urlscan.io logo urlscan.io
SecurityTrails logo

app.ornikar.com Open in urlscan Pro
2606:4700:11::6817:8407  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.ornikar.com/
Effective URL: https://app.ornikar.com/
Submission: On February 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2606:4700:11::6817:8407, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.ornikar.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time app.ornikar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    2606:4700:11::6817:8407 (United States)

ASN13335 (CLOUDFLARENET, US)
app.ornikar.com
assets.ornikar.com
mp.ornikar.com
1    154.85.69.15 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
cdn.polyfill.io
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o153228.ingest.sentry.io
2    2606:4700:11::6817:8307 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ornikar.com
6    35.190.217.127 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.217.190.35.bc.googleusercontent.com
auth.ornikar.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
1    2600:9000:20c3:6000:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.axept.io
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:26db:4800:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)
client.axept.io
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)
axeptio.imgix.net
2    2a03:2880:f007:8:face:b00c:0:1 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:26db:c200:18:1316:6b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
stonly.com
Apex Domain
Subdomains		 Transfer
29 ornikar.com
app.ornikar.com
assets.ornikar.com
auth.ornikar.com
mp.ornikar.com
1 MB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
482 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
3 stonly.com
stonly.com — Cisco Umbrella Rank: 28475
55 KB
3 axept.io
static.axept.io — Cisco Umbrella Rank: 53211
client.axept.io — Cisco Umbrella Rank: 60670
204 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
90 KB
1 imgix.net
axeptio.imgix.net — Cisco Umbrella Rank: 99449
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 4840
12 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
107 KB
1 sentry.io
o153228.ingest.sentry.io
324 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3333
680 B
55 12
Domain Requested by
18 app.ornikar.com 1 redirects assets.ornikar.com
app.ornikar.com
6 auth.ornikar.com assets.ornikar.com
4 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com app.ornikar.com
www.gstatic.com
www.google.com
4 assets.ornikar.com app.ornikar.com
assets.ornikar.com
3 stonly.com assets.ornikar.com
stonly.com
2 connect.facebook.net app.ornikar.com
connect.facebook.net
2 client.axept.io assets.ornikar.com
1 mp.ornikar.com assets.ornikar.com
1 axeptio.imgix.net app.ornikar.com
1 fonts.googleapis.com static.axept.io
1 static.axept.io app.ornikar.com
1 websdk.appsflyer.com assets.ornikar.com
1 www.googletagmanager.com assets.ornikar.com
1 o153228.ingest.sentry.io assets.ornikar.com
1 cdn.polyfill.io app.ornikar.com
55 17

This site contains links to these domains. Also see Links.

Domain
www.ornikar.com
pro.ornikar.com
Subject Issuer Validity Valid
ornikar.com
GTS CA 1P5		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
public.ornikar.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
static.axeptio.eu
Amazon RSA 2048 M02		 2023-06-19 -
2024-07-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
client.axept.io
Amazon RSA 2048 M01		 2023-08-03 -
2024-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-04 -
2024-03-03		 3 months crt.sh
stonly.com
Amazon RSA 2048 M02		 2024-01-07 -
2025-02-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.ornikar.com/
Frame ID: 3608612198193E4087BA196B352638B0
Requests: 42 HTTP requests in this frame

Frame: https://app.ornikar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: E021356B9749645707A15EDFA9E54A9C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Frame ID: 5E714E10717AD21E8FE2BD4E03A691B1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connexion - Ornikar

Page URL History Show full URLs

  1. http://app.ornikar.com/ HTTP 307
    https://app.ornikar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

