urlscan.io logo urlscan.io
SecurityTrails logo

otpbank-staging.myclients.io Open in urlscan Pro
104.18.27.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://otpbank-staging.myclients.io/
Effective URL: https://otpbank-staging.myclients.io/login
Submission Tags: @phish_report
Submission: On May 07 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 46 HTTP transactions. The main IP is 104.18.27.3, located in and belongs to CLOUDFLARENET, US. The main domain is otpbank-staging.myclients.io.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2024. Valid for: 3 months.
This is the only time otpbank-staging.myclients.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 104.18.27.3 13335 (CLOUDFLAR...)
2 142.250.185.202 15169 (GOOGLE)
7 13.33.158.46 16509 (AMAZON-02)
5 142.250.74.196 15169 (GOOGLE)
1 104.110.30.234 16625 (AKAMAI-AS)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 130.211.5.208 396982 (GOOGLE-CL...)
2 34.96.102.137 396982 (GOOGLE-CL...)
2 108.177.15.156 15169 (GOOGLE)
1 4 204.79.197.237 8068 (MICROSOFT...)
5 157.240.251.9 32934 (FACEBOOK)
1 142.250.186.163 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 13.107.213.45 8075 (MICROSOFT...)
2 157.240.251.35 32934 (FACEBOOK)
2 20.122.63.128 8075 (MICROSOFT...)
1 4 18.245.86.116 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
46 19
6    104.18.27.3 (None, )

ASN13335 (CLOUDFLARENET, US)
otpbank-staging.myclients.io
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
7    13.33.158.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-46.fra60.r.cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
5    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
1    104.110.30.234 (Oslo, Norway)

ASN16625 (AKAMAI-AS, US)
PTR: a104-110-30-234.deploy.static.akamaitechnologies.com
c15117557.ssl.cf2.rackcdn.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    130.211.5.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn.mxpnl.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
stats.g.doubleclick.net
4    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
5    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
2    13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
2    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
4    18.245.86.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-116.fra60.r.cloudfront.net
s.adroll.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d2ra6nuwn69ktl.cloudfront.net
627 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
p.clarity.ms — Cisco Umbrella Rank: 6273
c.clarity.ms — Cisco Umbrella Rank: 1385
28 KB
6 myclients.io
otpbank-staging.myclients.io
19 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
165 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
875 B
4 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3361
d.adroll.com Failed
29 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
c.bing.com — Cisco Umbrella Rank: 231
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
301 B
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
236 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
17 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2757
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3738
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 rackcdn.com
c15117557.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 125985
6 KB
46 15
Domain Requested by
7 d2ra6nuwn69ktl.cloudfront.net otpbank-staging.myclients.io
6 otpbank-staging.myclients.io 2 redirects otpbank-staging.myclients.io
static.cloudflareinsights.com
5 connect.facebook.net otpbank-staging.myclients.io
connect.facebook.net
5 www.google.com otpbank-staging.myclients.io
www.gstatic.com
4 s.adroll.com 1 redirects otpbank-staging.myclients.io
s.adroll.com
3 bat.bing.com otpbank-staging.myclients.io
bat.bing.com
2 c.clarity.ms 1 redirects
2 p.clarity.ms www.clarity.ms
2 www.facebook.com otpbank-staging.myclients.io
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 stats.g.doubleclick.net otpbank-staging.myclients.io
stats.g.doubleclick.net
2 dev.visualwebsiteoptimizer.com otpbank-staging.myclients.io
2 fonts.googleapis.com otpbank-staging.myclients.io
1 c.bing.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.mxpnl.com otpbank-staging.myclients.io
1 static.cloudflareinsights.com otpbank-staging.myclients.io
1 c15117557.ssl.cf2.rackcdn.com otpbank-staging.myclients.io
0 d.adroll.com Failed s.adroll.com
46 20

This site contains no links.

Subject Issuer Validity Valid
myclients.io
GTS CA 1P5		 2024-04-24 -
2024-07-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-27		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-14 -
2024-05-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh

This page contains 6 frames:

Primary Page: https://otpbank-staging.myclients.io/login
Frame ID: B1064AE787292E74196653AEBDA13073
Requests: 40 HTTP requests in this frame

Frame: https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Frame ID: BC1F80FADCE8A941F27BF83017C8777F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9vdHBiYW5rLXN0YWdpbmcubXljbGllbnRzLmlvOjQ0Mw..&hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=2zsujmc87cdn
Frame ID: 378A9E4562CE4D22A2D27AB91CF5D3E6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9vdHBiYW5rLXN0YWdpbmcubXljbGllbnRzLmlvOjQ0Mw..&hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iopumslsrgo3
Frame ID: 6FEB1D781718A3CA494844259471B490
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Frame ID: 32957424770C513E16128DA43AD76D76
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Frame ID: DEF499C337B2D4E7FF39F7C9D8DE2CAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

