7b2590d8.css Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash e382b9ee386a6f94a643081f470efa9eb4106cd58f9cc9d034f958ea40ae1cda Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://employee.nanoramic.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:10 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-183e28" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1588776
GET H/1.1	200 OK	chunk-vendors.efcb7369.css employee.nanoramic.com/css/	1 MB 1 MB	389ms 194ms	Stylesheet text/css	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/css/chunk-vendors.efcb7369.css Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash 4c70b3a87d573bf478fa745066cd88acb4cd6150ea77034fa5643202644ee994 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://employee.nanoramic.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:11 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-15e589" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1435017
GET H/1.1	200 OK	app.f9e024cc.js Show response employee.nanoramic.com/js/	320 KB 320 KB	406ms 204ms	Script application/javascript	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/js/app.f9e024cc.js Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash ba52a7a9825b732d1b661cf4a54333be2ce12192b337f4375114754da83df3a4 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://employee.nanoramic.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:11 GMT Last-Modified Tue, 26 Oct 2021 21:42:04 GMT Server nginx/1.21.0 ETag "6178762c-500d9" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 327897
GET H/1.1	200 OK	chunk-vendors.5febc834.js Show response employee.nanoramic.com/js/	6 MB 6 MB	421ms 211ms	Script application/javascript	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/js/chunk-vendors.5febc834.js Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash d9b28e930b83787ca503777b41d98ca150765fcd173897366082721f8090fdaa Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://employee.nanoramic.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:11 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-586b54" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5794644
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	57ms 22ms	Stylesheet text/css	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software ESF / Resource Hash ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:43:39 GMT server ESF date Tue, 26 Oct 2021 21:46:10 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Tue, 26 Oct 2021 21:46:10 GMT
GET H2	200	materialdesignicons.min.css cdn.jsdelivr.net/npm/@mdi/font@latest/css/	293 KB 48 KB	64ms 27ms	Stylesheet text/css	104.16.87.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e662d5f7621fb5a963e80dfb06289cc6e560a5c58496f7704a7503e3bacea907 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 21:46:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 3540 x-jsd-version 6.4.95 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19121-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"494d4-JXrKzWI40JjB7t3Xsarpd/4PMwk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6a46e039fb0a277c-PRG
GET H2	200	api.js Show response apis.google.com/js/	13 KB 6 KB	67ms 31ms	Script application/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/js/chunk-vendors.5febc834.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 47242723acf0b6efbba2fa7d7adb0f73f548cb5b1db2f9b3cda0bbf230de21e4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8hFFLpaJcKYoaC7g5fkcRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 21:46:14 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "3d0445ddaedf4197c82f80fdfe585b3c" x-frame-options SAMEORIGIN report-to {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-8hFFLpaJcKYoaC7g5fkcRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt" expires Tue, 26 Oct 2021 21:46:14 GMT
GET H2	200	player_api Show response www.youtube.com/	980 B 1 KB	50ms 27ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/player_api Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/js/chunk-vendors.5febc834.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f14.1e100.net Software ESF / Resource Hash 5b61fa2afb545920328d7c88380ecd2a9dc3ea49e1b7ca2fe8071ab20aa9e84a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 21:46:14 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* cross-origin-opener-policy-report-only same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA" expires Tue, 26 Oct 2021 21:46:14 GMT
GET H/1.1	200 OK	logo.f44ec3a2.svg employee.nanoramic.com/img/	12 KB 12 KB	98ms 98ms	Image image/svg+xml	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://employee.nanoramic.com/img/logo.f44ec3a2.svg Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash fa995b5492398a4b8bb0602213813db963f11a100563c6a27b657219d65bbaf3 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:14 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-2f20" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 12064
GET H/1.1	200 OK	GoogleSign_button.935dd96d.svg employee.nanoramic.com/img/	11 KB 11 KB	106ms 106ms	Image image/svg+xml	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://employee.nanoramic.com/img/GoogleSign_button.935dd96d.svg Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash 3173b67a88a0f49a9f5f210975be09f3222411b518bd27f4dabbf81757072a46 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/login?nextUrl=%2Fhome%2Fdashboard User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:14 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-2cb5" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 11445
GET H/1.1	200 OK	Sign-up-mage.78949331.png employee.nanoramic.com/img/	65 KB 65 KB	98ms 97ms	Image image/png	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://employee.nanoramic.com/img/Sign-up-mage.78949331.png Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/css/app.7b2590d8.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash e2762aa5ec2ea37b5a0d62a9e6ae917bb9a17f073574ab651371d01cc5340f72 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://employee.nanoramic.com/css/app.7b2590d8.css Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/css/app.7b2590d8.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:14 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-10259" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 66137
