www.otpgroup.info Open in urlscan Pro
195.228.112.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://otpbank.az/
Effective URL:
https://www.otpgroup.info/home
Submission: On March 23 via manual (March 23rd 2023, 8:56:29 pm UTC) from HU — Scanned from DE

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 195.228.112.104, located in Gyorujbarat, Hungary and belongs to OTPHU-AS, HU. The main domain is www.otpgroup.info.
TLS certificate: Issued by NetLock Üzleti (Class B) Tanúsítványk... on August 17th 2022. Valid for: a year.

This is the only time www.otpgroup.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:c760:80:... 2a00:c760:80:d07:2011:ffff:b921:3410	47381 (SERVERGAR...) (SERVERGARDEN-AS Servergarden Kft.)
1 24	195.228.112.104 195.228.112.104	211595 (OTPHU-AS) (OTPHU-AS)
11	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
47	11

1 2a00:c760:80:d07:2011:ffff:b921:3410 (Hungary) 1 redirects

ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU)

otpbank.az	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 195.228.112.104 (Gyorujbarat, Hungary) 1 redirects

ASN211595 (OTPHU-AS, HU)

www.otpgroup.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	otpgroup.info 1 redirects www.otpgroup.info	4 MB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	911 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 216	31 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	24 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	otpbank.az 1 redirects otpbank.az	196 B
47	9

	Domain	Requested by
24	www.otpgroup.info	1 redirects www.otpgroup.info
11	www.youtube.com	www.otpgroup.info www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	otpbank.az	1 redirects
47	11

This site contains links to these domains. Also see Links.

Domain
www.otpbank.hu

Subject Issuer	Validity	Valid
otpgroup.info NetLock Üzleti (Class B) Tanúsítványkiadó	`2022-08-17` - `2023-08-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.otpgroup.info/home
Frame ID: B5DC3A49BC98CD11A4F9CF2710474D35
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Frame ID: E7E3212CD08C68D04985A5727C5BE199
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OTP Group - Home

Page URL History Show full URLs

http://otpbank.az/ HTTP 301
https://www.otpgroup.info/ HTTP 307
https://www.otpgroup.info/home Page URL

Page Statistics

47
Requests

98 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

5276 kB
Transfer

7781 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.otpbank.hu/portal/en/Home
Title: Visit the website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://otpbank.az/ HTTP 301
https://www.otpgroup.info/ HTTP 307
https://www.otpgroup.info/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request home Show response
www.otpgroup.info/
Redirect Chain

http://otpbank.az/
https://www.otpgroup.info/
https://www.otpgroup.info/home

39 KB
41 KB

25ms
25ms

Document
text/html

195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

Resource Hash

3949d5ca13b06963bd88ebd0fccc5ba47e425919aef00d39c0a931516b17cb3c

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 40119
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Content-Type: text/html;charset=UTF-8
Date: Thu, 23 Mar 2023 20:56:19 GMT
Strict-Transport-Security: max-age=31536001; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Date: Thu, 23 Mar 2023 20:56:19 GMT
Location: /home
Strict-Transport-Security: max-age=31536001; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sourcesanspro-it.woff
www.otpgroup.info/static/otpgroup/fonts/ 51 KB
53 KB 125ms
75ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-it.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

1495ffb1e40c9cb599d0c6865c7a51188a950b3a88d2382238700e9b7e50256e

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 52208
X-XSS-Protection: 1

GET
H/1.1 200
OK sourcesanspro-bold-it.woff
www.otpgroup.info/static/otpgroup/fonts/ 51 KB
52 KB 123ms
73ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-bold-it.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

9f0dfa8306a6cd4f127e0bbf37e5f0746a6753639dc8107546ed94b147624b35

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 51980
X-XSS-Protection: 1

GET
H/1.1 200
OK sourcesanspro-regular.woff
www.otpgroup.info/static/otpgroup/fonts/ 22 KB
24 KB 125ms
75ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-regular.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

1d9519b8c8449ab223886af36637bbd3a03c821a5a20280c406176f92b17dd66

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 22716
X-XSS-Protection: 1

GET
H/1.1 200
OK sourcesanspro-semibold.woff
www.otpgroup.info/static/otpgroup/fonts/ 62 KB
64 KB 123ms
73ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-semibold.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