96 %
HTTPS

81 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

2065 kB
Transfer

6741 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.ornikar.com/ HTTP 307
    https://app.ornikar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.ornikar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.ornikar.com/
Redirect Chain
  • http://app.ornikar.com/
  • https://app.ornikar.com/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f5cc36d317b96203055fd7a69a9bfbabf83fc06080ebf8fa19cf9dcc0ff13a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=30
cf-cache-status
DYNAMIC
cf-ray
85ab3d2d2ff05bb2-VIE
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.ornikar.com;
content-type
text/html
date
Sat, 24 Feb 2024 22:45:27 GMT
expires
Sat, 24 Feb 2024 22:45:57 GMT
last-modified
Fri, 23 Feb 2024 22:33:01 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
3
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.ornikar.com/
Non-Authoritative-Reason
HSTS
polyfill.min.js
cdn.polyfill.io/v3/ 		104 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es2020,es2021,es2022,localStorage,String.prototype.normalize,matchMedia,URLSearchParams,AbortController,MutationObserver,ResizeObserver&unknown=polyfill&flags=gated
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.85.69.15 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sat, 24 Feb 2024 22:45:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
access-control-allow-methods
GET,HEAD,OPTIONS
Content-Type
text/javascript; charset=UTF-8
access-control-allow-origin
*
Cache-Control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
useragent_normaliser
chrome/121.0.0
Vary
User-Agent, Accept-Encoding
Connection
keep-alive
X-Ser
BC5_US-Texas-Dallas-1-cache-3, BC13_DE-Frankfurt-Frankfurt-11-cache-2
main.e8af9dc8.js
assets.ornikar.com/learner-app/static/js/ 		3 MB
888 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbd316cfb7e8e933d2d2a9af66cd0eeb89e569b9b4cc0ac76f0e21bbebfba88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
x-guploader-uploadid
ABPtcPq-cD--HrgAKqG3xgqDiTzDu-qfWMUD_vqNB36GdvAg2q7N2jTat6qEQxb2HfkQAE1vV8K8ctb0RQQjObg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 23 Feb 2024 10:13:35 GMT
server
cloudflare
etag
W/"f8c5bb42bc653357e6078279c15c158b"
vary
Accept-Encoding
x-goog-hash
crc32c=THYbKw==, md5=+MW7QrxlM1fmB4J5wVwViw==
x-goog-generation
1708683215755631
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2678400
x-goog-stored-content-length
3438730
cf-ray
85ab3d2f7ab65bb2-VIE
expires
Sat, 24 Feb 2024 23:45:27 GMT
main.03afad05.css
assets.ornikar.com/learner-app/static/css/ 		111 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/css/main.03afad05.css
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d586158bf3e32cc9b4d08c8ffc91020c21483416a769a1980c1679cf3de81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-guploader-uploadid
ABPtcPrC7KrbEdYENA3ODLsDzHueHeDhJLmorj6sWPRB6-icdjtEvHqovH9rNkvGTgLrdWLlf_-QKRBV0Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 23 Feb 2024 14:11:34 GMT
server
cloudflare
etag
W/"6a7980495b9f6c30fd17d70b48e6b94f"
vary
Accept-Encoding
x-goog-hash
crc32c=UDsfCw==, md5=anmASVufbDD9F9cLSOa5Tw==
x-goog-generation
1704272929333585
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2678400
x-goog-stored-content-length
114144
cf-ray
85ab3d2f7ab45bb2-VIE
expires
Sat, 24 Feb 2024 23:45:27 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b94c27c7743c6321fff5bd7db9a10d5e7ddf26ac8f4d7d2dc2f8e987c237fd5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 24 Feb 2024 22:45:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 14:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Feb 2025 14:19:34 GMT
/
o153228.ingest.sentry.io/api/1801814/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o153228.ingest.sentry.io/api/1801814/envelope/?sentry_key=0c3eb9b1f3224451bbb172105aa1fb3a&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.65.0
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.ornikar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
mxpnl-browser.eabde17d.chunk.js
app.ornikar.com/learner-app/static/js/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/mxpnl-browser.eabde17d.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf0517157a4cc80e52d759a7f36c752e94b14acbc2a4ead37c6c2b5f0a8cd02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-16d1d"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d371a6e5bb2-VIE
1428.6c2c59e9.chunk.js
app.ornikar.com/learner-app/static/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/1428.6c2c59e9.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5bdf96d78054b1cb98e9ca2b1073b10d2ac7667d5d5712bb10933e6c58e319
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-87b6"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d373a975bb2-VIE
logo-fr.ef6548d7.chunk.js
app.ornikar.com/learner-app/static/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/logo-fr.ef6548d7.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd4978782f9d0592f3808b05c88ff480e144f7966439025ed7584493664c335
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-1582"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d373a985bb2-VIE
shared-fr-FR.09ea7a6d.chunk.js
app.ornikar.com/learner-app/static/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/shared-fr-FR.09ea7a6d.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7bc7c59b5bfae1cf0790b72fed5acb57d6f3503b43913c185ec72da9b124d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
REVALIDATED
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
6
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-7f1d"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d373a995bb2-VIE
/
app.ornikar.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 18:18:30 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/html
cache-control
max-age=30
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d377ad35bb2-VIE
expires
Sat, 24 Feb 2024 22:45:59 GMT
/
app.ornikar.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 23 Feb 2024 22:33:01 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/html
cache-control
max-age=30
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d377ad45bb2-VIE
expires
Sat, 24 Feb 2024 22:45:58 GMT
main.js
app.ornikar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame E021
Redirect Chain
  • https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.ornikar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
H2
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb648f81ba6a9ba3516b89b691f3895e8b8b5567e2e6bdbd3dc7348972318d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85ab3d37cb345bb2-VIE