- Client Engagements Service

Page URL History Show full URLs

  1. https://otpbank-staging.myclients.io/ HTTP 302
    https://otpbank-staging.myclients.io/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.mxpnl\.com/libs/mixpanel\-([0-9.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

91 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

19
IPs

5
Countries

1175 kB
Transfer

4013 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://otpbank-staging.myclients.io/ HTTP 302
    https://otpbank-staging.myclients.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Request Chain 36
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&RedC=c.clarity.ms&MXFR=27F4A29FDCD26B1D2D3BB6E7D8D26514 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&MUID=148E2A212DC367833FEF3E592C4C66F3
Request Chain 42
  • https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
otpbank-staging.myclients.io/
Redirect Chain
  • https://otpbank-staging.myclients.io/
  • https://otpbank-staging.myclients.io/login
45 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c6f3aef83a1f28e9334a8b3ea9a5012a3bfbf7ea179cb1def1a7311e0c0e0d
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-expose-headers
X-Platform
cache-control
must-revalidate, no-cache, no-store, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
87febf32395fdf68-HEL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 05:18:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
/after_login
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
cloudflare
status
200 OK
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
030276c8c0b60e6a51057195ef563f32
x-runtime
0.090855
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

access-control-expose-headers
X-Platform
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87febf2f1fa5df68-HEL
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 05:17:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://otpbank-staging.myclients.io/login
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
cloudflare
status
302 Found
x-frame-options
ALLOWALL
x-platform
true
x-rack-cache
miss
x-request-id
80b97e3e669b674cf850f9f302c247d8
x-runtime
0.014051
x-ua-compatible
IE=Edge,chrome=1
css
fonts.googleapis.com/ 		63 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,100,700|Open+Sans:300italic,400italic,600italic,700italic,300,400,700,600|Montserrat:400,500,600,700|Poppins:100,400,500,600
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
c321c83316ada39062c2be154f94e25d0519602f5eeae19ab38932752a6ddd07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 May 2024 05:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 May 2024 05:18:01 GMT
css
fonts.googleapis.com/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=fonts.googleapis.com/css?family=Caudex|Overlock|Patrick+Hand|Jockey+One|Sarina|Niconne|Fredericka+the+Great|Corben|Kelly+Slab|Marck+Script|Mr+De+Haviland|Lobster|Anton|Josefin+Slab|EB+Garamond|Basic|Chelsea+Market|Enriqueta|Forum|Jura|Noticia+Text|Open+Sans|Play|Signika|Spinnaker
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
eebc066b05ec934dc6ec03481d80c628b86500ad03a5c30657560e8a6e5a865e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 May 2024 05:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 May 2024 05:18:01 GMT
application-cd680fd9741ba8778f29f397d5cb8616.css
d2ra6nuwn69ktl.cloudfront.net/assets/ 		486 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/application-cd680fd9741ba8778f29f397d5cb8616.css
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4211b811bb485720668ef0a0a16d04da09f5e0f8210c46bffa74aef5f76c06af

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
spPsKrH2SGhfi9exBTAjPqMTxylqauFi
content-encoding
gzip
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
date
Tue, 07 May 2024 05:18:02 GMT
last-modified
Wed, 01 May 2024 07:17:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
etag
W/"a0f1f6827a32d7faee566341ee60bf09"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
OPTYxpDQYaLwOSQOeJarXU0hqTP67DtE8pE9BXGeubt7UzKBLQRdCQ==
angular-file-upload-shim-611a0a5922961f4e277d87551fb7806a.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-file-upload-shim-611a0a5922961f4e277d87551fb7806a.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11543f781939c559795279cad4e50e5e277c69c190c819cf6a0fdac44e822f16

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
3s1L41izK9o0f3i_9LS3glxhtl4F8ORW
content-encoding
gzip
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
date
Mon, 06 May 2024 07:04:51 GMT
last-modified
Wed, 01 May 2024 07:17:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
79990
x-amz-server-side-encryption
AES256
etag
W/"0fde2b2df197d20feeb50f36baa3a258"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
loaGiiZ1aGhdoePDxjXIJMVfX0N2OxsdfwPiRVhChG8jXZjdoWuwrA==
application-980c77fd04b84a63cf15b688990ebcdb.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		653 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30610497b5a0c47d76d107d1e7930f1ff972e4037b04f780e50389dac8f8ea27

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
mkLBz.245RmjcF_S9I1TujlMjr40KMA3
content-encoding
gzip
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
date
Mon, 06 May 2024 09:09:42 GMT
last-modified
Wed, 01 May 2024 07:17:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
72499
x-amz-server-side-encryption
AES256
etag
W/"0d2745b11ef634e70a84344b93709650"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
AzIveeyQv4TDKpMdp0mWRGIj8zDvb8iaPYXmpziMEQr70UTZmEgr9A==
angular-pack-c6a5d80b2ca5240c0495ab385f2af989.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-pack-c6a5d80b2ca5240c0495ab385f2af989.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91c286bfba831de57aef7ad6997b255354c8cd521c3a590cfa6582de9ff550f6