GET H/1.1	200 OK	Gilroy-Regular.ae5e7255.ttf employee.nanoramic.com/fonts/	79 KB 79 KB	102ms 101ms	Font application/octet-stream	3.220.16.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employee.nanoramic.com/fonts/Gilroy-Regular.ae5e7255.ttf Requested by Host: employee.nanoramic.com URL: https://employee.nanoramic.com/css/app.7b2590d8.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.220.16.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-16-99.compute-1.amazonaws.com Software nginx/1.21.0 / Resource Hash 8bbb8f0f4fd01f8b8a00e316ef160a6a5863ac834ff077abb758a11ce758b598 Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://employee.nanoramic.com Accept-Encoding gzip, deflate, br Host employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest font Referer https://employee.nanoramic.com/css/app.7b2590d8.css Connection keep-alive Referer https://employee.nanoramic.com/css/app.7b2590d8.css Origin https://employee.nanoramic.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 21:46:14 GMT Last-Modified Sat, 23 Oct 2021 17:59:40 GMT Server nginx/1.21.0 ETag "61744d8c-13b58" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 80728
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/bc6d77fc/www-widgetapi.vflset/	143 KB 47 KB	8ms 6ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bc6d77fc/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/player_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f14.1e100.net Software sffe / Resource Hash 393699c2314dc1e25ff5d748cdd9eb8ae727fa439c5d5ab507e39b16e68c978f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 19:57:52 GMT content-encoding br x-content-type-options nosniff age 6502 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 47552 x-xss-protection 0 last-modified Mon, 25 Oct 2021 00:14:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 19:57:52 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/	103 KB 34 KB	48ms 16ms	Script text/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software sffe / Resource Hash ac11d0e24cf820ae08fec6f25194988b065c6729e8ce448715bd8022732295c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 12:00:20 GMT content-encoding gzip x-content-type-options nosniff age 467154 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34993 x-xss-protection 0 last-modified Sat, 02 Oct 2021 17:21:04 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Fri, 21 Oct 2022 12:00:20 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 01EB	512 B 872 B	37ms 16ms	Document text/html	142.250.184.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.205 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f13.1e100.net Software ESF / Resource Hash 53d33531ecc7478f0d5e9ca85049a5ecfb6bc1f9a66a6ef9f3edade1fc32133e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rUT2/F0+UBqERaJTriInSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/iframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://employee.nanoramic.com/ accept-encoding gzip, deflate, br cookie NID=511=D0vY2YQY11Fx87yNqbFd52-gnMotzsjMNrncu_JoF8rKFYbsoGdzkEdZhfFLEpitNECzmVo3F93qg589bTdqj2IjXBekKHd7eSKlaNJ9mS4pRhcPqDBWAyzcCRNRtAqr_g6n962l8S_-DVDf1rW_b7zpKQfwAfoSmIOA9tplM6U Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://employee.nanoramic.com/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 26 Oct 2021 21:46:14 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-rUT2/F0+UBqERaJTriInSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	682080760-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame 01EB	114 KB 40 KB	51ms 14ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/682080760-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 63209c1149111be12b8f2f24a9d1abf58338410fefea3a12821d950fe73f0124 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 14:31:55 GMT content-encoding gzip x-content-type-options nosniff age 26059 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 40108 x-xss-protection 0 last-modified Fri, 15 Oct 2021 22:07:19 GMT server sffe vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="federated-signon-mpm-access" expires Wed, 26 Oct 2022 14:31:55 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 01EB	14 B 58 B	34ms 18ms	XHR application/json	142.250.184.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Femployee.nanoramic.com&client_id=694466881684-mv3hd2clor1q5hb6dmtil5ajqbogl8ap.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/682080760-idpiframe.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.205 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f13.1e100.net Software ESF / Resource Hash 8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 21:46:14 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Tue, 26 Oct 2021 22:46:14 GMT

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp object| regeneratorRuntime function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gapi object| ___jsl object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| osapi

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bmsjbSUMExY
			.youtube.com/	1970-01-20 02:33:56	Name: VISITOR_INFO1_LIVE Value: YDTWxCCWM3k
			.google.com/	1970-01-20 02:38:15	Name: NID Value: 511=D0vY2YQY11Fx87yNqbFd52-gnMotzsjMNrncu_JoF8rKFYbsoGdzkEdZhfFLEpitNECzmVo3F93qg589bTdqj2IjXBekKHd7eSKlaNJ9mS4pRhcPqDBWAyzcCRNRtAqr_g6n962l8S_-DVDf1rW_b7zpKQfwAfoSmIOA9tplM6U
			.employee.nanoramic.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cdn.jsdelivr.net
employee.nanoramic.com
fonts.googleapis.com
ssl.gstatic.com
www.youtube.com
104.16.87.20
142.250.184.205
142.250.185.110
142.250.185.131
142.250.185.202
172.217.16.142
3.220.16.99
14c0ce865cbe11449da863f4977f4af46ffeaf5a81c4c6bb945cc7653d2c7940
3173b67a88a0f49a9f5f210975be09f3222411b518bd27f4dabbf81757072a46
393699c2314dc1e25ff5d748cdd9eb8ae727fa439c5d5ab507e39b16e68c978f
47242723acf0b6efbba2fa7d7adb0f73f548cb5b1db2f9b3cda0bbf230de21e4
4c70b3a87d573bf478fa745066cd88acb4cd6150ea77034fa5643202644ee994
53d33531ecc7478f0d5e9ca85049a5ecfb6bc1f9a66a6ef9f3edade1fc32133e
5b61fa2afb545920328d7c88380ecd2a9dc3ea49e1b7ca2fe8071ab20aa9e84a
63209c1149111be12b8f2f24a9d1abf58338410fefea3a12821d950fe73f0124
8bbb8f0f4fd01f8b8a00e316ef160a6a5863ac834ff077abb758a11ce758b598
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
ac11d0e24cf820ae08fec6f25194988b065c6729e8ce448715bd8022732295c1
ba52a7a9825b732d1b661cf4a54333be2ce12192b337f4375114754da83df3a4
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
d9b28e930b83787ca503777b41d98ca150765fcd173897366082721f8090fdaa
e2762aa5ec2ea37b5a0d62a9e6ae917bb9a17f073574ab651371d01cc5340f72
e382b9ee386a6f94a643081f470efa9eb4106cd58f9cc9d034f958ea40ae1cda
e662d5f7621fb5a963e80dfb06289cc6e560a5c58496f7704a7503e3bacea907
fa995b5492398a4b8bb0602213813db963f11a100563c6a27b657219d65bbaf3