urlscan.io logo urlscan.io
SecurityTrails logo

nexttrack.olympic.org Open in urlscan Pro
2600:9000:2057:e400:1d:27d5:cbc0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nexttrack.olympic.org/
Effective URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Submission: On February 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2600:9000:2057:e400:1d:27d5:cbc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is nexttrack.olympic.org.
TLS certificate: Issued by Thawte RSA CA 2018 on July 28th 2021. Valid for: a year.
This is the only time nexttrack.olympic.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2600:9000:205... 16509 (AMAZON-02)
1 54.152.40.187 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
22 6
12    2600:9000:2057:e400:1d:27d5:cbc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexttrack.olympic.org
1    54.152.40.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-40-187.compute-1.amazonaws.com
tools.screendragon.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
12 olympic.org
nexttrack.olympic.org
533 KB
5 gstatic.com
www.gstatic.com
467 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 13
25 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 2989
605 B
1 screendragon.com
tools.screendragon.com
31 KB
22 5
Domain Requested by
12 nexttrack.olympic.org 1 redirects nexttrack.olympic.org
5 www.gstatic.com www.google.com
4 www.google.com nexttrack.olympic.org
www.gstatic.com
1 fast.fonts.net nexttrack.olympic.org
1 tools.screendragon.com nexttrack.olympic.org
22 5

This site contains no links.

Subject Issuer Validity Valid
nexttrack.olympic.org
Thawte RSA CA 2018		 2021-07-28 -
2022-08-28		 a year crt.sh
*.screendragon.com
GlobeSSL DV CA		 2021-06-15 -
2022-07-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Frame ID: 5897951D693C96B40DAC9CE49A989B0B
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem&co=aHR0cHM6Ly9uZXh0dHJhY2sub2x5bXBpYy5vcmc6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=normal&cb=eg1q359ul7qz
Frame ID: 60E29208B22D5021D8010B13A2D46323
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem
Frame ID: 056C581398E5E332C8B76EC8C297EB53
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NEXTTRACK

Page URL History Show full URLs

  1. https://nexttrack.olympic.org/ HTTP 302
    https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

1055 kB
Transfer

1826 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nexttrack.olympic.org/ HTTP 302
    https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.aspx
nexttrack.olympic.org/
Redirect Chain
  • https://nexttrack.olympic.org/
  • https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
20 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b0848d9b7b659216b8ad59bc7e98837b3b5bf489db8c6ab07fa75b8496465348
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
20778
date
Wed, 09 Feb 2022 09:19:40 GMT
cache-control
private,private, max-age=31536000
pragma
private, max-age=31536000
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
x-cache
Miss from cloudfront
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
jidQVz0LUSNsAGi_Ycr7_IqsAPDUIiqenZnB9QINubzswdsvyLw2Sg==