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
3vQJturt2h06POALuQ9aHyLwrxdJJ4OY
content-encoding
gzip
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
date
Mon, 06 May 2024 07:04:51 GMT
last-modified
Wed, 01 May 2024 07:17:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
79990
x-amz-server-side-encryption
AES256
etag
W/"d3ed7e2edb0c1fe8d6d7ac3224678572"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
8wUrHGxsXcgIgNC20vY4Ekc38kAcSG3KlpLyrya6OaLo_q6ArQccnA==
api.js
www.google.com/recaptcha/ 		850 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
a621659ca5ca274cdf2b66dbeb0b258080532fd561c9ba3c00efb60a095c2c4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 07 May 2024 05:18:03 GMT
angular-pack-2-b9f643539dcf5e9aec8d8c613bbf9e45.js
d2ra6nuwn69ktl.cloudfront.net/assets/ 		1 MB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/angular-pack-2-b9f643539dcf5e9aec8d8c613bbf9e45.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68dcd5ab9ace7cb6f90f96299c2b98c9ec7e75babc3fcf8561989bf565b02534

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
wKzJRQKdfAcsU2F.5tL5DK2CW3m0D9l7
content-encoding
gzip
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
date
Mon, 06 May 2024 07:04:51 GMT
last-modified
Wed, 01 May 2024 07:17:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
79990
x-amz-server-side-encryption
AES256
etag
W/"d4dc53109ab0fb821b098126b8166afa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
wUZmU8sF4b4V_27sb0N8A-foO68leEuO6RuXys8aPvsZxNyTbI1DGg==
signup-672c96d4468011bfefdd6a77d41f88c0.css
d2ra6nuwn69ktl.cloudfront.net/assets/controllers/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/controllers/signup-672c96d4468011bfefdd6a77d41f88c0.css
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6fa6bce9e87f8933ef111766f37dc12fa443651a23427da0ee31588d3d1ed36

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 May 2024 07:18:11 GMT
x-amz-version-id
u3ViG71gApXwQAK8FOmJH2MUzHMWaJuK
content-encoding
gzip
last-modified
Wed, 01 May 2024 07:17:49 GMT
server
AmazonS3
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
etag
W/"7eb388d314c26f185b72c54df155f175"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
79190
x-amz-replication-status
COMPLETED
x-amz-cf-id
sd3dje4t_g2erXwgUbdzDIOVN0D42WzXPP8W6HuEPh73oY5ZeSpTcA==
normal_gk7azy3dimyuu6c55hk87edsjsdfhvpn.png
c15117557.ssl.cf2.rackcdn.com/avatar/image/1040179/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c15117557.ssl.cf2.rackcdn.com/avatar/image/1040179/normal_gk7azy3dimyuu6c55hk87edsjsdfhvpn.png
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.110.30.234 Oslo, Norway, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-110-30-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10753490ce8b02f64bc0d75c64869254efb38496ab2ad54b099227a45910e763

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 07 May 2024 05:18:03 GMT
Last-Modified
Sun, 18 Feb 2024 09:03:29 GMT
ETag
41cb02060cd29056a8e5f03a82312769
Content-Type
image/png
X-Timestamp
1708247008.14931
Cache-Control
public, max-age=259179
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5954
X-Trans-Id
tx1e3ca30bfb214739bd59b-006639b98bord1
Expires
Fri, 10 May 2024 05:17:42 GMT
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

Referer
https://otpbank-staging.myclients.io/
Origin
https://otpbank-staging.myclients.io
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:02 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87febf440dde4e10-HEL
mixpanel-2.2.min.js
cdn.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.5.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:10:27 GMT
content-encoding
gzip
age
455
x-guploader-uploadid
ABPtcPpjo4hi5YYON6GjQV2Sap9SSIeNrPA1bVVHbnxo1x61EP5s6hnOenzhanBKL6yny876nijpvXxecg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18793
last-modified
Fri, 26 Apr 2024 20:55:38 GMT
server
UploadServer
etag
"bd93f85c1fac021d73c431694e26bec9"
vary
Accept-Encoding
x-goog-generation
1714164938291173
x-goog-hash
crc32c=LB18SA==, md5=vZP4XB+sAh1zxDFpTia+yQ==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18793
accept-ranges
bytes
expires
Tue, 07 May 2024 05:20:27 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=536610&u=https%3A%2F%2Fotpbank-staging.myclients.io%2Flogin&f=1&r=0.2366909787041962
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams2 /
Resource Hash
86c2f97acad8034900a5b5e5070050eec6501bbcd35e270104eef919ca19d258