93d3368cb0fb2224a77b7e59b02f592f9c8e73f12905b25e3a9f445f3a4e18fd

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 63936
X-XSS-Protection: 1

GET
H/1.1 200
OK sourcesanspro-bold.woff
www.otpgroup.info/static/otpgroup/fonts/ 22 KB
23 KB 136ms
24ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-bold.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

e96835b0d686880e83a3bc7a708ee86c868e08d7279decc01472d6452ece0440

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 22256
X-XSS-Protection: 1

GET
H/1.1 200
OK sourcesanspro-black.ttf
www.otpgroup.info/static/otpgroup/fonts/ 259 KB
261 KB 162ms
25ms Font
application/octet-stream 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-black.ttf

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

a1d314383d0ae899e13deb2878830ddabba1fdebd71d4a903bb9ce9c7f5ba9eb

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/home
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 265612
X-XSS-Protection: 1

GET
H/1.1 200
OK chunk-common.47a45f77.css
www.otpgroup.info/static/otpgroup/css/common/ 106 KB
108 KB 64ms
26ms Stylesheet
text/css 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

a7ae00e269099d4fa8938aab78d2c26b14ec0ee231a321a03249fa3c1c134852

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 108787
X-XSS-Protection: 1

GET
H/1.1 200
OK layout.dec3221b.css
www.otpgroup.info/static/otpgroup/css/layouts/ANYIT/ 65 KB
66 KB 119ms
73ms Stylesheet
text/css 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/css/layouts/ANYIT/layout.dec3221b.css

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

6c761583fb9b89ff6e3395e0f36698c914d450fbac66a442e8476631d3fec9a7

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 66377
X-XSS-Protection: 1

GET
H/1.1 200
OK chunk-common.876abbd6.js Show response
www.otpgroup.info/static/otpgroup/js/common/ 1 MB
1 MB 28ms
27ms Script
application/javascript 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

2619a3f3c1f5341e9984fc955298423f344768dd991b39cada3fea8e90d17fef

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1151047
X-XSS-Protection: 1

GET
H/1.1 200
OK layout.b60b5546.js Show response
www.otpgroup.info/static/otpgroup/js/layouts/ANYIT/ 250 KB
252 KB 27ms
26ms Script
application/javascript 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/js/layouts/ANYIT/layout.b60b5546.js

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

b2732b445be3d1a3b57298f410d2e5cf06e9bb990fc80bba763f14f2029aeee1

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 256261
X-XSS-Protection: 1

GET
H/1.1 200
OK OTP_Group_Nyito_Eloszto_1920x600_Desktop.jpg
www.otpgroup.info/static/sw/pic/OTPGroup_hero_nyito/ 780 KB
782 KB 27ms
26ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/OTPGroup_hero_nyito/OTP_Group_Nyito_Eloszto_1920x600_Desktop.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

0f3f6e57876573bf4bc43c87322610b91ec4a608b7da36d9a1c69c6198a3c0e9

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Tue, 24 May 2022 07:55:08 GMT
Server: OTP Bank plc
ETag: "462c7e96436fd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 798800
X-XSS-Protection: 1

GET
H/1.1 200
OK cookie-bar.bundle.js Show response
www.otpgroup.info/static/commons/cookie-bar/ 185 KB
186 KB 26ms
25ms Script
application/javascript 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/commons/cookie-bar/cookie-bar.bundle.js?t=1679561981420

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

980d3c62dbfbf64c1d0d2635ba3fb339f2dd5a5cccda23cf25b83526e17fa438

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Wed, 18 Jan 2023 08:50:28 GMT
Server: OTP Bank plc
ETag: "022c0e9192bd91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 188968
X-XSS-Protection: 1

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2642b4e72c5bb5450215de722fa6c8490fac7a643b85ce5f739d6abead2eca8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 23 Mar 2023 20:56:23 GMT

GET
H/1.1 200
OK countries.json Show response
www.otpgroup.info/static/sw/json/ 1 KB
3 KB 25ms
25ms XHR
application/json 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/sw/json/countries.json

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

a644cad725a92289a6f3f228092e9305f6644da83bc0bf22fdba2df9c0f23fe8

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.otpgroup.info/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Thu, 24 Nov 2022 15:37:16 GMT
Server: OTP Bank plc
ETag: "6e7fcba11a0d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 1177
X-XSS-Protection: 1

GET
H/1.1 200
OK Squad-Heavy.woff
www.otpgroup.info/static/otpgroup/fonts/ 66 KB
68 KB 27ms
26ms Font
font/x-woff 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otpgroup.info/static/otpgroup/fonts/Squad-Heavy.woff

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

ea0fc782c3ceaa5b201135247dd0e2a3d9156d51b568557693f8f3bb7c71a33c

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css
Origin: https://www.otpgroup.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Fri, 17 Feb 2023 09:22:33 GMT
Server: OTP Bank plc
ETag: "8052885db142d91:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 67884
X-XSS-Protection: 1

