Submitted URL: https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Effective URL: https://invoice.99p.ru/
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 92.243.127.158, located in Tomsk, Russian Federation and belongs to NEWTELESYSTEMS, RU. The main domain is invoice.99p.ru.
TLS certificate: Issued by R3 on September 6th 2021. Valid for: 3 months.
This is the only time invoice.99p.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 92.243.127.158 31036 (NEWTELESY...)
1 2a00:1450:400... 15169 (GOOGLE)
3 9 2a02:6b8::1:119 208722 (YNDX)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 104.18.72.113 13335 (CLOUDFLAR...)
10 104.18.70.113 13335 (CLOUDFLAR...)
3 104.16.51.111 13335 (CLOUDFLAR...)
29 7
Domain Requested by
10 static.zdassets.com invoice.99p.ru
assets.zendesk.com
static.zdassets.com
7 mc.yandex.com 2 redirects invoice.99p.ru
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
4 invoice.99p.ru invoice.99p.ru
3 mainsms.zendesk.com assets.zendesk.com
static.zdassets.com
2 mc.yandex.ru 1 redirects invoice.99p.ru
1 ekr.zdassets.com assets.zendesk.com
1 assets.zendesk.com 1 redirects
1 fonts.googleapis.com invoice.99p.ru
29 9

This site contains no links.

Subject Issuer Validity Valid
invoice.99p.ru
R3
2021-09-06 -
2021-12-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-07-28 -
2022-01-07
5 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-07-08 -
2022-07-07
a year crt.sh
mainsms.zendesk.com
Cloudflare Inc ECC CA-3
2021-06-07 -
2022-06-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://invoice.99p.ru/
Frame ID: 37C30346E22DC6E0300A21D2C194E40D
Requests: 15 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 5AC29FB2D6F49F004239886D055B366B
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Frame ID: 2DC75328FBD6CAB894C854A1AF81D012
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Выбор организации

Page URL History Show full URLs

  1. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  3. https://invoice.99p.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

29
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

520 kB
Transfer

1650 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  3. https://invoice.99p.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 11
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9408.kXIfOrSmg3wSpyCBbPFAg0N2CZPbK3Vez6s-eGSoTlI91-2yTbXwXuxT92WVKIYg.vaH7AoAJTNLuuTcTke7C9BisH0M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9408.NtGBJhMBfp6sXUL0x-hb8l8R16xXdz1pfTfI8olLOgnk-ALynY3mBMIRq8b5e9qul6EksWcJaSNqxksZ3_VpeA%2C%2C.eRBVK-NWcGDLKJVRj5VPz3P4pDo%2C
Request Chain 13
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1100343507686%3Ahid%3A469427307%3Az%3A0%3Ai%3A20210927031407%3Aet%3A1632712447%3Ac%3A1%3Arn%3A828264707%3Arqn%3A1%3Au%3A1632712447236656842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632712446992%3Ads%3A0%2C0%2C86%2C0%2C0%2C0%2C%2C121%2C0%2C%2C%2C%2C211%3Adsn%3A0%2C0%2C86%2C1%2C0%2C0%2C%2C123%2C0%2C%2C%2C%2C211%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632712448%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1100343507686%3Ahid%3A469427307%3Az%3A0%3Ai%3A20210927031407%3Aet%3A1632712447%3Ac%3A1%3Arn%3A828264707%3Arqn%3A1%3Au%3A1632712447236656842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632712446992%3Ads%3A0%2C0%2C86%2C0%2C0%2C0%2C%2C121%2C0%2C%2C%2C%2C211%3Adsn%3A0%2C0%2C86%2C1%2C0%2C0%2C%2C123%2C0%2C%2C%2C%2C211%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632712448%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
xylem.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/
937 B
768 B
Document
General
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Mon, 27 Sep 2021 03:14:10 GMT
Content-Length
566
xylem.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/
956 B
819 B
Document
General
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
b484711c6b42c62cb1ad9efa3995590404f5afdfd0c3309a15ad582cf552013b