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:02 GMT
content-encoding
gzip
via
1.1 google
server
gams2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 05:08:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
583
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
expires
Tue, 07 May 2024 07:08:20 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 07 May 2024 05:18:02 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1FE05EB078124B778B3902D4514A4BF8 Ref B: STOEDGE1221 Ref C: 2024-05-07T05:18:03Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e176d1cfcfbfe00a8e57f9db303f156006f773c44d6e93f6958b2b2b0530f8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 05:18:02 GMT
content-md5
86nXUFXvGCxqcObEEZcV4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=13, mss=1380, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
sup01P5THYK7gPbqeHTgE/SQZ4LSFGJ7zHmpNwFL2WVg3fEKau6FCEwjhHjnhampA0U5iqjkVfRo83brRsQ/gg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5904c9ada7f4ec281e8cbdd8f939cf10
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9a43bee57ff4a9d381c354007d0304f3"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 07 May 2024 05:22:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 May 2024 05:18:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=141, rtx=1, c=18, mss=1380, tbw=6564, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
G3Eur0l2kck9J7UoY7/2NW8JEZFaJ81QSc7ancjxRThOu6XQr4WDHkY2u/aE9eQToOFfnS4AUcPfhmpUU2jK1g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,100,700|Open+Sans:300italic,400italic,600italic,700italic,300,400,700,600|Montserrat:400,500,600,700|Poppins:100,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://otpbank-staging.myclients.io
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 03 May 2024 23:10:48 GMT
x-content-type-options
nosniff
age
281236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33148
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:39:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 23:10:48 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=536610&d=otpbank-staging.myclients.io&u=D0F3F910F02F7475AB24EB9F23A28CD00&h=5631d0132ba39426da23753bfccc9d54&t=false
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:03 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
sdk.js
connect.facebook.net/en_US/ 		299 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e28c0bd6c32ab8c6d7ace71c904b7e7b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
7c60e008d11d4b8980f4303d5794acf5b981a8aa6f439726873ee63295809e82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://otpbank-staging.myclients.io/
Origin
https://otpbank-staging.myclients.io
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 05:18:04 GMT
content-md5
alI9EORsjRLcFr+uorXqbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87585
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=13, mss=1380, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
8rqSwf1p421Td2aale+1NM9jbm2yRcKSSfRgT995tfV8809n97wRBXHLvu/YkvHFm35uQD5mZOApik6fKVsFZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d2f9604209e5764ecd67c5b176d9f7f7
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9e6d87242a4f7a82dcef273c059703eb"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 07 May 2025 04:16:00 GMT
main.js
otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/ Frame BC1F
Redirect Chain
  • https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d324a825bbb50462c5e638cce14cd2f17cb01d041b9f508771ffe00289d69b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87febf487eb2df68-HEL

Redirect headers

date
Tue, 07 May 2024 05:18:03 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control
max-age=300, public
cf-ray
87febf473e00df68-HEL
content-length
0
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		508 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c2911b638811c0db5e0e18c7da960f84b21453c24910fa5de8dc27f741e5ea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://otpbank-staging.myclients.io/
Origin
https://otpbank-staging.myclients.io
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Apr 2024 07:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207093
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Apr 2025 07:44:53 GMT
5819928.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5819928.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b5eb468156ff7ae8ae8a8f1ff29d4d68c4c45485d6c15426f75c50e2899b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 07 May 2024 05:18:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A1FB1E4A738F434789FF933DF5994748 Ref B: STOEDGE1221 Ref C: 2024-05-07T05:18:03Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5819928&Ver=2&mid=6198092f-5d4e-4a8d-9b35-cf3d22fcb85e&sid=2dd1a1d00c3111efaab21b6425469a4d&vid=2dd1b2d00c3111ef98944b5a1e81a83e&vids=1&msclkid=N&pi=918639831&lg=fi-FI&sw=1600&sh=1200&sc=24&tl=-%20Client%20Engagements%20Service&kw=%20login&p=https%3A%2F%2Fotpbank-staging.myclients.io%2Flogin&r=&lt=4778&evt=pageLoad&sv=1&rn=232740
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 May 2024 05:18:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 50E2AA0F9B5141AB8B807C6F5787D085 Ref B: STOEDGE1221 Ref C: 2024-05-07T05:18:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
stats.g.doubleclick.net/j/ 		1 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=923051580&utmhn=otpbank-staging.myclients.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=fi-fi&utmje=0&utmfl=-&utmdt=-%20Client%20Engagements%20Service&utmhid=344453205&utmr=-&utmp=%2Flogin&utmht=1715059083389&utmac=UA-130670012-4&utmcc=__utma%3D263216594.1756787053.1715059083.1715059083.1715059083.1%3B%2B__utmz%3D263216594.1715059083.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=805352065&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://otpbank-staging.myclients.io/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 May 2024 05:18:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://otpbank-staging.myclients.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5819928
www.clarity.ms/tag/uet/ 		856 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5819928?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5819928.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a463ca19a0f7d34d2e10135f7af801e88b77b0d77590d3a5f52eaf408c188b76