Redirect headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
85ab3d378adf5bb2-VIE
Moderat-Regular-webfont.3c312071482f66e599f6.woff2
assets.ornikar.com/learner-app/static/media/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/media/Moderat-Regular-webfont.3c312071482f66e599f6.woff2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/css/main.03afad05.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8307 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fd74d27f83c5d9e51c2c3025962f166ce04bf554c793391a2841a3434f5803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.ornikar.com/learner-app/static/css/main.03afad05.css
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPrSxW5H8EntcS_-fC0PcGmL1TJxPtv_jLtTG1vGKuOpahhgTY0G7k25FSEUxUgd4os8qyVrl79mM38nH0U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23596
last-modified
Fri, 23 Feb 2024 10:13:33 GMT
server
cloudflare
etag
"54b449bbd0adf0bd033932865d53e834"
vary
Accept-Encoding
x-goog-generation
1707313513048309
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=8FHksQ==, md5=VLRJu9Ct8L0DOTKGXVPoNA==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2678400
x-goog-stored-content-length
23596
accept-ranges
bytes
cf-ray
85ab3d37bab1c23b-VIE
expires
Sat, 24 Feb 2024 22:50:20 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5E71 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10c7ae9a78e284d71f1dbcc775a0da19aae7a15ed96387d49dfc48d5c7e751f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xg6mzbxmOTQXnd5J2W5rHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Xg6mzbxmOTQXnd5J2W5rHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Feb 2024 22:45:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
refresh
auth.ornikar.com/api/v1/tokens/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.ornikar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,Cache-Control
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE
access-control-allow-origin
https://app.ornikar.com
access-control-max-age
86400
content-security-policy
frame-ancestors 'self' *.ornikar.com;
date
Sat, 24 Feb 2024 22:45:28 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
deny
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		375 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-533VNT
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f85ae20b81d79ddc20f20a306bb702e09c0934412e54b3dbae438ddda841f9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109103
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Feb 2024 22:45:28 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sat, 24 Feb 2024 22:45:28 GMT
Content-Encoding
gzip
x-amz-request-id
2YBFDHXY2BG0X743
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=982
Accept-Ranges
bytes
X-DataStream-Cache-Status
2
Expires
Sat, 24 Feb 2024 23:01:50 GMT
refresh
auth.ornikar.com/api/v1/tokens/ 		82 B
936 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
26
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
istio-envoy
x-download-options
noopen
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 5E71 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 13:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Feb 2025 13:09:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 5E71 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 14:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Feb 2025 14:19:34 GMT
85ab3d2d2ff05bb2
app.ornikar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E021 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/cdn-cgi/challenge-platform/h/b/jsd/r/85ab3d2d2ff05bb2
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
85ab3d383bbe5bb2-VIE
content-type
text/plain; charset=UTF-8
sdk.js
static.axept.io/ 		736 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.axept.io/sdk.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:6000:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17f6d808d49214d4697772a7c18f6fcf032febbe3147b932c4ea151b498f107a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 07:14:12 GMT
content-encoding
br
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
last-modified
Mon, 19 Feb 2024 16:50:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
55878
x-amz-server-side-encryption
AES256
etag
W/"fd5a61348f9774728afcad3dce77b78b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1ancpwernf77NIyEvt-60oovBpC4dXeXV4T5WtO7MNrQ6V6nTRy9TA==
w8Na2b5flZxPX9b-VzL08i2CJVEAiZO8uG8R2cTQnUo.js
www.google.com/js/bg/ Frame 5E71 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/w8Na2b5flZxPX9b-VzL08i2CJVEAiZO8uG8R2cTQnUo.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c35ad9be5f959c4f5fd6fe5732f4f22d822551008993bcb86f11d9c4d09d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 15:34:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
112285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6940
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Feb 2025 15:34:04 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5E71 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:32:00 GMT
x-content-type-options
nosniff
age
314009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 28 Feb 2024 07:32:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E71 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:34:40 GMT