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Mon, 27 Sep 2021 03:14:10 GMT
Content-Length
617
Primary Request Cookie set /
invoice.99p.ru/
4 KB
3 KB
Document
General
Full URL
https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Set-Cookie
PHPSESSID=kut9nqbst5m9b01fc1r071pgr3; path=/
Date
Mon, 27 Sep 2021 03:14:10 GMT
Content-Length
2207
style.css
invoice.99p.ru/tpl/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://invoice.99p.ru/tpl/css/style.css
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 /
Resource Hash
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://invoice.99p.ru/
Cookie
d=0; n=Etc/Unknown; PHPSESSID=kut9nqbst5m9b01fc1r071pgr3
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 03:14:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2017 11:56:46 GMT
Server
Microsoft-IIS/8.0
ETag
"79de41fc06dd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2115
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 03:14:07 GMT
server
ESF
date
Mon, 27 Sep 2021 03:14:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 03:14:07 GMT
tag.js
mc.yandex.ru/metrika/
191 KB
65 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Mon, 27 Sep 2021 04:14:07 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:33:16 GMT
x-content-type-options
nosniff
age
384051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:33:16 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:47:46 GMT
x-content-type-options
nosniff
age
383181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:47:46 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame 5AC2
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
20 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
D2F6GAEC9VD8GF0H
x-amz-id-2
xTQk7kVmTeerLo0JO1ucvhcrJZGEf1sFEED8xQZ+mrc7SJAIYb+rkWsc1hgcgE/20UeO2EkC/wc=
last-modified
Wed, 09 Jun 2021 00:08:58 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN4dPDtpjmOSq2KQEZh2uwcp5dfS1kkXwpG6fjV1lNdpi050HHaOlme4ZCeQtSNWPADBMj3u%2BIJfS3Um7FIgvRhvAZ4Fzt%2FEERqXbz0EuNeF6wIE0f9NCWhr5QApX%2BpGc3WsYrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
K3SnbkxF6hLvuoHLDwjJyrnNVVhjkbLm
cf-ray
69518f5c0ce63ff5-CDG