Redirect headers

content-type
text/html; charset=utf-8
content-length
34246
date
Wed, 09 Feb 2022 09:19:40 GMT
cache-control
private,private, max-age=31536000
pragma
private, max-age=31536000
location
/login.aspx?ReturnUrl=%2f
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
x-cache
Miss from cloudfront
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
FSb6dJ-ptHlPOBFILiRhsvsDRUq5EFkiksKY2a4V1N0ntfnpa5rPkw==
login.css
nexttrack.olympic.org/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/css/login.css?v=1902152377
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b129bd766ffdec7e97f53e4e4892b514e75ffa5a85b7c0e348da052b64464218
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"b54052d7542d81:0"
last-modified
Wed, 05 Jan 2022 16:54:02 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
text/css
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
18147
x-amz-cf-id
P0s8OAcfGGN-8sbuedbLhLPOljbgGefRuSBmsSX5_I3WiJP38sDAKg==
skin.css
nexttrack.olympic.org/assets/ioc/css/ 		190 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
408d788a9b2b81d955e6b01f3428436755507a25364c7e113214ddc7f7240677
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"87bf59d2542d81:0"
last-modified
Wed, 05 Jan 2022 16:53:53 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
text/css
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
194334
x-amz-cf-id
Sc5No1uwZkMvMPf2QpQWZP2T3ITekdfVZU4AnqEBwnVUtwQHe9YAVw==
jquery-3.5.1.min.js
tools.screendragon.com/v2/jquery/jquery-3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.screendragon.com/v2/jquery/jquery-3.5.1/jquery-3.5.1.min.js
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.152.40.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-40-187.compute-1.amazonaws.com
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 09:19:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 03:05:04 GMT
ETag
"07098d5611dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
30981
Configuration.js
nexttrack.olympic.org/built/js/sd/ 		120 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/built/js/sd/Configuration.js?v=1902152377
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
400d85db28474851d3d87bedbd36b262c900db7f0e64950c10b51c96d14da55e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"4e8589a542d81:0"
last-modified
Wed, 05 Jan 2022 16:52:19 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
122649
x-amz-cf-id
H-mGhgl00e-Us4W0xltVekGg5skLhMIkjKXHbgLH1_v89czwFbhwJw==
Configuration.js
nexttrack.olympic.org/ 		5 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/Configuration.js?v=1902152377
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c8ae4292c753d39a8e6fe17e59700ddbf009e0c9a4283e939c718f602eb958bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"0b073e2542d81:0"
last-modified
Wed, 05 Jan 2022 16:54:20 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
5611
x-amz-cf-id
hwrjMnR-rb8Adxqhwq-D2f5tNAuillLSSBEVj_3WgsF6AkUGk9QgWQ==
WebResource.axd
nexttrack.olympic.org/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/WebResource.axd?d=_r1rASm_O98BfTR0xw8Uyknv-w1ofu22EPaR0c2vgmzzvsr-jHjpvIjDi6wzmWvHw41UucGAv_NCr4-oOK6wk7xJrp406rNbnUh0cD-ITB81&t=637729624233813844
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 19 Nov 2021 23:47:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
public,private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
content-length
23063
x-amz-cf-id
ffxFl-6iy08SG6ru2HFJkh0sJh6HAkEwXLcXqc928W8-lFTalk_KKQ==
expires
Thu, 09 Feb 2023 09:19:40 GMT
WebResource.axd
nexttrack.olympic.org/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/WebResource.axd?d=2PJzf-ethJTpeqrDS3Po5iEmLzPQx6pICWq_dz9t81xbBtVqbv3OZRhUgd64ymEzIyGJTaZ9vrHSkdWt51o6bqJoIWKca2L6cu_qU4-0-c01&t=637729624233813844
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:40 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 19 Nov 2021 23:47:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/x-javascript
cache-control
public,private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
content-length
3005
x-amz-cf-id
xVgH9Ettg-Ql7gvSmwbQ05Wwp08yLBLLRbAH8vvA6PaowUbxUok8sA==
expires
Thu, 09 Feb 2023 09:19:40 GMT
api.js
www.google.com/recaptcha/ 		909 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
329f8443fd44d619a730954699b89612a250f1be701dd0ac299d88f2b4783221
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 09:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Wed, 09 Feb 2022 09:19:41 GMT
1.css
fast.fonts.net/t/ 		0
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=8a880f0d-540b-4afb-906f-b5d58e7d9c82
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 09:19:41 GMT
cf-cache-status
HIT
age
206549
cf-ray
6dac0479d949914c-FRA
content-length
0
x-amz-id-2
DW98TdNtJLppxxjzU8I2JkK05/AyOBCprAzh8/XWRZMj/4RaIDhSbOIdYz07sBIevz2vBad7dWw=
last-modified
Tue, 23 Mar 2021 12:59:23 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
FVWMN8X2WACB15HX
cache-control
public, max-age=0, s-maxage=604800
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-meta-mtime
1519217722
logon_img.jpg
nexttrack.olympic.org/assets/ioc/img/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexttrack.olympic.org/assets/ioc/img/logon_img.jpg
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9aa00247a69e0a1ebfb561f65f87ac28c8843f4d17756a75d17d5ea90e4351a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:41 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private,private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
content-length
74244
x-amz-cf-id
NxRbXYJuTee5SNeTD40oXkpLQxydYsgok8JUu4QF11NYnQ9i2lZ2KA==
logo-logon.png
nexttrack.olympic.org/assets/ioc/img/ 		30 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexttrack.olympic.org/assets/ioc/img/logo-logon.png
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c41dfda9d9231094246fe5f2f51e4c9f517d7e333020948adca7cd1c7d9bd5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:41 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
cache-control
private,private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
content-length
31057
x-amz-cf-id
OoKhQ8dMhq1utXC4SVArNTOUGP0T2ZEFwspo4pwxXGvPZZM_9t-nVA==
c2f2df98-3119-4cb3-a081-ed90de0cde49.woff
nexttrack.olympic.org/assets/ioc/font/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/assets/ioc/font/c2f2df98-3119-4cb3-a081-ed90de0cde49.woff
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb23e2ad55d186ec7d406a55a0f4a47d624f804d0dd94c3dff47aac2f7752fd5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Referer
https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Origin
https://nexttrack.olympic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:41 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"3317846b542d81:0"
last-modified
Wed, 05 Jan 2022 16:51:01 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
font/x-woff
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
17530
x-amz-cf-id
naw0bP2-Gf2cZeVH2olMqxzCeG91HvpRelzVxCRm3ObqGSRA5l-0QQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4edcbc8211be2a3f24403e51125b978f11c0abeca800a3e12d8624fe5ac6c2c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a219bf0be58f5d127599481285f78d359977227ffbf05ac33dd187edc6837d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ 		356 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexttrack.olympic.org/
Origin
https://nexttrack.olympic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 08:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 08:45:09 GMT
9d2b200d-dbcb-4b29-9bb7-0da4818a5a05.woff
nexttrack.olympic.org/assets/ioc/font/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nexttrack.olympic.org/assets/ioc/font/9d2b200d-dbcb-4b29-9bb7-0da4818a5a05.woff
Requested by
Host: nexttrack.olympic.org
URL: https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e400:1d:27d5:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b3d4a4fae867c47858fc1e60227bc58755c6999f0a48ecb73000c1d1685cd0f1
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Request headers

