www.hellozest.io Open in urlscan Pro
3.13.230.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hellozest.io/zendesk-demo
Submission: On May 20 via manual (May 20th 2022, 1:48:01 pm UTC) from SG — Scanned from DE

Summary HTTP 99 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 26 domains to perform 99 HTTP transactions. The main IP is 3.13.230.122, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.hellozest.io.
TLS certificate: Issued by Amazon on August 10th 2021. Valid for: a year.

This is the only time www.hellozest.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	3.13.230.122 3.13.230.122	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:2e00:1c:f638:2940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
12	18.190.30.138 18.190.30.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:7e00:19:61a3:b200:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	108.157.4.112 108.157.4.112	16509 (AMAZON-02) (AMAZON-02)
3	99.86.7.39 99.86.7.39	16509 (AMAZON-02) (AMAZON-02)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
99	32

16 3.13.230.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-230-122.us-east-2.compute.amazonaws.com

www.hellozest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7aaf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.3 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2e00:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

d3v-zest.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.190.30.138 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-30-138.us-east-2.compute.amazonaws.com

app.hellozest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hellozest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:7e00:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)

client.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.112 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-112.dus51.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-39.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

axeptio.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	hellozest.io www.hellozest.io app.hellozest.io — Cisco Umbrella Rank: 492932 api.hellozest.io	1 MB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2111 ekr.zdassets.com — Cisco Umbrella Rank: 2332	506 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	736 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 jnn-pa.googleapis.com — Cisco Umbrella Rank: 276	23 KB
6	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 910	17 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	65 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	930 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 358	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	3 KB
3	imgix.net axeptio.imgix.net — Cisco Umbrella Rank: 86782	43 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2525	132 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	134 KB
3	zendesk.com d3v-zest.zendesk.com	2 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2514 api-iam.intercom.io — Cisco Umbrella Rank: 2885	3 KB
2	google.com www.google.com — Cisco Umbrella Rank: 7	14 KB
2	axept.io static.axept.io — Cisco Umbrella Rank: 59578 client.axept.io — Cisco Umbrella Rank: 66044	185 KB
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 34425	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	131 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	97 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	68 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 211	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5483	548 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	348 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	28 KB
99	26

	Domain	Requested by
16	www.hellozest.io	www.hellozest.io
10	app.hellozest.io	www.hellozest.io app.hellozest.io
10	static.zdassets.com	www.hellozest.io static.zdassets.com
9	www.youtube.com	www.hellozest.io www.youtube.com
6	unpkg.com	4 redirects www.hellozest.io
4	jnn-pa.googleapis.com	www.youtube.com
4	www.facebook.com	www.hellozest.io
3	axeptio.imgix.net
3	js.intercomcdn.com	widget.intercom.io
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	d3v-zest.zendesk.com	static.zdassets.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	api.hellozest.io	app.hellozest.io
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.hellozest.io www.youtube.com
2	px.ads.linkedin.com	2 redirects
2	grow.clearbitjs.com	www.hellozest.io
2	fonts.googleapis.com	www.hellozest.io app.hellozest.io
2	www.googletagmanager.com	www.hellozest.io www.googletagmanager.com
2	code.jquery.com	www.hellozest.io
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google.de	www.hellozest.io
1	www.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.hellozest.io
1	www.linkedin.com	1 redirects
1	client.axept.io	static.axept.io
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.axept.io	www.hellozest.io
1	ekr.zdassets.com	static.zdassets.com
1	cdn.jsdelivr.net	www.hellozest.io
99	36

This site contains links to these domains. Also see Links.

Domain
app.hellozest.io
www.zendesk.com
status.hellozest.io
www.notion.so
hellozest.notion.site
www.facebook.com
twitter.com
www.linkedin.com
axeptio.eu

Subject Issuer	Validity	Valid
hellozest.io Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
grow.clearbitjs.com Cloudflare Inc RSA CA-2	`2021-07-29` - `2022-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
static.axeptio.eu Amazon	`2021-08-19` - `2022-09-17`	a year	crt.sh
d3v-zest.zendesk.com Cloudflare Inc ECC CA-3	`2021-11-10` - `2022-11-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-26` - `2022-05-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
client.axept.io Amazon	`2021-10-02` - `2022-10-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.hellozest.io/zendesk-demo
Frame ID: B610CE4EB60BEE86E94B28C870DB5BBC
Requests: 60 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js
Frame ID: 3A8005BB22E632166418C386FF12B2B7
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IXRT5KvsBmE
Frame ID: 80D0DBD5D70551420FB015969CB5BF5E
Requests: 20 HTTP requests in this frame

Frame: https://app.hellozest.io/loginbutton
Frame ID: C78B3DBD7BBD281B481DDFAFCB6D0740
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.27278550.js
Frame ID: 7923F2390D860B7DF3D12D6326244E69
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZestFacebookTwitterLinkedIn

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+bulma(?:\.min)?\.css

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

99
Requests

95 %
HTTPS

70 %
IPv6

26
Domains

36
Subdomains

32
IPs

4
Countries

3271 kB
Transfer

9613 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://app.hellozest.io/
Title: SIGN IN

Search URL Search Domain Scan URL

URL: https://www.zendesk.com/apps/support/screen-recording-by-zest
Title: Visit Zendesk Marketplace

Search URL Search Domain Scan URL

URL: https://status.hellozest.io/
Title: System status

Search URL Search Domain Scan URL

URL: https://www.notion.so/hellozest/What-s-new-9d0a258577cf4d1f80ae0be642714479
Title: What’s New?