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires
-1
date
Tue, 07 May 2024 05:18:05 GMT
x-azure-ref
20240507T051804Z-1654dd6c8cbx7xdxm1q5y7gqgn00000001tg00000000691w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
856
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
1403135116654645
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1403135116654645?v=2.9.155&r=stable&domain=otpbank-staging.myclients.io&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
4c03263590d312c1613594231a42b3c34814cdaf2a0127b57ae89666a79421ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 May 2024 05:18:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=1, c=54, mss=1380, tbw=65514, tp=-1, tpl=-1, uplat=151, ullat=1
pragma
public
x-fb-debug
O1EiQU1qwaE9NXQhGhmayLTxLwLPzD8ZgUsPpG+xRlhrOjVbct/Zf0dCjqceQlCgK43avhIML1MXFmcqN+y8SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
87febf32395fdf68
otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BC1F 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/h/b/jsd/r/87febf32395fdf68
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Tue, 07 May 2024 05:18:03 GMT
server
cloudflare
cf-ray
87febf4a4fd4df68-HEL
content-length
0
content-type
text/plain; charset=UTF-8
746258388811076
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/746258388811076?v=2.9.155&r=stable&domain=otpbank-staging.myclients.io&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
da6766447afd1655f6a5f301a5801886f8ebb1cb01fedc215729ae0625244b16
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 May 2024 05:18:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=1, c=59, mss=1380, tbw=77832, tp=-1, tpl=-1, uplat=240, ullat=0
pragma
public
x-fb-debug
DgBmBuNM6p6UU/M6Yy1FG+10qZNlGkY3k650RZKtKiBSMIkJ3jpOi1CDH7s3a6w/rzXkNuzzWZWFGuwnGHVGIQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1403135116654645&ev=PageView&dl=https%3A%2F%2Fotpbank-staging.myclients.io%2Flogin&rl=&if=false&ts=1715059084545&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1715059084544.429751204&ler=empty&cdl=API_unavailable&it=1715059083522&coo=false&rqm=GET
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=10, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 May 2024 05:18:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=746258388811076&ev=PageView&dl=https%3A%2F%2Fotpbank-staging.myclients.io%2Flogin&rl=&if=false&ts=1715059084547&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1715059084544.429751204&ler=empty&cdl=API_unavailable&cs_est=true&it=1715059083522&coo=false&rqm=GET
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=10, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 May 2024 05:18:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame 378A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9vdHBiYW5rLXN0YWdpbmcubXljbGllbnRzLmlvOjQ0Mw..&hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=2zsujmc87cdn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-tz7xUWCk-9aXmEF3XVjY6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-tz7xUWCk-9aXmEF3XVjY6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 May 2024 05:18:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 6FEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY&co=aHR0cHM6Ly9vdHBiYW5rLXN0YWdpbmcubXljbGllbnRzLmlvOjQ0Mw..&hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iopumslsrgo3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-ymbt-EDxEPVyO4BkC1-0zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-ymbt-EDxEPVyO4BkC1-0zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 May 2024 05:18:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5819928?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 05:18:05 GMT
content-encoding
br
last-modified
Wed, 01 May 2024 11:24:58 GMT
etag
W/"0x8DC69D155BAD85E"
vary
Accept-Encoding
x-azure-ref
20240507T051805Z-1654dd6c8cbx7xdxm1q5y7gqgn00000001tg00000000692c
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1cdf5bd9-601e-0050-240e-9fec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
p.clarity.ms/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://otpbank-staging.myclients.io/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin
https://otpbank-staging.myclients.io
Date
Tue, 07 May 2024 05:18:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
roundtrip.js
s.adroll.com/j/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: otpbank-staging.myclients.io
URL: https://otpbank-staging.myclients.io/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

