urlscan.io logo urlscan.io
SecurityTrails logo

login.staging.otto.vet Open in urlscan Pro
52.15.245.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.staging.otto.vet/
Submission: On August 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 52.15.245.65, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is login.staging.otto.vet.
TLS certificate: Issued by R11 on August 22nd 2024. Valid for: 3 months.
This is the only time login.staging.otto.vet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 52.15.245.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 34.120.195.249 396982 (GOOGLE-CL...)
23 4
Apex Domain
Subdomains		 Transfer
14 otto.vet
login.staging.otto.vet
590 KB
4 gstatic.com
fonts.gstatic.com
53 KB
3 sentry.io
o358860.ingest.sentry.io — Cisco Umbrella Rank: 584383
456 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
23 4
Domain Requested by
14 login.staging.otto.vet login.staging.otto.vet
4 fonts.gstatic.com fonts.googleapis.com
3 o358860.ingest.sentry.io login.staging.otto.vet
2 fonts.googleapis.com login.staging.otto.vet
client
23 4

This site contains no links.

Subject Issuer Validity Valid
login.staging.otto.vet
R11		 2024-08-22 -
2024-11-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.staging.otto.vet/
Frame ID: DC6678432620AB8BB7CB3FF031BEEE37
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Otto Login

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

645 kB
Transfer

1898 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.staging.otto.vet/ 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1f739a527a31d4a4f0642e441816a0e7d957c4e817bbd7de871eb46521ec1591
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 22 Aug 2024 12:30:33 GMT
etag
"8f7e-0vwtzuDM8gHlfFXSZLbOuUcp488"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
env.js
login.staging.otto.vet/ 		373 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/env.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
168c512323487063fc896e7e495e890771524583083c72050d9d7762a99d49ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 22 Aug 2024 05:04:23 GMT
etag
W/"175-1917878ba1d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
373
webpack-6773bc56dd3a1099.js
login.staging.otto.vet/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/webpack-6773bc56dd3a1099.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0e7fccc38ea90fd95a50d01f1c8b5f4d280a38676a7bffbedefbfe1cafbbd2c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"fa4-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework-1b1477f9717fa649.js
login.staging.otto.vet/_next/static/chunks/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/framework-1b1477f9717fa649.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e67db44645c96b487d8f05b6498643492c11e95aa67d34b284f6bc421f87eb4e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"1fbf2-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-a07e9547dc72bd05.js
login.staging.otto.vet/_next/static/chunks/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/main-a07e9547dc72bd05.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
21513ed98a151b30ae09ba67e3b96765882adec3d2325e6aaa48b095897fe6f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"183e7-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-ad78f49779232ab0.js
login.staging.otto.vet/_next/static/chunks/pages/ 		1 MB
405 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/pages/_app-ad78f49779232ab0.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
b7d6313565ca49d5b0bbf16acdf23d8110b9b7c79bc1c4542318d0aa3f7d6703
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"1582ac-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
866-5125eaf0452f80dc.js
login.staging.otto.vet/_next/static/chunks/ 		41 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/866-5125eaf0452f80dc.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2447c98a5edec05ca69a1a19daa1b181d83478cc24112b8b15d2731352b91be9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"a32e-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
232-004406271900e74f.js
login.staging.otto.vet/_next/static/chunks/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/232-004406271900e74f.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
885b9ab21d2162a80f854b1d94a445464dc32fd84adf2500e1f72ca3e5e8acb3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"4bd7-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
index-aa27f330e33c85c1.js
login.staging.otto.vet/_next/static/chunks/pages/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/chunks/pages/index-aa27f330e33c85c1.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
835816d46d087851fc468a7184eb49bff183be7386a05057b9ad012675e8aace
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"18e1-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_buildManifest.js
login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/ 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/_buildManifest.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
58ee58a4a318ad90caaf728f7f2dcd6c292642e0f161d8f319648035a65f7d77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"3d1-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
977
_ssgManifest.js
login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/ 		77 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/_ssgManifest.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:56:42 GMT
etag
W/"4d-1914df53810"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
77
_middlewareManifest.js
login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/ 		92 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/_next/static/lg5-LE22NmkDl_8Wgjf14/_middlewareManifest.js
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:57:05 GMT
etag
W/"5c-1914df591e8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
92
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7726b7569ec4cbee6166075254edcd400b637ef4e1fa6c9f728b4ee0e84f99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 12:30:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 12:30:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.staging.otto.vet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:08:32 GMT
x-content-type-options
nosniff
age
166922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:08:32 GMT
/
o358860.ingest.sentry.io/api/6585105/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o358860.ingest.sentry.io/api/6585105/envelope/?sentry_key=1e8db1fcf63540bd82fd67c82bdbf64c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/_next/static/chunks/pages/_app-ad78f49779232ab0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 12:30:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
css2
fonts.googleapis.com/ 		11 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b7726b7569ec4cbee6166075254edcd400b637ef4e1fa6c9f728b4ee0e84f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Aug 2024 12:30:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Aug 2024 12:30:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.staging.otto.vet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:08:32 GMT
x-content-type-options
nosniff
age
166922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:08:32 GMT
/
o358860.ingest.sentry.io/api/6585105/envelope/ 		41 B
98 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o358860.ingest.sentry.io/api/6585105/envelope/?sentry_key=1e8db1fcf63540bd82fd67c82bdbf64c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/_next/static/chunks/pages/_app-ad78f49779232ab0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
48c722ecbf8a57e816e7a6fca520b6c4bc1cc0dbe67092bd43b790c6b247c21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 12:30:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
image
login.staging.otto.vet/_next/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.staging.otto.vet/_next/image?url=%2Fassets%2Fauth-page-splash-screen.png&w=1920&q=75
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e43b464b1d5ff82c84d896979c3e837201b492d488a6f389ed48b75c8c7ffd01
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:34 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=15724800; includeSubDomains
etag
5DtGSx1f+CyE2JaXnD6DcgG0ktSIpvOJ7Ui3XIx--QE=
x-frame-options
SAMEORIGIN
vary
Accept
content-type
image/webp
x-nextjs-cache
STALE
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="auth-page-splash-screen.webp"
XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
391d904f3fd470031d9207a2dcece3b27f63be28ec5b2a0a0ee759948705c3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.staging.otto.vet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 18:40:00 GMT
x-content-type-options
nosniff
age
582634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16312
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 18:40:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.staging.otto.vet
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:09:26 GMT
x-content-type-options
nosniff
age
166868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:09:26 GMT
favicon.ico
login.staging.otto.vet/favicon/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.staging.otto.vet/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.15.245.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-245-65.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
04a88524b09e9fb7fe3dcb8c9a349a86a16590c122694246b7b046f9575cd720
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 12:30:35 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 13 Aug 2024 22:55:01 GMT
etag
W/"3c2e-1914df3ad88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=0
accept-ranges
bytes
/
o358860.ingest.sentry.io/api/6585105/envelope/ 		41 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o358860.ingest.sentry.io/api/6585105/envelope/?sentry_key=1e8db1fcf63540bd82fd67c82bdbf64c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0
Requested by
Host: login.staging.otto.vet
URL: https://login.staging.otto.vet/_next/static/chunks/pages/_app-ad78f49779232ab0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
427d79eed85010286ebef2dff97b96087ac2e8519c50897dbf6b06f2bdbbb597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login.staging.otto.vet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 12:30:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| env object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| __SENTRY__ object| SENTRY_RELEASE function| applyFocusVisiblePolyfill function| __BUILD_MANIFEST_CB function| __MIDDLEWARE_MANIFEST_CB object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST

