Submitted URL: http://otpbank.az/
Effective URL: https://www.otpgroup.info/home
Submission: On March 23 via manual from HU — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 195.228.112.104, located in Gyorujbarat, Hungary and belongs to OTPHU-AS, HU. The main domain is www.otpgroup.info.
TLS certificate: Issued by NetLock Üzleti (Class B) Tanúsítványk... on August 17th 2022. Valid for: a year.
This is the only time www.otpgroup.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
24 otpgroup.info
www.otpgroup.info
4 MB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
911 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 216
31 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
static.doubleclick.net — Cisco Umbrella Rank: 255
1 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
24 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 otpbank.az
otpbank.az
196 B
47 9
Domain Requested by
24 www.otpgroup.info 1 redirects www.otpgroup.info
11 www.youtube.com www.otpgroup.info
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 otpbank.az 1 redirects
47 11

This site contains links to these domains. Also see Links.

Domain
www.otpbank.hu
Subject Issuer Validity Valid
otpgroup.info
NetLock Üzleti (Class B) Tanúsítványkiadó
2022-08-17 -
2023-08-17
a year crt.sh
*.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.otpgroup.info/home
Frame ID: B5DC3A49BC98CD11A4F9CF2710474D35
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Frame ID: E7E3212CD08C68D04985A5727C5BE199
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

OTP Group - Home

Page URL History Show full URLs

  1. http://otpbank.az/ HTTP 301
    https://www.otpgroup.info/ HTTP 307
    https://www.otpgroup.info/home Page URL