X-Amz-Version-Id
o2F5X.7ofwfn5AxK2mOAUr6cpAHiSmpn
Content-Encoding
gzip
Via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Date
Tue, 07 May 2024 05:02:03 GMT
Age
967
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 29 Apr 2024 18:17:04 GMT
Server
AmazonS3
Etag
W/"8527d40fe704871728ead7e7b8f103d2"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
b-Z906jGh2Q1HM7Gh1WE2TJm-nkSf3oNn1IdnJIEZHDjs0ZrAvDnrw==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&RedC=c.clarity.ms&MXFR=27F4A29FDCD26B1D2D3BB6E7D8D26514
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&MUID=148E2A212DC367833FEF3E592C4C66F3
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&MUID=148E2A212DC367833FEF3E592C4C66F3
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 07 May 2024 05:18:08 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 May 2024 05:18:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B9CCC137369E42FB92FF28E291508E63 Ref B: STOEDGE1221 Ref C: 2024-05-07T05:18:08Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=85E97EEF246E4401979E38C7DDD53489&MUID=148E2A212DC367833FEF3E592C4C66F3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
rum
otpbank-staging.myclients.io/cdn-cgi/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://otpbank-staging.myclients.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://otpbank-staging.myclients.io/login
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Tue, 07 May 2024 05:18:08 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://otpbank-staging.myclients.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87febf63dfafdf68-HEL
generic_favicon.ico
d2ra6nuwn69ktl.cloudfront.net/assets/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2ra6nuwn69ktl.cloudfront.net/assets/generic_favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.158.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-158-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c469afb6c590be6e295449931d920fd98b79a72e59bfa601e33efab8b9cd8b1

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
_2ucC6WuDqFEsjmVyxx5udto2Fjsuz_H
date
Tue, 07 May 2024 05:18:09 GMT
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
last-modified
Wed, 01 May 2024 07:17:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
etag
"3212e5f0ef10ada6c24d111da1b3452d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/x-icon
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1150
x-amz-cf-id
AlfhwLzEdXmNpZB5wfLLDX34KcDv2iu5BPvmmDszxDN9ySt9XTcGEw==
bframe
www.google.com/recaptcha/api2/ Frame 3295 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-pSE-JZ5yjg6t7TTRE-HuRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-pSE-JZ5yjg6t7TTRE-HuRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 May 2024 05:18:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame DEF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fi&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LdRoxkUAAAAAB1JyNT1vPNfSwwACxqfYZo2E_SY
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-d7m8kLeNVU-IWydAZmSHTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-d7m8kLeNVU-IWydAZmSHTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 May 2024 05:18:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
p.clarity.ms/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://otpbank-staging.myclients.io/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin
https://otpbank-staging.myclients.io
Date
Tue, 07 May 2024 05:18:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
18.245.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Tue, 07 May 2024 02:30:44 GMT
Via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Age
10047
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
LZDzM5C6DHv3SAJQVsNF15Kfp4LA9t_c7AQtd4o6VB8SRbwHmLgLjw==

Redirect headers

Date
Mon, 06 May 2024 18:34:51 GMT
Via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
Age
38596
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
mrD2wKdHfmCJYghy7f3nJ6Hqhme0D24eOYaHmdY81EUPyjMKNHWnkg==
index.js
s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/WZPRYR3BLNDY3I7JPOWBOY/CUU7LSMOUFDDFJQBPTZRFS/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://otpbank-staging.myclients.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

X-Amz-Version-Id
yTA0WJOykUpRrPtB0S9VUayaUF050ciK
Date
Tue, 07 May 2024 04:34:52 GMT
Via
1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
Age
2598
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Sat, 04 May 2024 11:47:25 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
052Yc3GixEUwN8bO9kDFhLWoQTqD-kPrghdNIt-rQx34_omw5AM6ig==
WZPRYR3BLNDY3I7JPOWBOY
d.adroll.com/consent/check/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.adroll.com
URL
https://d.adroll.com/consent/check/WZPRYR3BLNDY3I7JPOWBOY?pv=19080152882.743828&arrfrr=https%3A%2F%2Fotpbank-staging.myclients.io%2Flogin&_s=b027486a12d1153a693f164869800e90&_b=2