1 Cookies

Domain/Path Name / Value
login.staging.otto.vet/ Name: INGRESSCOOKIE
Value: 1724329834.495.68.215225|2a820254c78f2deef17f5e16078c0c4e

2 Console Messages

Source Level URL
Text
recommendation warning URL: https://login.staging.otto.vet/
Message:
[DOM] Found 2 elements with non-unique id #field-1: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://login.staging.otto.vet/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.staging.otto.vet
o358860.ingest.sentry.io
2a00:1450:4001:81d::200a
2a00:1450:4001:829::2003
34.120.195.249
52.15.245.65
04a88524b09e9fb7fe3dcb8c9a349a86a16590c122694246b7b046f9575cd720
0e7fccc38ea90fd95a50d01f1c8b5f4d280a38676a7bffbedefbfe1cafbbd2c4
168c512323487063fc896e7e495e890771524583083c72050d9d7762a99d49ea
1f739a527a31d4a4f0642e441816a0e7d957c4e817bbd7de871eb46521ec1591
21513ed98a151b30ae09ba67e3b96765882adec3d2325e6aaa48b095897fe6f3
2447c98a5edec05ca69a1a19daa1b181d83478cc24112b8b15d2731352b91be9
391d904f3fd470031d9207a2dcece3b27f63be28ec5b2a0a0ee759948705c3bf
427d79eed85010286ebef2dff97b96087ac2e8519c50897dbf6b06f2bdbbb597
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c722ecbf8a57e816e7a6fca520b6c4bc1cc0dbe67092bd43b790c6b247c21c
58ee58a4a318ad90caaf728f7f2dcd6c292642e0f161d8f319648035a65f7d77
6b7726b7569ec4cbee6166075254edcd400b637ef4e1fa6c9f728b4ee0e84f99
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
835816d46d087851fc468a7184eb49bff183be7386a05057b9ad012675e8aace
885b9ab21d2162a80f854b1d94a445464dc32fd84adf2500e1f72ca3e5e8acb3
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
b7d6313565ca49d5b0bbf16acdf23d8110b9b7c79bc1c4542318d0aa3f7d6703
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e43b464b1d5ff82c84d896979c3e837201b492d488a6f389ed48b75c8c7ffd01
e67db44645c96b487d8f05b6498643492c11e95aa67d34b284f6bc421f87eb4e