Page Statistics

47
Requests

98 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

5276 kB
Transfer

7781 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://otpbank.az/ HTTP 301
    https://www.otpgroup.info/ HTTP 307
    https://www.otpgroup.info/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request home
www.otpgroup.info/
Redirect Chain
  • http://otpbank.az/
  • https://www.otpgroup.info/
  • https://www.otpgroup.info/home
39 KB
41 KB
Document
General
Full URL
https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
/
Resource Hash
3949d5ca13b06963bd88ebd0fccc5ba47e425919aef00d39c0a931516b17cb3c
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
40119
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Mar 2023 20:56:19 GMT
Strict-Transport-Security
max-age=31536001; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Date
Thu, 23 Mar 2023 20:56:19 GMT
Location
/home
Strict-Transport-Security
max-age=31536001; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
sourcesanspro-it.woff
www.otpgroup.info/static/otpgroup/fonts/
51 KB
53 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-it.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
1495ffb1e40c9cb599d0c6865c7a51188a950b3a88d2382238700e9b7e50256e
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
52208
X-XSS-Protection
1
sourcesanspro-bold-it.woff
www.otpgroup.info/static/otpgroup/fonts/
51 KB
52 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-bold-it.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
9f0dfa8306a6cd4f127e0bbf37e5f0746a6753639dc8107546ed94b147624b35
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
51980
X-XSS-Protection
1
sourcesanspro-regular.woff
www.otpgroup.info/static/otpgroup/fonts/
22 KB
24 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-regular.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
1d9519b8c8449ab223886af36637bbd3a03c821a5a20280c406176f92b17dd66
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
22716
X-XSS-Protection
1
sourcesanspro-semibold.woff
www.otpgroup.info/static/otpgroup/fonts/
62 KB
64 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-semibold.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
93d3368cb0fb2224a77b7e59b02f592f9c8e73f12905b25e3a9f445f3a4e18fd
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
63936
X-XSS-Protection
1
sourcesanspro-bold.woff
www.otpgroup.info/static/otpgroup/fonts/
22 KB
23 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-bold.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
e96835b0d686880e83a3bc7a708ee86c868e08d7279decc01472d6452ece0440
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
22256
X-XSS-Protection
1
sourcesanspro-black.ttf
www.otpgroup.info/static/otpgroup/fonts/
259 KB
261 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/sourcesanspro-black.ttf
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
a1d314383d0ae899e13deb2878830ddabba1fdebd71d4a903bb9ce9c7f5ba9eb
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/home
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
265612
X-XSS-Protection
1
chunk-common.47a45f77.css
www.otpgroup.info/static/otpgroup/css/common/
106 KB
108 KB
Stylesheet
General
Full URL
https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
a7ae00e269099d4fa8938aab78d2c26b14ec0ee231a321a03249fa3c1c134852
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
108787
X-XSS-Protection
1
layout.dec3221b.css
www.otpgroup.info/static/otpgroup/css/layouts/ANYIT/
65 KB
66 KB
Stylesheet
General
Full URL
https://www.otpgroup.info/static/otpgroup/css/layouts/ANYIT/layout.dec3221b.css
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
6c761583fb9b89ff6e3395e0f36698c914d450fbac66a442e8476631d3fec9a7
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
66377
X-XSS-Protection
1
chunk-common.876abbd6.js
www.otpgroup.info/static/otpgroup/js/common/
1 MB
1 MB
Script
General
Full URL
https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
2619a3f3c1f5341e9984fc955298423f344768dd991b39cada3fea8e90d17fef
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1151047
X-XSS-Protection
1
layout.b60b5546.js
www.otpgroup.info/static/otpgroup/js/layouts/ANYIT/
250 KB
252 KB
Script
General
Full URL
https://www.otpgroup.info/static/otpgroup/js/layouts/ANYIT/layout.b60b5546.js
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
b2732b445be3d1a3b57298f410d2e5cf06e9bb990fc80bba763f14f2029aeee1
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
256261
X-XSS-Protection
1
OTP_Group_Nyito_Eloszto_1920x600_Desktop.jpg
www.otpgroup.info/static/sw/pic/OTPGroup_hero_nyito/
780 KB
782 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/OTPGroup_hero_nyito/OTP_Group_Nyito_Eloszto_1920x600_Desktop.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
0f3f6e57876573bf4bc43c87322610b91ec4a608b7da36d9a1c69c6198a3c0e9
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:19 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Tue, 24 May 2022 07:55:08 GMT
Server
OTP Bank plc
ETag
"462c7e96436fd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
798800
X-XSS-Protection
1
cookie-bar.bundle.js
www.otpgroup.info/static/commons/cookie-bar/
185 KB
186 KB
Script
General
Full URL
https://www.otpgroup.info/static/commons/cookie-bar/cookie-bar.bundle.js?t=1679561981420
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
980d3c62dbfbf64c1d0d2635ba3fb339f2dd5a5cccda23cf25b83526e17fa438
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Wed, 18 Jan 2023 08:50:28 GMT
Server
OTP Bank plc
ETag
"022c0e9192bd91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
188968
X-XSS-Protection
1
player_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2642b4e72c5bb5450215de722fa6c8490fac7a643b85ce5f739d6abead2eca8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:56:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 23 Mar 2023 20:56:23 GMT
countries.json
www.otpgroup.info/static/sw/json/
1 KB
3 KB
XHR
General
Full URL
https://www.otpgroup.info/static/sw/json/countries.json