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| reportVCitaHeightChange object| FileAPI function| TimeZone function| date_is_dst function| get_date_offset function| get_timezone_info function| get_january_offset function| get_june_offset function| determine_timezone function| show_timezone_info function| getBrowserTimezone function| timezoneToRailsSafe function| getMyTimezone function| getBrowserTimezoneInternal function| getBrowserTimezoneName function| FastClick function| mixpanel_on function| safeTrack function| safeTrackWithCallback function| safeTrackOnce function| safeTrackLink function| safeTrackForm function| googleConversion function| googleTrackingCode function| businessEventTracking function| add_param function| safeTrackFacebookEvent function| safeTrackFacebookLead function| safeTrackFacebookConverstion function| safeGaqPush function| redirectToJoin function| redirectToSignup function| getURLParameter function| today function| nullToEmpty function| vanilasoftTrackEvent function| dateToTime function| setTime function| markAjaxError function| markAjaxErrorSignup function| mergeOverlappingEvents function| isChrome function| isUserAgentIE function| getFlashMovie function| remove_fields function| add_fields function| countCharsLeft function| parseBoolean function| booleanToString function| linkPopup function| directPopup function| popup function| popupCenter function| auth_callback function| synchronizeSubmit function| releaseSubmitLock function| singlePageSubmit function| reloadCurrentPage function| redirectOnDemand function| disableField function| initAutoLoadUser function| initFeatureTips function| loadQTips function| createUUID function| bindNumericInputKeys function| showVideo function| googleTracking function| closeVideo function| dateWithTime function| getQueryParams function| attachPopupControlJS function| lockPopup function| attachWidgetImplementationPopupJS function| openNewWidgetImplementationPopup string| HEMISPHERE_SOUTH string| HEMISPHERE_NORTH string| HEMISPHERE_UNKNOWN object| olson string| dt_zone object| jQueryLoaderOptions object| msBeautify object| I18n object| Base64 boolean| popupOpened object| RedactorPlugins object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| DP_jQuery_1715059082105 object| jQuery18309983706696791237 object| BROWSER function| tinycolor function| designedSelect function| recurlyController function| openPopup function| openEducationCenterPopup function| openDialog function| createDialogContainer object| angular string| mixpanel_id object| mixpanel function| mixpanel_id_callback function| onLoginSubmit number| settings_timer number| _vwo_settings_timer object| _vwo_code function| inner_auth_callback function| onSignupSubmit object| _gaq object| uetq undefined| style function| fbAsyncInit string| adroll_adv_id string| adroll_pix_id function| fbq function| _fbq undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue number| _vwo_acc_id object| FB object| __cfBeacon string| csrf_token string| csrf_param string| browser_timezone_rails string| timezonename object| industries string| professionTitle object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| UET function| UET_init function| UET_push object| ueto_1e564c6791 object| _gat object| gaGlobal object| __buffer object| recaptcha object| closure_lm_444958 function| clarity object| clarityuetq boolean| __adroll_loaded string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data

23 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANctrhgCwYgEPfKraqKL2jKXZUXu3IohaXgdeHTIbX8a8tjKXsjkyBNJK3obzLJ7M9ukx15Hb-b08qFL3v7YeNM
.myclients.io/ Name: __cf_bm
Value: msw7V24zxyu0eMT8yfxWPb07tpKLutl9MYoCgB3hbXw-1715059079-1.0.1.1-vsAAXrIMS0qf2Wyq.IayaeodZ0l25QBdXgNjmNF2WJBazulldtJ8VrLqdFHC7217y89BDLBL.BEVPgUQjAeUWmxLqF7PP32AHfraiNNxefo
.myclients.io/ Name: _cfuvid
Value: sqZsB7l559JV9nHwJxImwspbDs_AupnJBq12snB5uvw-1715059079867-0.0.1.1-604800000
.myclients.io/ Name: ____vcita_session
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTc5OTY3YTcxYTc0Yzk3ZGViZTcwMWU0NTM3Mzg3Mzk4BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUM5a1JyVzJmOVY2VHlmZVFFa1N1MG9zSGVkZnUvUy8zbE5TMVpQVHFqZ289BjsARg%3D%3D--d12ba129ed217aa213b2b3402a416820fb7a70ef
.otpbank-staging.myclients.io/ Name: _vwo_uuid_v2
Value: D0F3F910F02F7475AB24EB9F23A28CD00|5631d0132ba39426da23753bfccc9d54
.myclients.io/ Name: mp_78aa39b3aa49594f172cfccda537ef1a_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f517cc79b1286-0775d2f6725b05-7e7a3661-1d4c00-18f517cc79b1286%22%2C%22%24device_id%22%3A%20%2218f517cc79b1286-0775d2f6725b05-7e7a3661-1d4c00-18f517cc79b1286%22%2C%22Application%22%3A%20%22Website%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.myclients.io/ Name: _uetsid
Value: 2dd1a1d00c3111efaab21b6425469a4d
.myclients.io/ Name: _uetvid
Value: 2dd1b2d00c3111ef98944b5a1e81a83e
.otpbank-staging.myclients.io/ Name: __utma
Value: 263216594.1756787053.1715059083.1715059083.1715059083.1
.otpbank-staging.myclients.io/ Name: __utmc
Value: 263216594
.otpbank-staging.myclients.io/ Name: __utmz
Value: 263216594.1715059083.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.otpbank-staging.myclients.io/ Name: __utmt
Value: 1
.otpbank-staging.myclients.io/ Name: __utmb
Value: 263216594.1.10.1715059083
.bing.com/ Name: MUID
Value: 148E2A212DC367833FEF3E592C4C66F3
.myclients.io/ Name: cf_clearance
Value: uMdBVPHtAW_QmG_gzmmY33gWVr.4l1ufauD0ByxtabA-1715059083-1.0.1.1-VaXsS.W2hefzVOSETKS3USipdJdWO6gxX8bncWMZP4Z5b6IHuMevG5R2wUWyOPL_rvmtMhKqT78r6rmEGebvcg
.myclients.io/ Name: _fbp
Value: fb.1.1715059084544.429751204
www.clarity.ms/ Name: CLID
Value: fc93f26f3b7a448898b26bbdead6cb2e.20240507.20250507
.myclients.io/ Name: _clck
Value: c6uri0%7C2%7Cflk%7C0%7C1588
.myclients.io/ Name: _clsk
Value: 4ez6oa%7C1715059086799%7C1%7C1%7Cp.clarity.ms%2Fcollect
.c.clarity.ms/ Name: SM
Value: T
.clarity.ms/ Name: MUID
Value: 27F4A29FDCD26B1D2D3BB6E7D8D26514
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 148E2A212DC367833FEF3E592C4C66F3