x-content-type-options
nosniff
age
313849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:34:40 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E71 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
394575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 09:09:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5E71 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEU9EUAAAAAAuC_ndHLJkvdHXAp-pOYURWOMG5&co=aHR0cHM6Ly9hcHAub3JuaWthci5jb206NDQz&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=invisible&cb=dgyidul4c4mv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 24 Feb 2024 22:45:29 GMT
refresh
auth.ornikar.com/api/v1/tokens/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.ornikar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,Cache-Control
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE
access-control-allow-origin
https://app.ornikar.com
access-control-max-age
86400
content-security-policy
frame-ancestors 'self' *.ornikar.com;
date
Sat, 24 Feb 2024 22:45:28 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
deny
x-xss-protection
1; mode=block
2320.9033f3fa.chunk.js
app.ornikar.com/learner-app/static/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/2320.9033f3fa.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fbb0b6349c6a10826d190545df79450937af7fc5c8435defa5953af54f1a3e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-43b6"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec565bb2-VIE
6511.59b2bf12.chunk.js
app.ornikar.com/learner-app/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/6511.59b2bf12.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c593636fe69340865d46d46b013bbbfbfac38aa5a1b70ea3d1783e741a421bfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
0
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-18af"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec575bb2-VIE
authentication.52934546.chunk.css
app.ornikar.com/learner-app/static/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/css/authentication.52934546.chunk.css
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c427c0e947c80d6b37f18eb0c5e47dbf79729d744532b10ecd519c388d3858
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-1588"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec585bb2-VIE
authentication.6373505b.chunk.js
app.ornikar.com/learner-app/static/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/authentication.6373505b.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77886e35464e75fa7b8cb89d6f40af0c13e1f012cef7a3be0dc4477e2b032c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-8ed0"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec5a5bb2-VIE
authentication-fr-FR.e28186d4.chunk.js
app.ornikar.com/learner-app/static/js/ 		1 KB
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/authentication-fr-FR.e28186d4.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b62aba5183002b81ecc9b8382d1cb2eecf44e032c09a253f2212947e11b4ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-506"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec5c5bb2-VIE
LAS-authentication-fr-FR.51d5e58f.chunk.js
app.ornikar.com/learner-app/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/LAS-authentication-fr-FR.51d5e58f.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5787015b0a7cf654e78a19d8c87133120bbcbd1261a86a58fc52bb50c7a9b9e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-d23"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec5f5bb2-VIE
appPageWithoutShell-appLegalFooter.a30c34ef.chunk.css
app.ornikar.com/learner-app/static/css/ 		3 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/css/appPageWithoutShell-appLegalFooter.a30c34ef.chunk.css
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce766ded0e1ad4636e83eb3a94d216218d6de40c70bfc51b5c5f971107224b39
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-aea"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
deny
content-type
text/css
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec615bb2-VIE
appPageWithoutShell-appLegalFooter.131ddc18.chunk.js
app.ornikar.com/learner-app/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ornikar.com/learner-app/static/js/appPageWithoutShell-appLegalFooter.131ddc18.chunk.js
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71276d263cb0cd327b3515a4ff0e221c313f4e06eac32234bd041c7cac594285
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 22 Feb 2024 14:33:54 GMT
server
cloudflare
etag
W/"65d75b52-147d"
x-download-options
noopen
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
cf-ray
85ab3d38ec655bb2-VIE
refresh
auth.ornikar.com/api/v1/tokens/ 		82 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
25
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
istio-envoy
x-download-options
noopen
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
60521f519bb62c0f5c1d0b70.json
client.axept.io/ 		113 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/60521f519bb62c0f5c1d0b70.json?r=0
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:4800:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa161b4ab3bedb6a524234382d06f0f055cfa361224321c1d628163ebd77b0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:30 GMT