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/js/common/chunk-common.876abbd6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
a644cad725a92289a6f3f228092e9305f6644da83bc0bf22fdba2df9c0f23fe8
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.otpgroup.info/home
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Thu, 24 Nov 2022 15:37:16 GMT
Server
OTP Bank plc
ETag
"6e7fcba11a0d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
1177
X-XSS-Protection
1
Squad-Heavy.woff
www.otpgroup.info/static/otpgroup/fonts/
66 KB
68 KB
Font
General
Full URL
https://www.otpgroup.info/static/otpgroup/fonts/Squad-Heavy.woff
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
ea0fc782c3ceaa5b201135247dd0e2a3d9156d51b568557693f8f3bb7c71a33c
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.otpgroup.info/static/otpgroup/css/common/chunk-common.47a45f77.css
Origin
https://www.otpgroup.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Fri, 17 Feb 2023 09:22:33 GMT
Server
OTP Bank plc
ETag
"8052885db142d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
67884
X-XSS-Protection
1
Nador_nyito_v4_574x322.jpg
www.otpgroup.info/static/sw/pic/
242 KB
244 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/Nador_nyito_v4_574x322.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
5d6a0c900a66150ceb222b9266ae88a2907ef09b60a4ea478f94ef0c5cfb54d7
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Tue, 24 May 2022 07:55:08 GMT
Server
OTP Bank plc
ETag
"b17e7c96436fd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
247887
X-XSS-Protection
1
MHAP_annual_reports.jpg
www.otpgroup.info/static/sw/pic/
174 KB
176 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/MHAP_annual_reports.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
a3f9cded67120c49085afd76bdab003e18a6ca7d80afa105539d0b8a170b1478
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Thu, 30 Jun 2022 14:55:51 GMT
Server
OTP Bank plc
ETag
"49d2ea7d918cd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
178577
X-XSS-Protection
1
MHAP_IFRS.jpg
www.otpgroup.info/static/sw/pic/
234 KB
236 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/MHAP_IFRS.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
2ab0b04212833fea4197f4529d759ceb530954d4948aa0640dc72563d318b1fc
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Thu, 30 Jun 2022 14:55:50 GMT
Server
OTP Bank plc
ETag
"52c5fc7c918cd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
239936
X-XSS-Protection
1
MHAP_morning_briefs.jpg
www.otpgroup.info/static/sw/pic/
179 KB
180 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/MHAP_morning_briefs.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
0b5cda9fed8869cff36f06037c9ae6d885cb3e2e827c926c3f6899df227f1a70
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Thu, 30 Jun 2022 14:55:51 GMT
Server
OTP Bank plc
ETag
"725ce7d918cd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
183066
X-XSS-Protection
1
OTP-icon-72x72-analytics.svg
www.otpgroup.info/static/sw/pic/
3 KB
5 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-analytics.svg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
f78d4d950f92398b135f3de4beeaf80b740d700bdffa55e8100e9ab985b67c64
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Tue, 12 Jul 2022 20:00:37 GMT
Server
OTP Bank plc
ETag
"503b1fe2a96d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
3440
X-XSS-Protection
1
OTP-icon-72x72-travel-bag.svg
www.otpgroup.info/static/sw/pic/
1 KB
3 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-travel-bag.svg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
f789e3e41730f69b8b2127120ee7577c3ae7a04ead8a46f59f6e4e7ce24ef08e
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Tue, 12 Jul 2022 20:00:37 GMT
Server
OTP Bank plc
ETag
"503b1fe2a96d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1341
X-XSS-Protection
1
sustainability_7.jpg
www.otpgroup.info/static/sw/pic/
288 KB
289 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/sustainability_7.jpg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
c3ec315eb69880a2ce9fb1696cba1a83a969db84a6a8d6854547accc7e40b1c8
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:21 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Thu, 11 Aug 2022 08:16:43 GMT
Server
OTP Bank plc
ETag
"efb59b15aadd81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
294484
X-XSS-Protection
1
OTP-icon-72x72-social-and-cultural-awareness.svg
www.otpgroup.info/static/sw/pic/
5 KB
6 KB
Image
General
Full URL
https://www.otpgroup.info/static/sw/pic/OTP-icon-72x72-social-and-cultural-awareness.svg
Requested by
Host: www.otpgroup.info
URL: https://www.otpgroup.info/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.228.112.104 Gyorujbarat, Hungary, ASN211595 (OTPHU-AS, HU),
Reverse DNS
Software
OTP Bank plc /
Resource Hash
0648d3c2b2a853a57571b66c1672132a65afc37d3cf2f8580872b66ea75c1e88
Security Headers
Name Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 23 Mar 2023 20:56:20 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Last-Modified
Tue, 12 Jul 2022 20:00:37 GMT
Server
OTP Bank plc
ETag
"503b1fe2a96d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4857
X-XSS-Protection
1
www-widgetapi.js
www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/
184 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1b5a9f0b1a9cdc28616f06a5191e85734c3afc996b86c9d69b5079c7b92c32c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otpgroup.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:48:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63091
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Mar 2024 20:48:05 GMT
iLhYFO23IF4
www.youtube.com/embed/ Frame E7E3
72 KB
30 KB
Document
General
Full URL
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54d276c2e39f3825edc7ed6f19312c59cd2e30138aacbac25c4921571e35c589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.otpgroup.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 20:56:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/ace4d669/ Frame E7E3
399 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/ace4d669/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 16:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