Referer
https://nexttrack.olympic.org/assets/ioc/css/skin.css?v=1902152377
Origin
https://nexttrack.olympic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
private, max-age=31536000
date
Wed, 09 Feb 2022 09:19:41 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
etag
"15b5816b542d81:0"
last-modified
Wed, 05 Jan 2022 16:51:01 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA6-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
font/x-woff
cache-control
private, max-age=31536000
content-security-policy
default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:
accept-ranges
bytes
content-length
18352
x-amz-cf-id
D3f_0D9kuSooy2qGv9YpexQNyrEpc4v9MyvjiNUxt_ZiHTzaFJQ6_w==
anchor
www.google.com/recaptcha/api2/ Frame 60E2 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem&co=aHR0cHM6Ly9uZXh0dHJhY2sub2x5bXBpYy5vcmc6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=normal&cb=eg1q359ul7qz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f81176bc6f78b6576439b24663a580aec1de6e907ceae78d3370b3d0aab07d83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zB2gC97q4jmCoQQ3eoweIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 09 Feb 2022 09:19:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-zB2gC97q4jmCoQQ3eoweIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22875
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 60E2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem&co=aHR0cHM6Ly9uZXh0dHJhY2sub2x5bXBpYy5vcmc6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=normal&cb=eg1q359ul7qz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 07:53:30 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 60E2 		356 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem&co=aHR0cHM6Ly9uZXh0dHJhY2sub2x5bXBpYy5vcmc6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=normal&cb=eg1q359ul7qz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 08:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 08:45:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 60E2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem&co=aHR0cHM6Ly9uZXh0dHJhY2sub2x5bXBpYy5vcmc6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=normal&cb=eg1q359ul7qz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 09:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 09 Feb 2022 09:19:42 GMT
bframe
www.google.com/recaptcha/api2/ Frame 056C 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d1f95512f7921b643fde2364a39f12eb67a4cba0fe016e45aa833837466d9e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w3xZKPPcs78nLNvaHcS9OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nexttrack.olympic.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 09 Feb 2022 09:19:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-w3xZKPPcs78nLNvaHcS9OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 056C 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 07:53:30 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 056C 		356 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LdexCITAAAAANAcsphDZ2PhQUjhS_ddT97XBkem
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 08:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 08:45:09 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery object| sd object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer number| captchaContainer function| onloadCallback function| verifyCallback function| ssoRedirect function| showAuthSwitchDialog function| selectAuthBack function| getURLParameter object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_107322