x-amz-version-id
gqu23COiDvg8znZeasNIoELMd8Reh6Fp
content-encoding
gzip
via
1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 13:43:27 GMT
server
AmazonS3
etag
W/"7e76837799f872df48f80be946833dec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Tj9xsSrBabUCvKPv8xJ80Uj72UTeJ-Er_SVvnhG0qIFv3LeJg3haDw==
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Requested by
Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Feb 2024 22:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 22:45:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Feb 2024 22:45:29 GMT
fr
client.axept.io/pack/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.axept.io/pack/fr
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:4800:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ campsi
Resource Hash
be0c798b4c296cb3c1c059a34e4ca93828a349c81fc3a22acaecc7616a19c7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 09:03:58 GMT
content-encoding
gzip
via
1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
222091
x-powered-by
campsi
etag
W/"2767-ygVVv4iGKwiafqcoxqL5kpf2CwQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
EvDqvk75xKV2oQxdf3kS7ZSmM1F3JkTAQOvjs61vcs9MuPxl7__YjA==
79ba3c1b-de8b-408b-a174-d8018654b996.png
axeptio.imgix.net/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axeptio.imgix.net/2022/04/79ba3c1b-de8b-408b-a174-d8018654b996.png?auto=format&fit=crop&w=170&h=auto&dpr=1
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/connexion
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b57b92f6fa37f50cce9bbdc4da5882b5dff3536ad0898201a33fa4a4499ef5f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
x-content-type-options
nosniff
age
2797545
x-cache
HIT, HIT
x-imgix-id
34b4c01ffed05a52dd87255d6cc2ae0c77cda97e
cross-origin-resource-policy
cross-origin
content-length
7235
x-served-by
cache-sjc1000116-SJC, cache-fra-etou8220119-FRA
x-imgix-render-farm
02.131624
last-modified
Tue, 23 Jan 2024 13:39:44 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 11:53:05 GMT
x-content-type-options
nosniff
age
125544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Feb 2025 11:53:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:34:45 GMT
x-content-type-options
nosniff
age
313844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:34:45 GMT
Moderat-Bold.abb84fcf0b87af9278c2.woff2
assets.ornikar.com/learner-app/static/media/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.ornikar.com/learner-app/static/media/Moderat-Bold.abb84fcf0b87af9278c2.woff2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/css/main.03afad05.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8307 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9d6ddf4e61d4b5d3698b3d2b8ea841d6ce97794f4fbdf46a6580393113c3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.ornikar.com/learner-app/static/css/main.03afad05.css
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPpDFMJJjfhYgUgbSpL8AblFR8JH2JTnPF4YDvxDcjC5tH1Nk2L-adJwUD9KfG24cctsQoDCb_oyHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
59224
last-modified
Fri, 23 Feb 2024 10:13:33 GMT
server
cloudflare
etag
"c9ec19eadba15303b78625a6c260fd0d"
vary
Accept-Encoding
x-goog-generation
1702552522836821
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=RRdvLA==, md5=yewZ6tuhUwO3hiWmwmD9DQ==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2678400
x-goog-stored-content-length
59224
accept-ranges
bytes
cf-ray
85ab3d3bee86c23b-VIE
expires
Sat, 24 Feb 2024 23:45:29 GMT
refresh
auth.ornikar.com/api/v1/tokens/ 		82 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 22:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.ornikar.com;
x-dns-prefetch-control
off
x-envoy-upstream-service-time
35
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
istio-envoy
x-download-options
noopen
x-frame-options
deny
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
refresh
auth.ornikar.com/api/v1/tokens/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.217.127 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.217.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.ornikar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,Cache-Control
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE
access-control-allow-origin
https://app.ornikar.com
access-control-max-age
86400
content-security-policy
frame-ancestors 'self' *.ornikar.com;
date
Sat, 24 Feb 2024 22:45:29 GMT
permissions-policy
camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
referrer-policy
no-referrer
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
deny
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/fr_FR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: app.ornikar.com
URL: https://app.ornikar.com/learner-app/static/js/2320.9033f3fa.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22442bdeee47577ae9512c209a831e99befa88f92622a48570a483eb63659827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Feb 2024 22:45:29 GMT
content-md5
qTAICON+yKXbItdznfrohg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
DUuX47aFBQJvYg09yLfYHzZ36poiRmrkhgPeCEX/fUkjb4BQlnVjzNcJPUsGWCHGJ9I0VffGfHvS7tQy/JIWzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c6bea4872317d68522aa68eb62af0117