104165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51763
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 16:00:18 GMT
www-embed-player.js
www.youtube.com/s/player/ace4d669/www-embed-player.vflset/ Frame E7E3
347 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110254
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Mar 2024 20:10:40 GMT
base.js
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3
2 MB
612 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 16:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
104140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
626819
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 16:00:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/ Frame E7E3
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Mar 2024 20:11:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7E3
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
217125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7E3
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
217125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E7E3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
914d4fa5c814ea32bfadb30759c1735711d4d3fb79b357f79e40a33da89eaace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Mar 2023 20:56:23 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E7E3
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:50:11 GMT
x-content-type-options
nosniff
age
372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 21:05:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Mar 2023 20:56:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7E3
66 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95768ec829c0c1fafa7731d8a0d5c1dc353f983f6f0ef18da7fbe316ab7131d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 23 Mar 2023 20:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30900
x-xss-protection
0
remote.js
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3
116 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 16:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
104140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36510
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 16:00:43 GMT
zSRPe1x9Qzj8HrqOv9VzSTVp8VQLU5DvkSPeJaRtFaU.js
www.google.com/js/th/ Frame E7E3
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/zSRPe1x9Qzj8HrqOv9VzSTVp8VQLU5DvkSPeJaRtFaU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd244f7b5c7d4338fc1eba8ebfd573493569f1540b5390ef9123de25a46d15a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
162481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14172
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 23:48:22 GMT
sddefault.jpg
i.ytimg.com/vi/iLhYFO23IF4/ Frame E7E3
23 KB
24 KB
Image
General
Full URL
https://i.ytimg.com/vi/iLhYFO23IF4/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLD6GYDt0wSwGex32VdXaG62td1WEA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58f2de4ebf8ea3f157bc9dfba91648b0c1f2b30d302370960964ff39c2704d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:22:33 GMT
x-content-type-options
nosniff
age
2030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23685
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 Mar 2023 22:22:33 GMT
embed.js
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame E7E3
28 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 16:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
104140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 00:22:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 16:00:43 GMT
truncated
/ Frame E7E3
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJUmdlGMVsgX8Q0DD2pZybwkPcNj5_iwAnV2W3W0JQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E7E3
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AL5GRJUmdlGMVsgX8Q0DD2pZybwkPcNj5_iwAnV2W3W0JQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cabcbe3aca11943f376d60de6c39494016e53bb73283c5d6534dd6630fd2895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:56:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2706
x-xss-protection
0
server
fife
etag
"v14c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Mar 2023 18:06:58 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7E3
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffa8e3886b56cae8cd8a16a677f71be7cbd58b6461ce0bc0445f47c8db35798d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 23 Mar 2023 20:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Mar 2023 20:56:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
generate_204
www.youtube.com/ Frame E7E3
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?OLM3fg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:56:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E7E3
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Mar 2023 20:56:24 GMT
cast_sender.js
www.gstatic.com/eureka/clank/111/ Frame E7E3
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/111/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 16:05:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 24 Mar 2023 10:21:14 GMT
log_event
www.youtube.com/youtubei/v1/ Frame E7E3
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
X-Goog-Request-Time
1679604985691
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/iLhYFO23IF4?autoplay=0&time=0&enablejsapi=1&origin=https%3A%2F%2Fwww.otpgroup.info&widgetid=1
X-YouTube-Client-Version
1.20230321.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgsybjBfTTF2QXJRRSj3-fKgBg%3D%3D
X-YouTube-Ad-Signals
dt=1679604983560&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C512%2C293&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 23 Mar 2023 20:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Thu, 23 Mar 2023 20:56:25 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| context object| webpackJsonp function| applyFocusVisiblePolyfill object| __SVG_SPRITE__ function| Hammer object| regeneratorRuntime function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