2 Cookies

Domain/Path Name / Value
nexttrack.olympic.org/ Name: ASP.NET_SessionId
Value: 5ci4d5eistu3k5yvpolihq04
.fonts.net/ Name: __cf_bm
Value: 4LhbHdRy.KQbZCqIUWs.psjA5TCOyZLftVLzQQ4lxX4-1644398381-0-Ad6pbwgx8tC6Moaf2m7mDVbYNEa01aDEFGfOuL4LDKgqJqZf0NUHdv16gxtd9grdd2/mhMdEMS4yJi25Q+Xg/vU=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack www.googleapis.com; script-src 'self' www.google.com www.gstatic.com content.googleapis.com/ *.screendragon.com *.amazonaws.com https: 'unsafe-eval' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; media-src 'self' data: *.screendragon.com *.screendragondev.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; img-src 'self' data: *.screendragon.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com/nexttrack *.amazonaws.com content.googleapis.com jwpltx.com http://chart.googleapis.com www.googleapis.com ajax.googleapis.com; connect-src 'self' *.screendragon.com *.amazonaws.com content.googleapis.com nexttrack-stage-sdvault.s3.eu-west-1.amazonaws.com www.googleapis.com svc.webspellchecker.net api.embed.ly accounts.google.com wss://mqtt.screendragon.com/mqtt; frame-src 'self' www.google.com content.googleapis.com eu-west-1.quicksight.aws.amazon.com www.youtube.com *.google.com; font-src 'self' *.screendragon.com *.amazonaws.com svc.webspellchecker.net data:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.fonts.net
nexttrack.olympic.org
tools.screendragon.com
www.google.com
www.gstatic.com
2600:9000:2057:e400:1d:27d5:cbc0:93a1
2606:4700::6811:e14e
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
54.152.40.187
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
2c41dfda9d9231094246fe5f2f51e4c9f517d7e333020948adca7cd1c7d9bd5d
329f8443fd44d619a730954699b89612a250f1be701dd0ac299d88f2b4783221
3a219bf0be58f5d127599481285f78d359977227ffbf05ac33dd187edc6837d9
400d85db28474851d3d87bedbd36b262c900db7f0e64950c10b51c96d14da55e
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
408d788a9b2b81d955e6b01f3428436755507a25364c7e113214ddc7f7240677
4edcbc8211be2a3f24403e51125b978f11c0abeca800a3e12d8624fe5ac6c2c7
6d1f95512f7921b643fde2364a39f12eb67a4cba0fe016e45aa833837466d9e5
9aa00247a69e0a1ebfb561f65f87ac28c8843f4d17756a75d17d5ea90e4351a7
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
b0848d9b7b659216b8ad59bc7e98837b3b5bf489db8c6ab07fa75b8496465348
b129bd766ffdec7e97f53e4e4892b514e75ffa5a85b7c0e348da052b64464218
b3d4a4fae867c47858fc1e60227bc58755c6999f0a48ecb73000c1d1685cd0f1
c8ae4292c753d39a8e6fe17e59700ddbf009e0c9a4283e939c718f602eb958bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb23e2ad55d186ec7d406a55a0f4a47d624f804d0dd94c3dff47aac2f7752fd5
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f81176bc6f78b6576439b24663a580aec1de6e907ceae78d3370b3d0aab07d83