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"178bee7358750ace540de9f4c56d8992"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 24 Feb 2024 23:03:36 GMT
stonly-widget.js
stonly.com/js/widget/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/stonly-widget.js?v2
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:c200:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ceb5011e40d3db09c3279cffea01e439d1d877b8942bce9ade8327838fd0eca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
230547
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-4a65"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
033wgeDW2jwYpjvVDW5a_ljeAiQrPEwtexhmBB4FvUJKcDcP1Bffsw==
expires
Thu, 07 Mar 2024 06:43:02 GMT
sdk.js
connect.facebook.net/fr_FR/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js?hash=d1c606bd6e3563e50d0a382bc94058a1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca3982d724b8429a9a0bf3a3ddcfbd153484313b6577e01075cd3f0e7c928c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
Origin
https://app.ornikar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Feb 2024 22:45:29 GMT
content-md5
codd0dIyA/yY9KM5JjlWng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88733
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
UPSROP2kLcX9Q3fkn6fmypIWTga+N3O5Hr773XMv4BmwIVvGpyceKIMfNVuw24iqMo9qqfUrPh+MGDTu+rFISg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5eb277c916bb40c5a649f9989b82f1f8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"1a475f957d5cd86edde0269743ce5516"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 23 Feb 2025 21:52:03 GMT
vendors~widget-f4ca974e2cc4bec4dc02.stonly.js
stonly.com/js/widget/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/vendors~widget-f4ca974e2cc4bec4dc02.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/stonly-widget.js?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:c200:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
51654b39d75619af3208ab885473aa47dae982e09c439125e7e22fb1560b557b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
230547
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-16801"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
piT3rV_tt7ZLgLfd4zuDq__GZwxOgD1wLH5zzjgstcijsAfgV0joFw==
expires
Thu, 07 Mar 2024 06:43:02 GMT
widget-010e097e616c1371cf37.stonly.js
stonly.com/js/widget/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/widget-010e097e616c1371cf37.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/stonly-widget.js?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:c200:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5f0b3db99ba8db1126a8bc44d6c0518c16f0faafa3bc4c8f4ce7f40acab5613c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 06:43:02 GMT
content-encoding
gzip
via
1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
age
230547
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Feb 2024 09:34:02 GMT
server
nginx
etag
W/"65d3208a-f8c8"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=1209600
x-amz-cf-id
NKliOW3egwPqXf2pIj0lUJxIVGt3K2T_uf0IBwRpYq2Lc9uxGpk-kg==
expires
Thu, 07 Mar 2024 06:43:02 GMT
integration
stonly.com/api/v1/widget/ 		0
0
/
mp.ornikar.com/track/ 		25 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.ornikar.com/track/?verbose=1&ip=1&_=1708814731008
Requested by
Host: assets.ornikar.com
URL: https://assets.ornikar.com/learner-app/static/js/main.e8af9dc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ornikar.com *.staging-fr-onroad.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Feb 2024 22:45:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
content-security-policy
default-src 'self' *.ornikar.com *.staging-fr-onroad.com;
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
x-envoy-upstream-service-time
21
content-length
25
x-xss-protection
1; mode=block
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.ornikar.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cloud-trace-context
9efd653e4e303a813e29a4c3c9e352ba
cf-ray
85ab3d44efac5bb2-VIE
access-control-allow-headers
X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stonly.com
URL
https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| parseBoolean object| _ornikar object| head object| script string| STONLY_WID object| STONLY_WIDGET_CONFIG object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| webpackChunk_ornikar_learner_webapp object| __SENTRY__ object| __REACT_INTL_CONTEXT__ function| _makeShareableClone function| _scheduleOnJS boolean| _WORKLET function| _log object| closure_lm_223877 boolean| __reactResponderSystemActive function| SET_DEPRECATED_NOTIFICATION object| __APOLLO_CLIENT__ object| dataLayer string| AppsFlyerSdkObject function| AF object| AF_cleanupMethods object| AF_SDK object| google_tag_manager object| google_tag_data object| axeptioSettings function| onYouTubeIframeAPIReady object| webpackChunkcaas_styleguide function| setImmediate function| clearImmediate object| regeneratorRuntime object| __axeptioSDK object| _axcb function| gtag object| axeptioSDK string| axeptioBuildTimestamp function| axeptioHandleVendors function| openAxeptioCookies function| showAxeptioButton function| hideAxeptioButton function| fbAsyncInit object| FB object| jsonpStonlyWidget object| __buffer