Redirect headers

date
Mon, 27 Sep 2021 03:14:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zcCnhpbiLoKn8vQvomUb6RLNuqqgrtDNZ8ofT8el0BBdKwp0SYeWsYUrLZZDvVbKgFCLwEq1PGzs2achZ884KpayYxwKpagXGcpwyOzFbqoO3MGn7%2Bqq51Q46KGEHjDHqF8TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
69518f5b8dc139f3-CDG
expires
Mon, 27 Sep 2021 04:14:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:41 GMT
x-content-type-options
nosniff
age
384146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:32:14 GMT
x-content-type-options
nosniff
age
384113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:32:14 GMT
mainsms.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 5AC2
631 B
1 KB
XHR
General
Full URL
https://ekr.zdassets.com/compose/web_widget/mainsms.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4284aca7f5b045349f8f0e8dbefc87535241c8647d0eda26b81155bbe68d8171
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
29f8feb1-4ff2-479e-a571-eb7b8d583f10
x-runtime
0.017422
server
cloudflare
etag
W/"4284aca7f5b045349f8f0e8dbefc8753"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfoUJCgmB978b7SWe212ys8TO4fxfh2KVuBgdWExRTJbG0gXkkgwYV4XcrJV64jo%2BUJu9eg8THDh7VXfsfDvIhY8ZLH7o1KPqSPRprQFZAkmBpaf7q3JhOrOyZOcg5kD9qI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
69518f5c8b18084b-CDG
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9408.kXIfOrSmg3wSpyCBbPFAg0N2CZPbK3Vez6s-eGSoTlI91-2yTbXwXuxT92WVKIYg.vaH7AoAJTNLuuTcTke7C9BisH0M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9408.NtGBJhMBfp6sXUL0x-hb8l8R16xXdz1pfTfI8olLOgnk-ALynY3mBMIRq8b5e9qul6EksWcJaSNqxksZ3_VpeA%2C%2C.eRBVK-NWcGDLKJVRj5VPz3P4pDo%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9408.NtGBJhMBfp6sXUL0x-hb8l8R16xXdz1pfTfI8olLOgnk-ALynY3mBMIRq8b5e9qul6EksWcJaSNqxksZ3_VpeA%2C%2C.eRBVK-NWcGDLKJVRj5VPz3P4pDo%2C
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9408.NtGBJhMBfp6sXUL0x-hb8l8R16xXdz1pfTfI8olLOgnk-ALynY3mBMIRq8b5e9qul6EksWcJaSNqxksZ3_VpeA%2C%2C.eRBVK-NWcGDLKJVRj5VPz3P4pDo%2C
date
Mon, 27 Sep 2021 03:14:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 27 Sep 2021 04:14:07 GMT
1
mc.yandex.com/watch/50923805/
Redirect Chain
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=...
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charse...
350 B
432 B
XHR
General
Full URL
https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1100343507686%3Ahid%3A469427307%3Az%3A0%3Ai%3A20210927031407%3Aet%3A1632712447%3Ac%3A1%3Arn%3A828264707%3Arqn%3A1%3Au%3A1632712447236656842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632712446992%3Ads%3A0%2C0%2C86%2C0%2C0%2C0%2C%2C121%2C0%2C%2C%2C%2C211%3Adsn%3A0%2C0%2C86%2C1%2C0%2C0%2C%2C123%2C0%2C%2C%2C%2C211%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632712448%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
62b430c4ba739f13ae527e0aa6a296842a729d60b561549a0fd66b01a75c923c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 03:14:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 27-Sep-2021 03:14:07 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 03:14:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 03:14:07 GMT
last-modified
Mon, 27-Sep-2021 03:14:07 GMT
location
/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1100343507686%3Ahid%3A469427307%3Az%3A0%3Ai%3A20210927031407%3Aet%3A1632712447%3Ac%3A1%3Arn%3A828264707%3Arqn%3A1%3Au%3A1632712447236656842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632712446992%3Ads%3A0%2C0%2C86%2C0%2C0%2C0%2C%2C121%2C0%2C%2C%2C%2C211%3Adsn%3A0%2C0%2C86%2C1%2C0%2C0%2C%2C123%2C0%2C%2C%2C%2C211%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632712448%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 03:14:07 GMT
web-widget-preload-5be5d22c529549b44db3.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
88 KB
32 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373f934bd2279c8028d39933c64ffeb124489c1362b5fe179bec2b73b354f8c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10011
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
VMDZGBC3A4SYMVGT
x-amz-id-2
DoQiQ1yLcJJjDyII3K1H/cd8J4AcinJ+uU6sXJQJ7fH5ZWwP8AmuoBCnPS9dcG7T+BlKOR7bk8A=
last-modified
Wed, 22 Sep 2021 01:58:40 GMT
server
cloudflare
etag
W/"23e14c3224f9aef1ec0d38c5ce1eba97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txqQJpUT8MXWHWYWdxQ83ijl82KHk%2BKi9Et%2Fm38dji0GPygNzWr3R%2BfRZEufLInPINqdEGySE3tEll9s37pZDRvZpxl1eu58l%2FG%2BIxqbqMPFXzZLLPg63wu1%2BvEOKA%2BSW193MTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
9KZ93b4SKrGyfOEBFEhs1ZkAdmbIBahb
cf-ray
69518f5e1e403ff5-CDG
expires
Thu, 22 Sep 2022 01:58:39 GMT
web-widget-framework-9a55f4ca8fab9579d1b8.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
184 KB
59 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-9a55f4ca8fab9579d1b8.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b192c54f270b2171c452ef4a1130b7491aedefef03c736226ed78c3a7ce599ed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10011