GET
H/1.1 200
OK Nador_nyito_v4_574x322.jpg
www.otpgroup.info/static/sw/pic/ 242 KB
244 KB 32ms
31ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/Nador_nyito_v4_574x322.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

5d6a0c900a66150ceb222b9266ae88a2907ef09b60a4ea478f94ef0c5cfb54d7

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Tue, 24 May 2022 07:55:08 GMT
Server: OTP Bank plc
ETag: "b17e7c96436fd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 247887
X-XSS-Protection: 1

GET
H/1.1 200
OK MHAP_annual_reports.jpg
www.otpgroup.info/static/sw/pic/ 174 KB
176 KB 28ms
26ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/MHAP_annual_reports.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

a3f9cded67120c49085afd76bdab003e18a6ca7d80afa105539d0b8a170b1478

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Thu, 30 Jun 2022 14:55:51 GMT
Server: OTP Bank plc
ETag: "49d2ea7d918cd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 178577
X-XSS-Protection: 1

GET
H/1.1 200
OK MHAP_IFRS.jpg
www.otpgroup.info/static/sw/pic/ 234 KB
236 KB 30ms
29ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/MHAP_IFRS.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

2ab0b04212833fea4197f4529d759ceb530954d4948aa0640dc72563d318b1fc

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Thu, 30 Jun 2022 14:55:50 GMT
Server: OTP Bank plc
ETag: "52c5fc7c918cd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 239936
X-XSS-Protection: 1

GET
H/1.1 200
OK MHAP_morning_briefs.jpg
www.otpgroup.info/static/sw/pic/ 179 KB
180 KB 29ms
27ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/MHAP_morning_briefs.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

0b5cda9fed8869cff36f06037c9ae6d885cb3e2e827c926c3f6899df227f1a70

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Thu, 30 Jun 2022 14:55:51 GMT
Server: OTP Bank plc
ETag: "725ce7d918cd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 183066
X-XSS-Protection: 1

GET
H/1.1 200
OK OTP-icon-72x72-analytics.svg
www.otpgroup.info/static/sw/pic/ 3 KB
5 KB 26ms
25ms Image
image/svg+xml 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-analytics.svg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

f78d4d950f92398b135f3de4beeaf80b740d700bdffa55e8100e9ab985b67c64

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Tue, 12 Jul 2022 20:00:37 GMT
Server: OTP Bank plc
ETag: "503b1fe2a96d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 3440
X-XSS-Protection: 1

GET
H/1.1 200
OK OTP-icon-72x72-travel-bag.svg
www.otpgroup.info/static/sw/pic/ 1 KB
3 KB 37ms
32ms Image
image/svg+xml 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-travel-bag.svg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

f789e3e41730f69b8b2127120ee7577c3ae7a04ead8a46f59f6e4e7ce24ef08e

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Tue, 12 Jul 2022 20:00:37 GMT
Server: OTP Bank plc
ETag: "503b1fe2a96d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1341
X-XSS-Protection: 1

GET
H/1.1 200
OK sustainability_7.jpg
www.otpgroup.info/static/sw/pic/ 288 KB
289 KB 32ms
32ms Image
image/jpeg 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/sustainability_7.jpg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

c3ec315eb69880a2ce9fb1696cba1a83a969db84a6a8d6854547accc7e40b1c8

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Thu, 11 Aug 2022 08:16:43 GMT
Server: OTP Bank plc
ETag: "efb59b15aadd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 294484
X-XSS-Protection: 1

GET
H/1.1 200
OK OTP-icon-72x72-social-and-cultural-awareness.svg
www.otpgroup.info/static/sw/pic/ 5 KB
6 KB 25ms
24ms Image
image/svg+xml 195.228.112.104
OTPHU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-social-and-cultural-awareness.svg

Requested by

Host: www.otpgroup.info
URL: https://www.otpgroup.info/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),

Reverse DNS

Software

OTP Bank plc /

Resource Hash

0648d3c2b2a853a57571b66c1672132a65afc37d3cf2f8580872b66ea75c1e88

Security Headers

Name	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified: Tue, 12 Jul 2022 20:00:37 GMT
Server: OTP Bank plc
ETag: "503b1fe2a96d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4857
X-XSS-Protection: 1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/ 184 KB
62 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b5a9f0b1a9cdc28616f06a5191e85734c3afc996b86c9d69b5079c7b92c32c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otpgroup.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63091
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 20:48:05 GMT