5 Cookies

Domain/Path Name / Value
.ornikar.com/ Name: cf_clearance
Value: NwwcnxpIba_WusvC0BsRYVWQo8LA7SAhpQJj7ESl8M4-1708814729-1.0-AQPbLcYDH7q6wmXEQVi9CjhRjrfvEq0JXdbfcVkB2P2JSgatGRdsrIsBBcG20Ork664vwBsBL2tEGKoitLQGq1c=
.ornikar.com/ Name: mp_f1ffd1be7875893b8ce2d22e88b7b44b_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218ddd4b7f3049e-0cfdd2c2d4121b-1931337b-1d4c00-18ddd4b7f3114e7%22%2C%22%24device_id%22%3A%20%2218ddd4b7f3049e-0cfdd2c2d4121b-1931337b-1d4c00-18ddd4b7f3114e7%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22app_configuration%22%3A%20%7B%22version%22%3A%20%225.180.3%22%2C%22market%22%3A%20%22fr%22%2C%22locale%22%3A%20%22fr-FR%22%2C%22from%22%3A%20%22webapp%22%7D%2C%22page_view%22%3A%20%7B%22page_path%22%3A%20%22%2Fconnexion%22%2C%22page_path_previous%22%3A%20%22%2F%22%2C%22page_collection%22%3A%20%22learner_webapp%22%7D%7D
.ornikar.com/ Name: axeptio_cookies
Value: {%22$$token%22:%2213cdnc7lyaq6gv3a3kt9%22%2C%22$$date%22:%222024-02-24T22:45:29.153Z%22%2C%22$$cookiesVersion%22:{}%2C%22$$completed%22:false}
.ornikar.com/ Name: axeptio_authorized_vendors
Value: %2C%2C
.ornikar.com/ Name: axeptio_all_vendors
Value: %2C%2C