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
VMDJP3RA5ESP2HNF
x-amz-id-2
8WoGCJJ8gK4GLg97BDKsWXVWtTKfC/dakE9xCj9AsxPlRk/yQ97+f9fI9BVFSNVGRB5ADOX53q0=
last-modified
Wed, 22 Sep 2021 01:58:41 GMT
server
cloudflare
etag
W/"987641bcb4afe8a18bafe4cbfd680590"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1OpRGyBHwllfEYCJZhh%2Fl82DiI5IcXmFmAANwbKFHvBDT0WGBvEYMkIEM7vmOtA%2FME%2B7xo0xEX8hmesmFvNuncV3BmP3B0qAbKI4v7BnG9JDRWCSm%2FV4Wrc%2B3vuOUr62kvfKBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
R8Ga2MM2n6NXy01M3WQmlMrytvFc_Kwe
cf-ray
69518f5e1e423ff5-CDG
expires
Thu, 22 Sep 2022 01:58:40 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
203 KB
52 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5970601
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
AFCSZWW99A7WQ0G8
x-amz-id-2
rSUa3q7UCzR27JGJtSjs+Vr+DqiI27RkawWfu5bk9elpdJrpMc5LFnkm+rXCQd7Wix4DXsRRThw=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCXrYhg3YpDQ5bRLzYa5KjpmfKJAsQOLKKpsww%2FkqmxXZpKrf%2BA0MrkAfyIwsVWbYpS9er9SGfN83M1hUAFmhlIzseJW%2BxmDPckHSe3lNl75xRnO%2Bp27wQ%2Bj3xqW8XSdchZVg1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
6nLy1oZDiI0GDEsA2cGfRKjp8Mm1fRS8
cf-ray
69518f5e1e433ff5-CDG
expires
Tue, 19 Jul 2022 02:04:03 GMT
config
mainsms.zendesk.com/embeddable/ Frame 5AC2
831 B
1 KB
XHR
General
Full URL
https://mainsms.zendesk.com/embeddable/config
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-7c7448ff9b-c29hz
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
69518f5eecf20838-SEA, 69518f5eecf20838-SEA
x-runtime
0.001383
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnDbjezWGFUjPzpscF0mQkZjXWUnDK0i7DMKdGPrb87XUKa%2FKLGOdGorZMa%2Boz270WXpInWEBpniqv1PG1Zk%2FM97suoot0E2QxM1B6wvkXeytKpLbnsF6y1CSko9UtMY2YKAKAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
69518f5eecf20838-CDG
de-de-json-d7ee6cb4b3f57aabe16b.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 2DC7
37 KB
9 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
601671
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4FHR93392CYMY18W
x-amz-id-2
dIu5sA1n2zJzQMNSKAvRy0DiLexjdkOP8n2OzQINSO6x92gSIGZui8VZCvHxnikc4Z0QEHAKoYU=
last-modified
Mon, 20 Sep 2021 03:46:48 GMT
server
cloudflare
etag
W/"811ba5198de03eb639ced23b0c55e764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af6mefHHNaHrqKAi15dpky5EG%2BMVEL8Ygw3KOPLBHErhkoLo9cHE6W6oamIyn4D%2B4F8mmGpm7RIhgXMV7GOAamEPRlQnl47wPfyCBqlLsPNglZoYBDOlgztjjFouHy9yXDFcTww%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray
69518f604fa93ff5-CDG
expires
Tue, 20 Sep 2022 03:46:47 GMT
web-widget-7487-813b8c77d5c0e8d0d00a.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
340 KB
103 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-7487-813b8c77d5c0e8d0d00a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1051229
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQQMNK5KRDX8H8Z
x-amz-id-2
xrt/anzE8qBETvkGxS9YNoayEyRxUPGmOF9SdiCQh9P6AfS5Eyd+2p1omS8yheBdoEcNr1jPwRE=
last-modified
Mon, 13 Sep 2021 23:45:48 GMT
server
cloudflare
etag
W/"b09bbdba067caac0d4cefb3cc1142b84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPLAFc31pup7fFmgy%2FTMKW0maWzdH%2FhiaZ95U1WxhHYWCKtm7rrdIt1k%2FfP2ULhMIJn0f4yZgjmzkeBxRuEMZaR3WucQnaBwvA6TQVKizN8RCf1H7Yf0w19nV9DTciUXPYi%2FlCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
uS5dZl.YNc6jj_t0cS60aE2lFJFk5MUV
cf-ray
69518f604fac3ff5-CDG
expires
Tue, 13 Sep 2022 23:45:47 GMT
web-widget-2765-b06562d67a25c346a78a.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
81 KB
22 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-2765-b06562d67a25c346a78a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1051229
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQJVH8ZDQSAABNE
x-amz-id-2
2xSV7QOOJ/I7WyD07O7Vn6qi1VLCj0dhMiUvuXN9SO/PwWDm/G4I2DvH2DOdz+ysdoYGZ9WqPgU=
last-modified
Mon, 13 Sep 2021 23:45:49 GMT
server
cloudflare
etag
W/"0bc1a1b4bd1a31033986b000da94d291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRGLO2HWaUkBm8Ub6Q9Po1Rnn3KT7OPC%2B9MDYFm6Te5DQOxr2ThZcgFkSu%2B9CfxUbeurvhkvb3jDoNHYUEyrPjEdmPjdW6uMrVxfO%2F%2BsZxRzAhSSqCu9eJwrKR02cfFZho%2BSNTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
A1v2De1d.Np63il34KlS.L5PoKQUdcZa
cf-ray
69518f604fae3ff5-CDG
expires
Tue, 13 Sep 2022 23:45:47 GMT
web_widget-64a50a0efda2017cc93c.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 2DC7
419 KB
90 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-64a50a0efda2017cc93c.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87289d3b8922cb4c0f19826d5248665776a17ddd95866c3efe868a1252bea43b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10012
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
VMDY4ZKBY09BT0RA
x-amz-id-2
D5g/qjvBDPplfqox4LjOZz4tW30E6TBme9NJKfZRjnPTqZhO8LKCIq9GQ0SKjIOx7aEwI4SY0Ag=
last-modified
Thu, 23 Sep 2021 01:03:11 GMT
server
cloudflare
etag