4 Cookies

Domain/Path Name / Value
www.otpgroup.info/ Name: BIGipServerportalappwpr_9443
Value: !OC78V+znPdtBjPcAHbk3bnKM1IU6p3Nfjr1vk5KStdNa75jWSrmypH7K3Wo8F00g5JDIqhq+OQrgCTI=
www.otpgroup.info/ Name: BIGipServerportaliiswpr_444
Value: !P0XFwih7gDwiPBgAHbk3bnKM1IU6p3uWYB+oWrRPWsgxW+fIUeeQQPWUUf0179N3B6eqPhHSus63t0Y=
.youtube.com/ Name: YSC
Value: 2MD72zZ0EQg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2n0_M1vArQE

1 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js(Line 1113)
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy font-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu 'unsafe-inline' data:; style-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu blob: data: 'unsafe-inline' *.googleapis.com; connect-src wss://*.otpbank.hu wss://*.hotjar.com wss://*.cloudfunctions.net *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com 'self' 'unsafe-inline'; img-src * *.cloudfunctions.net *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleadservices.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com *.cloudfunctions.net *.googleapis.com *.google.com *.facebook.com *.facebook.net *.doubleclick.net *.youtube.com *.ytimg.com *.hotjar.com *.hotjar.io *.bizographics.com *.otpbank.hu snap.licdn.com
Strict-Transport-Security max-age=31536001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
otpbank.az
static.doubleclick.net
www.google.com
www.gstatic.com
www.otpgroup.info
www.youtube.com
yt3.ggpht.com
195.228.112.104
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2016
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:c760:80:d07:2011:ffff:b921:3410
0648d3c2b2a853a57571b66c1672132a65afc37d3cf2f8580872b66ea75c1e88
0b5cda9fed8869cff36f06037c9ae6d885cb3e2e827c926c3f6899df227f1a70
0f3f6e57876573bf4bc43c87322610b91ec4a608b7da36d9a1c69c6198a3c0e9
1495ffb1e40c9cb599d0c6865c7a51188a950b3a88d2382238700e9b7e50256e
1d9519b8c8449ab223886af36637bbd3a03c821a5a20280c406176f92b17dd66
2619a3f3c1f5341e9984fc955298423f344768dd991b39cada3fea8e90d17fef
2642b4e72c5bb5450215de722fa6c8490fac7a643b85ce5f739d6abead2eca8a
2ab0b04212833fea4197f4529d759ceb530954d4948aa0640dc72563d318b1fc
3949d5ca13b06963bd88ebd0fccc5ba47e425919aef00d39c0a931516b17cb3c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
54d276c2e39f3825edc7ed6f19312c59cd2e30138aacbac25c4921571e35c589
58f2de4ebf8ea3f157bc9dfba91648b0c1f2b30d302370960964ff39c2704d60
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d6a0c900a66150ceb222b9266ae88a2907ef09b60a4ea478f94ef0c5cfb54d7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c761583fb9b89ff6e3395e0f36698c914d450fbac66a442e8476631d3fec9a7
732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174
7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539
914d4fa5c814ea32bfadb30759c1735711d4d3fb79b357f79e40a33da89eaace
93d3368cb0fb2224a77b7e59b02f592f9c8e73f12905b25e3a9f445f3a4e18fd
95768ec829c0c1fafa7731d8a0d5c1dc353f983f6f0ef18da7fbe316ab7131d6
980d3c62dbfbf64c1d0d2635ba3fb339f2dd5a5cccda23cf25b83526e17fa438
9f0dfa8306a6cd4f127e0bbf37e5f0746a6753639dc8107546ed94b147624b35
a1d314383d0ae899e13deb2878830ddabba1fdebd71d4a903bb9ce9c7f5ba9eb
a3f9cded67120c49085afd76bdab003e18a6ca7d80afa105539d0b8a170b1478
a644cad725a92289a6f3f228092e9305f6644da83bc0bf22fdba2df9c0f23fe8
a7ae00e269099d4fa8938aab78d2c26b14ec0ee231a321a03249fa3c1c134852
b2732b445be3d1a3b57298f410d2e5cf06e9bb990fc80bba763f14f2029aeee1
b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9
bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb
c3ec315eb69880a2ce9fb1696cba1a83a969db84a6a8d6854547accc7e40b1c8
cabcbe3aca11943f376d60de6c39494016e53bb73283c5d6534dd6630fd2895c
cd244f7b5c7d4338fc1eba8ebfd573493569f1540b5390ef9123de25a46d15a5
d1b5a9f0b1a9cdc28616f06a5191e85734c3afc996b86c9d69b5079c7b92c32c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96835b0d686880e83a3bc7a708ee86c868e08d7279decc01472d6452ece0440
ea0fc782c3ceaa5b201135247dd0e2a3d9156d51b568557693f8f3bb7c71a33c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f789e3e41730f69b8b2127120ee7577c3ae7a04ead8a46f59f6e4e7ce24ef08e
f78d4d950f92398b135f3de4beeaf80b740d700bdffa55e8100e9ab985b67c64
ffa8e3886b56cae8cd8a16a677f71be7cbd58b6461ce0bc0445f47c8db35798d