26 Console Messages

Source Level URL
Text
intervention info URL: https://otpbank-staging.myclients.io/login(Line 778)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
rendering warning URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js(Line 28)
Message:
The specified value "!" does not conform to the required format. The format is "#rrggbb" where rr, gg, bb are two-digit hexadecimal numbers.
rendering warning URL: https://d2ra6nuwn69ktl.cloudfront.net/assets/application-980c77fd04b84a63cf15b688990ebcdb.js(Line 28)
Message:
The specified value "!" does not conform to the required format. The format is "#rrggbb" where rr, gg, bb are two-digit hexadecimal numbers.
recommendation warning URL: https://otpbank-staging.myclients.io/login
Message:
[DOM] Found 2 elements with non-unique id #lang: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://otpbank-staging.myclients.io/login
Message:
[DOM] Found 2 elements with non-unique id #user_email: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://otpbank-staging.myclients.io/login
Message:
[DOM] Found 2 elements with non-unique id #user_password: (More info: https://goo.gl/9p2vKq) %o %o
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1403135116654645?v=2.9.155&r=stable&domain=otpbank-staging.myclients.io&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://otpbank-staging.myclients.io/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
c15117557.ssl.cf2.rackcdn.com
cdn.mxpnl.com
connect.facebook.net
d.adroll.com
d2ra6nuwn69ktl.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
otpbank-staging.myclients.io
p.clarity.ms
s.adroll.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.com
www.gstatic.com
d.adroll.com
104.110.30.234
104.16.80.73
104.18.27.3
108.177.15.156
13.107.213.45
13.33.158.46
130.211.5.208
142.250.185.202
142.250.186.163
142.250.186.35
142.250.74.196
157.240.251.35
157.240.251.9
18.245.86.116
20.122.63.128
204.79.197.237
34.96.102.137
68.219.88.97
10753490ce8b02f64bc0d75c64869254efb38496ab2ad54b099227a45910e763
11543f781939c559795279cad4e50e5e277c69c190c819cf6a0fdac44e822f16
30610497b5a0c47d76d107d1e7930f1ff972e4037b04f780e50389dac8f8ea27
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
4211b811bb485720668ef0a0a16d04da09f5e0f8210c46bffa74aef5f76c06af
4c03263590d312c1613594231a42b3c34814cdaf2a0127b57ae89666a79421ae
4c469afb6c590be6e295449931d920fd98b79a72e59bfa601e33efab8b9cd8b1
4d324a825bbb50462c5e638cce14cd2f17cb01d041b9f508771ffe00289d69b0
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
68dcd5ab9ace7cb6f90f96299c2b98c9ec7e75babc3fcf8561989bf565b02534
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c60e008d11d4b8980f4303d5794acf5b981a8aa6f439726873ee63295809e82
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c2f97acad8034900a5b5e5070050eec6501bbcd35e270104eef919ca19d258
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
91c286bfba831de57aef7ad6997b255354c8cd521c3a590cfa6582de9ff550f6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5eb468156ff7ae8ae8a8f1ff29d4d68c4c45485d6c15426f75c50e2899b11f
a463ca19a0f7d34d2e10135f7af801e88b77b0d77590d3a5f52eaf408c188b76
a621659ca5ca274cdf2b66dbeb0b258080532fd561c9ba3c00efb60a095c2c4e
a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7
c2911b638811c0db5e0e18c7da960f84b21453c24910fa5de8dc27f741e5ea5e
c321c83316ada39062c2be154f94e25d0519602f5eeae19ab38932752a6ddd07
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
da6766447afd1655f6a5f301a5801886f8ebb1cb01fedc215729ae0625244b16
e176d1cfcfbfe00a8e57f9db303f156006f773c44d6e93f6958b2b2b0530f8c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa6bce9e87f8933ef111766f37dc12fa443651a23427da0ee31588d3d1ed36
eebc066b05ec934dc6ec03481d80c628b86500ad03a5c30657560e8a6e5a865e
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f5c6f3aef83a1f28e9334a8b3ea9a5012a3bfbf7ea179cb1def1a7311e0c0e0d