GET
H3 200 iLhYFO23IF4 Show response
www.youtube.com/embed/ Frame E7E3 72 KB
30 KB 52ms
51ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54d276c2e39f3825edc7ed6f19312c59cd2e30138aacbac25c4921571e35c589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otpgroup.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:56:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/ace4d669/ Frame E7E3 399 KB
51 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51763
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:00:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ace4d669/www-embed-player.vflset/ Frame E7E3 347 KB
108 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110254
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 20:10:40 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3 2 MB
612 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 626819
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:00:43 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/ Frame E7E3 9 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 20:11:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7E3 15 KB
16 KB 63ms
5ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 217125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7E3 15 KB
15 KB 63ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 217125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E7E3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
15ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

914d4fa5c814ea32bfadb30759c1735711d4d3fb79b357f79e40a33da89eaace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 20:56:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E7E3 29 B
495 B 49ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:50:11 GMT
x-content-type-options: nosniff
age: 372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 21:05:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 42ms
19ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Mar 2023 20:56:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7E3 66 KB
30 KB 33ms
32ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95768ec829c0c1fafa7731d8a0d5c1dc353f983f6f0ef18da7fbe316ab7131d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Mar 2023 20:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30900
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3 116 KB
36 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36510
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:00:43 GMT

GET
H2 200 zSRPe1x9Qzj8HrqOv9VzSTVp8VQLU5DvkSPeJaRtFaU.js Show response
www.google.com/js/th/ Frame E7E3 36 KB
14 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zSRPe1x9Qzj8HrqOv9VzSTVp8VQLU5DvkSPeJaRtFaU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd244f7b5c7d4338fc1eba8ebfd573493569f1540b5390ef9123de25a46d15a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 23:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14172
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 23:48:22 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/iLhYFO23IF4/ Frame E7E3 23 KB
24 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iLhYFO23IF4/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLD6GYDt0wSwGex32VdXaG62td1WEA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f2de4ebf8ea3f157bc9dfba91648b0c1f2b30d302370960964ff39c2704d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:22:33 GMT
x-content-type-options: nosniff
age: 2030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23685
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 22:22:33 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3 28 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:00:43 GMT