W/"7946377ef3b684535f2b6e26bbc722b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIgsjWfST3uJ3vOgV0tUAgXelXCivBOb3P%2FrpgYr1SQIdZHLL6QLhPlIK3og1Kd2yimB30FaOZoFLfBfEjKt6pOY2YfyjCEd8dxRYNWlHuAwetKIrWKAPKGPlJMENmf60fLw%2Ftk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
akXc65Hugw63kzOR2jMoBGU4Q1qF47ye
cf-ray
69518f604faf3ff5-CDG
expires
Fri, 23 Sep 2022 01:03:10 GMT
embeddable_blip
mainsms.zendesk.com/ Frame 2DC7
0
327 B
XHR
General
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI2MjA5MjVlYzFjMzc4ZGQxODk1NmViZDU2MDI4ZTg3NSIsInN1aWQiOiI5YzRkZmFlNzQzYWYyNDUxYTdhNjBhMGZlZTVkNjNkYyIsInZlcnNpb24iOiIwNWE0YWE5YjYiLCJ0aW1lc3RhbXAiOiIyMDIxLTA5LTI3VDAzOjE0OjA4LjE0NFoiLCJ1cmwiOiJodHRwczovL2ludm9pY2UuOTlwLnJ1LyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-9a55f4ca8fab9579d1b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdSLfT4MIUX%2Fufu9XajrViFYYpdmGrr1OjF0K8Zh%2FOz%2F6J5hrygdLdQgp93QGZFDVQIjljVTWORRw4v5YmObGnmIyVvhTXkl5oV877v8TRT8ZD%2FQJY7GdlbvISFExsKkOeTgrm4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
69518f60fdc40838-CDG
vary
Accept-Encoding
content-length
0
x-request-id
0db8e3468ecb628541b1f1a918e3b7f4
embeddable_blip
mainsms.zendesk.com/ Frame 2DC7
0
284 B
XHR
General
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9pbnZvaWNlLjk5cC5ydS9hc3NldHMvanF1ZXJ5LWZpbGUtdXBsb2FkL3NlcnZlci9waHAvZmlsZXMveHlsZW0ucGhwIiwidGltZSI6MjgsImxvYWRUaW1lIjpudWxsLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoi0JLRi9Cx0L7RgCDQvtGA0LPQsNC90LjQt9Cw0YbQuNC4IiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOmZhbHNlLCJ2aWV3cG9ydE1ldGEiOiIiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjYyMDkyNWVjMWMzNzhkZDE4OTU2ZWJkNTYwMjhlODc1Iiwic3VpZCI6IjljNGRmYWU3NDNhZjI0NTFhN2E2MGEwZmVlNWQ2M2RjIiwidmVyc2lvbiI6IjA1YTRhYTliNiIsInRpbWVzdGFtcCI6IjIwMjEtMDktMjdUMDM6MTQ6MDguMTcyWiIsInVybCI6Imh0dHBzOi8vaW52b2ljZS45OXAucnUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-9a55f4ca8fab9579d1b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs62Kh4mn7tSeX15q2jSoVUJ3OHWZedJmjypWWOjXAna79CP5CQ9WwaYWGufNYK0oGOs71p5D%2BL2TODQfW%2BJZ4lM2xZyE%2FY643mH7BUxls%2FUBx7zP2bZoX%2FqrNE16Me52t9B3WM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
69518f612dd10838-CDG
vary
Accept-Encoding
content-length
0
x-request-id
b015e03b6ad9640f0517111fe40713d2
web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
static.zdassets.com/web_widget/latest/ Frame 2DC7
337 B
952 B
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-5be5d22c529549b44db3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5970596
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
41XK3YVGSQWT8AMH
x-amz-id-2
LcB6Q+ID4UCougujCW3oKT38VKN9QWGKUbw3htTdQH27N7Fntc4pIyH0MWKN52opa7qEX5WuKlI=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOVBbqer7Dx1UfFxN%2FXQep3H8xIeaV2JafLb8utmo6VB4OdNM6ZQQBgSJ11sGMVQrTEyCJDOKuxvd1G8GcX8oV3WPPn4j6JcGwggAaDjCyfCq%2F6Rjeqspt2RSz05Wfdi5gSuqDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
___O_wFiyDX4A56Xq4fDhtClHpW0qk0i
cf-ray
69518f62a93d3ff5-CDG
expires
Tue, 19 Jul 2022 02:04:03 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 2DC7
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 27 Sep 2021 03:14:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4G2FYAZZD1XHTXP6
x-amz-server-side-encryption
AES256
cf-ray
69518f62d9633ff5-CDG
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
BWBrerr7wKeNS3ksy3+9+XyjX2BJXi+APK4v1EfuboaW/g0T8VLLlseCERSZ9MOLWq+jsfR0a8Y=
last-modified
Thu, 23 Sep 2021 08:42:25 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IENoRDPQHNPbz3HVw762ecunXi5EdQ3v8itoSB%2BhKjMIfT54QXV1dI3boQHAxppI0FKqS%2BZeOFd9Y2ZXY1g%2F%2B5TQr95U8qwRZhTRrfO%2BAZTAvxUQzXoVa%2FeuikZsciyR4QMY79Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
m_ClK9mQYxvfgpg2kDuEV00rXLbT_pg.
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Fri, 23 Sep 2022 08:42:24 GMT
50923805
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=469427307&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=876589100&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632712450%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210927031409%3Au%3A1632712447236656842%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632712450
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 03:14:09 GMT
last-modified
Mon, 27-Sep-2021 03:14:09 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 03:14:09 GMT
50923805
mc.yandex.com/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=469427307&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=556728994&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1632712450%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210927031409%3Au%3A1632712447236656842%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632712450
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 03:14:09 GMT
last-modified
Mon, 27-Sep-2021 03:14:09 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 03:14:09 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| zEmbed function| zE object| Ya object| yaCounter50923805 boolean| zEACLoaded function| $zopim