6 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network error URL: https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://auth.ornikar.com/api/v1/tokens/refresh?app=learner-webapp
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://app.ornikar.com/connexion
Message:
Access to XMLHttpRequest at 'https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion' from origin 'https://app.ornikar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://stonly.com/api/v1/widget/integration?widgetId=e7acd4b0-deb3-11e9-a307-06e18af4fc90&url=https%3A%2F%2Fapp.ornikar.com%2Fconnexion
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.ornikar.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ornikar.com
assets.ornikar.com
auth.ornikar.com
axeptio.imgix.net
cdn.polyfill.io
client.axept.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mp.ornikar.com
o153228.ingest.sentry.io
static.axept.io
stonly.com
websdk.appsflyer.com
www.google.com
www.googletagmanager.com
www.gstatic.com
stonly.com
154.85.69.15
2600:9000:20c3:6000:1c:f638:2940:93a1
2600:9000:26db:4800:19:61a3:b200:93a1
2600:9000:26db:c200:18:1316:6b80:93a1
2606:4700:11::6817:8307
2606:4700:11::6817:8407
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a02:26f0:3500:11::215:14ca
2a03:2880:f007:8:face:b00c:0:1
2a04:4e42::720
34.120.195.249
35.190.217.127
0e7bc7c59b5bfae1cf0790b72fed5acb57d6f3503b43913c185ec72da9b124d1
10c7ae9a78e284d71f1dbcc775a0da19aae7a15ed96387d49dfc48d5c7e751f7
12f5cc36d317b96203055fd7a69a9bfbabf83fc06080ebf8fa19cf9dcc0ff13a
17f6d808d49214d4697772a7c18f6fcf032febbe3147b932c4ea151b498f107a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ceb5011e40d3db09c3279cffea01e439d1d877b8942bce9ade8327838fd0eca
22442bdeee47577ae9512c209a831e99befa88f92622a48570a483eb63659827
32c427c0e947c80d6b37f18eb0c5e47dbf79729d744532b10ecd519c388d3858
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40b62aba5183002b81ecc9b8382d1cb2eecf44e032c09a253f2212947e11b4ee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447ed92695c1b03998e1fdf1f21ed71dd0e7f92170fe5c905c18adc64fa95114
51654b39d75619af3208ab885473aa47dae982e09c439125e7e22fb1560b557b
5787015b0a7cf654e78a19d8c87133120bbcbd1261a86a58fc52bb50c7a9b9e9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f0b3db99ba8db1126a8bc44d6c0518c16f0faafa3bc4c8f4ce7f40acab5613c
6bb648f81ba6a9ba3516b89b691f3895e8b8b5567e2e6bdbd3dc7348972318d2
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
71276d263cb0cd327b3515a4ff0e221c313f4e06eac32234bd041c7cac594285
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cf0517157a4cc80e52d759a7f36c752e94b14acbc2a4ead37c6c2b5f0a8cd02
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
9fbb0b6349c6a10826d190545df79450937af7fc5c8435defa5953af54f1a3e1
a2d586158bf3e32cc9b4d08c8ffc91020c21483416a769a1980c1679cf3de81d
aa161b4ab3bedb6a524234382d06f0f055cfa361224321c1d628163ebd77b0f3
ab9d6ddf4e61d4b5d3698b3d2b8ea841d6ce97794f4fbdf46a6580393113c3a5
b57b92f6fa37f50cce9bbdc4da5882b5dff3536ad0898201a33fa4a4499ef5f5
b94c27c7743c6321fff5bd7db9a10d5e7ddf26ac8f4d7d2dc2f8e987c237fd5a
be0c798b4c296cb3c1c059a34e4ca93828a349c81fc3a22acaecc7616a19c7f5
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c3c35ad9be5f959c4f5fd6fe5732f4f22d822551008993bcb86f11d9c4d09d4a
c593636fe69340865d46d46b013bbbfbfac38aa5a1b70ea3d1783e741a421bfe
ca3982d724b8429a9a0bf3a3ddcfbd153484313b6577e01075cd3f0e7c928c90
ce766ded0e1ad4636e83eb3a94d216218d6de40c70bfc51b5c5f971107224b39
cfbd316cfb7e8e933d2d2a9af66cd0eeb89e569b9b4cc0ac76f0e21bbebfba88
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
da5bdf96d78054b1cb98e9ca2b1073b10d2ac7667d5d5712bb10933e6c58e319
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd74d27f83c5d9e51c2c3025962f166ce04bf554c793391a2841a3434f5803
e77886e35464e75fa7b8cb89d6f40af0c13e1f012cef7a3be0dc4477e2b032c9
efd4978782f9d0592f3808b05c88ff480e144f7966439025ed7584493664c335
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f85ae20b81d79ddc20f20a306bb702e09c0934412e54b3dbae438ddda841f9d4