GET
DATA 200
OK truncated
/ Frame E7E3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJUmdlGMVsgX8Q0DD2pZybwkPcNj5_iwAnV2W3W0JQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E7E3 3 KB
3 KB 46ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJUmdlGMVsgX8Q0DD2pZybwkPcNj5_iwAnV2W3W0JQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cabcbe3aca11943f376d60de6c39494016e53bb73283c5d6534dd6630fd2895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2706
x-xss-protection: 0
server: fife
etag: "v14c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:06:58 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7E3 90 B
134 B 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffa8e3886b56cae8cd8a16a677f71be7cbd58b6461ce0bc0445f47c8db35798d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Mar 2023 20:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 18ms
18ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Mar 2023 20:56:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame E7E3 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OLM3fg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E7E3 4 KB
2 KB 72ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 20:56:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame E7E3 50 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 24 Mar 2023 10:21:14 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E7E3 28 B
54 B 28ms
27ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
X-Goog-Request-Time: 1679604985691
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
X-YouTube-Client-Version: 1.20230321.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsybjBfTTF2QXJRRSj3-fKgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679604983560&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C512%2C293&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 23 Mar 2023 20:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 23 Mar 2023 20:56:25 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.otpgroup.info/	1969-12-31 23:59:59	Name: BIGipServerportalappwpr_9443 Value: !OC78V+znPdtBjPcAHbk3bnKM1IU6p3Nfjr1vk5KStdNa75jWSrmypH7K3Wo8F00g5JDIqhq+OQrgCTI=
www.otpgroup.info/	1969-12-31 23:59:59	Name: BIGipServerportaliiswpr_444 Value: !P0XFwih7gDwiPBgAHbk3bnKM1IU6p3uWYB+oWrRPWsgxW+fIUeeQQPWUUf0179N3B6eqPhHSus63t0Y=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2MD72zZ0EQg
.youtube.com/	1970-01-20 14:52:36	Name: VISITOR_INFO1_LIVE Value: 2n0_M1vArQE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js(Line 1113) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src * .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu 'unsafe-inline' data:; style-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu blob: data: 'unsafe-inline' .googleapis.com; connect-src wss://.otpbank.hu wss://.hotjar.com wss://.cloudfunctions.net .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com 'self' 'unsafe-inline'; img-src .cloudfunctions.net .hotjar.com .hotjar.io .bizographics.com .otpbank.hu .google-analytics.com .analytics.google.com .googletagmanager.com .g.doubleclick.net .google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com .googletagmanager.com .google-analytics.com cdnjs.cloudflare.com .cloudfunctions.net .googleapis.com .google.com .facebook.com .facebook.net .doubleclick.net .youtube.com .ytimg.com .hotjar.com .hotjar.io .bizographics.com .otpbank.hu snap.licdn.com
Strict-Transport-Security	max-age=31536001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
otpbank.az
static.doubleclick.net
www.google.com
www.gstatic.com
www.otpgroup.info
www.youtube.com
yt3.ggpht.com
195.228.112.104
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2016
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:c760:80:d07:2011:ffff:b921:3410
0648d3c2b2a853a57571b66c1672132a65afc37d3cf2f8580872b66ea75c1e88
0b5cda9fed8869cff36f06037c9ae6d885cb3e2e827c926c3f6899df227f1a70
0f3f6e57876573bf4bc43c87322610b91ec4a608b7da36d9a1c69c6198a3c0e9
1495ffb1e40c9cb599d0c6865c7a51188a950b3a88d2382238700e9b7e50256e
1d9519b8c8449ab223886af36637bbd3a03c821a5a20280c406176f92b17dd66
2619a3f3c1f5341e9984fc955298423f344768dd991b39cada3fea8e90d17fef
2642b4e72c5bb5450215de722fa6c8490fac7a643b85ce5f739d6abead2eca8a
2ab0b04212833fea4197f4529d759ceb530954d4948aa0640dc72563d318b1fc
3949d5ca13b06963bd88ebd0fccc5ba47e425919aef00d39c0a931516b17cb3c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
54d276c2e39f3825edc7ed6f19312c59cd2e30138aacbac25c4921571e35c589
58f2de4ebf8ea3f157bc9dfba91648b0c1f2b30d302370960964ff39c2704d60
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d6a0c900a66150ceb222b9266ae88a2907ef09b60a4ea478f94ef0c5cfb54d7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c761583fb9b89ff6e3395e0f36698c914d450fbac66a442e8476631d3fec9a7
732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174
7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539
914d4fa5c814ea32bfadb30759c1735711d4d3fb79b357f79e40a33da89eaace
93d3368cb0fb2224a77b7e59b02f592f9c8e73f12905b25e3a9f445f3a4e18fd
95768ec829c0c1fafa7731d8a0d5c1dc353f983f6f0ef18da7fbe316ab7131d6
980d3c62dbfbf64c1d0d2635ba3fb339f2dd5a5cccda23cf25b83526e17fa438
9f0dfa8306a6cd4f127e0bbf37e5f0746a6753639dc8107546ed94b147624b35
a1d314383d0ae899e13deb2878830ddabba1fdebd71d4a903bb9ce9c7f5ba9eb
a3f9cded67120c49085afd76bdab003e18a6ca7d80afa105539d0b8a170b1478
a644cad725a92289a6f3f228092e9305f6644da83bc0bf22fdba2df9c0f23fe8
a7ae00e269099d4fa8938aab78d2c26b14ec0ee231a321a03249fa3c1c134852
b2732b445be3d1a3b57298f410d2e5cf06e9bb990fc80bba763f14f2029aeee1
b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9
bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb
c3ec315eb69880a2ce9fb1696cba1a83a969db84a6a8d6854547accc7e40b1c8
cabcbe3aca11943f376d60de6c39494016e53bb73283c5d6534dd6630fd2895c
cd244f7b5c7d4338fc1eba8ebfd573493569f1540b5390ef9123de25a46d15a5
d1b5a9f0b1a9cdc28616f06a5191e85734c3afc996b86c9d69b5079c7b92c32c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96835b0d686880e83a3bc7a708ee86c868e08d7279decc01472d6452ece0440
ea0fc782c3ceaa5b201135247dd0e2a3d9156d51b568557693f8f3bb7c71a33c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f789e3e41730f69b8b2127120ee7577c3ae7a04ead8a46f59f6e4e7ce24ef08e
f78d4d950f92398b135f3de4beeaf80b740d700bdffa55e8100e9ab985b67c64
ffa8e3886b56cae8cd8a16a677f71be7cbd58b6461ce0bc0445f47c8db35798d

www.otpgroup.info Open in urlscan Pro 195.228.112.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

47 Requests

98 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

5276 kBTransfer

7781 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.otpgroup.info Open in urlscan Pro
195.228.112.104 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

5276 kB
Transfer

7781 kB
Size

4
Cookies

47 HTTP transactions
1 data transactions