16 Cookies

Domain/Path Name / Value
invoice.99p.ru/ Name: d
Value: 0
invoice.99p.ru/ Name: n
Value: Etc/Unknown
invoice.99p.ru/ Name: PHPSESSID
Value: kut9nqbst5m9b01fc1r071pgr3
.99p.ru/ Name: _ym_uid
Value: 1632712447236656842
.99p.ru/ Name: _ym_d
Value: 1632712447
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2087020098fake
.99p.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2701262451fake
.yandex.com/ Name: yandexuid
Value: 3763867081632712447
.yandex.com/ Name: yuidss
Value: 3763867081632712447
mc.yandex.com/ Name: yabs-sid
Value: 1831956411632712447
.yandex.com/ Name: i
Value: iQJZ5RmsNFI6GdASp8tAkktJaD98uynFn0JTnGWJZjna3wSKkYKYOOgeP5YSKWBJESsuDCGMHR0/WAbaJjcfBJcxk3c=
.yandex.com/ Name: ymex
Value: 1664248447.yrts.1632712447#1664248447.yrtsi.1632712447
.99p.ru/ Name: _ym_visorc
Value: w
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: Sik2p0QoGTNBDwjqQ0Qkdyzj7tnpaRJbX68u2tQ6FtyD2S/iOmmGiJl4hTKv09Mqb3VzMUJF9qAhFjN2IWX2wFjtM9TTMp4Gp7oitx4ZZJJ6Z/+hoy9LvJNHNGjB
.99p.ru/ Name: __zlcmid
Value: 16HkMTs8Kxal40H

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9408.NtGBJhMBfp6sXUL0x-hb8l8R16xXdz1pfTfI8olLOgnk-ALynY3mBMIRq8b5e9qul6EksWcJaSNqxksZ3_VpeA%2C%2C.eRBVK-NWcGDLKJVRj5VPz3P4pDo%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
invoice.99p.ru
mainsms.zendesk.com
mc.yandex.com
mc.yandex.ru
static.zdassets.com
104.16.51.111
104.18.70.113
104.18.72.113
2a00:1450:4001:80e::200a
2a00:1450:4001:82a::2003
2a02:6b8::1:119
92.243.127.158
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
373f934bd2279c8028d39933c64ffeb124489c1362b5fe179bec2b73b354f8c2
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
4284aca7f5b045349f8f0e8dbefc87535241c8647d0eda26b81155bbe68d8171
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62b430c4ba739f13ae527e0aa6a296842a729d60b561549a0fd66b01a75c923c
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45
87289d3b8922cb4c0f19826d5248665776a17ddd95866c3efe868a1252bea43b
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
b192c54f270b2171c452ef4a1130b7491aedefef03c736226ed78c3a7ce599ed
b484711c6b42c62cb1ad9efa3995590404f5afdfd0c3309a15ad582cf552013b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e