Search URL Search Domain Scan URL

URL: https://hellozest.notion.site/Help-Center-0207d74ad37c4f72b579727916373a9c
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Zest-111104677400392
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Zest__hq
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hellozest
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://axeptio.eu/?utm_source=www.hellozest.io&utm_medium=widget
Title: Découvrez Axeptio

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/@popperjs/core@2 HTTP 302
https://unpkg.com/@popperjs/core@2.11.5 HTTP 302
https://unpkg.com/@popperjs/core@2.11.5/dist/umd/popper.min.js

Request Chain 4

https://unpkg.com/tippy.js@6 HTTP 302
https://unpkg.com/tippy.js@6.3.7 HTTP 302
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3984313%26time%3D1653054475389%26url%3Dhttps%253A%252F%252Fwww.hellozest.io%252Fzendesk-demo%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true&e_ipv6=AQLxB-PcEJCSaAAAAYDhuY8EN-TUHc-YB3ToggZUi2FyKVqgX3Vko6c21XpvjNkYmX-du88gUXRFu9rD8DeqEjZlFQUeww

Request Chain 60

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 82

https://widget.intercom.io/widget/awzqwki9 HTTP 302
https://js.intercomcdn.com/shim.latest.js

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request zendesk-demo Show response
www.hellozest.io/ 8 KB
3 KB 484ms
111ms Document
text/html 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: db08f9fdccb60a180fde19d2e35ec8978490a01ea9399d9887b56556cb2bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2605
Content-Type: text/html; charset=utf-8
Date: Fri, 20 May 2022 13:47:54 GMT
ETag: W/"1fcc-iKqxrMxSe1TsAh0yJi1pz7pijDY"
Server: nginx/1.18.0
X-Powered-By: Express

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 63ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.hellozest.io/
Origin: https://www.hellozest.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1653054474.dop211.fr8.t,1653054474.cds109.fr8.hn,1653054474.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 71ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.hellozest.io/
Origin: https://www.hellozest.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3dee4"
vary: Accept-Encoding
x-hw: 1653054474.dop211.fr8.t,1653054474.cds109.fr8.hn,1653054474.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.2/css/ 201 KB
28 KB 50ms
24ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma@0.9.2/css/bulma.min.css

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bc4ac4300e0d51d745a728937262077d277ae5a26f984957066c41794667c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5199918
x-jsd-version: 0.9.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19135-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"32207-yhs67gOXCSpWkozInuAyMWfytfM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzoWb0w4J4epYLMqds3N8YNqVZ6DTwULR4TnV8XdKrdWfQo%2Bx8loabw%2FYxUlCoAP6xvAPRO%2Flq7aoq40OH%2FbxPhT%2BQmyKZedFEioyhMptnSBfRumAatbKV%2FsewWiPx1nOEhLpEWTl3gng8Z7KIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70e586e00fbc0219-ZRH

GET
H2

200

popper.min.js Show response
unpkg.com/@popperjs/core@2.11.5/dist/umd/
Redirect Chain

https://unpkg.com/@popperjs/core@2
https://unpkg.com/@popperjs/core@2.11.5
https://unpkg.com/@popperjs/core@2.11.5/dist/umd/popper.min.js

19 KB
7 KB

24ms
24ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.11.5/dist/umd/popper.min.js

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3890724
fly-request-id: 01FZWX53FQARBEXS997HGBX1F3-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 05 Apr 2022 12:58:18 GMT
server: cloudflare
etag: W/"4d36-iXnFvLmVc4BctoOR4R3Y2/669h0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70e586e059990204-ZRH

Redirect headers

date: Fri, 20 May 2022 13:47:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FZWX3JFRR9T1ZVSBMWM9YY6Z-fra
server: cloudflare
age: 3890724
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@popperjs/core@2.11.5/dist/umd/popper.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70e586e0294e0204-ZRH
access-control-allow-origin: *

GET
H2

200

tippy-bundle.umd.min.js Show response
unpkg.com/tippy.js@6.3.7/dist/
Redirect Chain

https://unpkg.com/tippy.js@6
https://unpkg.com/tippy.js@6.3.7
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

25 KB
9 KB

35ms
34ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16527121
fly-request-id: 01FM4A3B9MBWVEBXJQ5T3WA5YX
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70e586e0599b0204-ZRH

Redirect headers

date: Fri, 20 May 2022 13:47:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FM4A3B84JXKNJS5PSF7JXJYJ
server: cloudflare
age: 16527121
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70e586e0294c0204-ZRH
access-control-allow-origin: *

GET
H/1.1 200
OK style.css
www.hellozest.io/css/ 155 KB
34 KB 223ms
222ms Stylesheet
text/css 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/css/style.css
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: eb22ab1ba4eabf49b554674fba4e478a11d13186cb951875cf4cbd7fd10279b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:54 GMT
Content-Encoding: gzip
ETag: W/"26a22-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
transfer-encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK addon.css
www.hellozest.io/css/ 16 KB
4 KB 333ms
114ms Stylesheet
text/css 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/css/addon.css
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 3a22420e29aa928da67cdc267fc569feb91d7989342b0498f88485325634a057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:54 GMT
Content-Encoding: gzip
ETag: W/"3f52-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 4136

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 46ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=883121fb-5254-49bd-9495-284ef48434cf

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3H5X2BMP8WK81JG5
x-amz-id-2: atxXSP6UJzjBeaXrlt/ui4iPeg/MXH0NF2p9C5rYM9BZsHsaIX3UPEKVf19hFSQLV2Wszt2FmK0=
last-modified: Wed, 02 Mar 2022 22:42:26 GMT
server: cloudflare
etag: W/"b687c8c87e4bb1d316102239ec8bdb5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JStm%2FeuYs0cuM3fVgB%2Fu0T1EsCwBiERO0CScP1C352mmI3oMQyaRCGlGOLUWbE0c%2BL01Oz1mPuxfS%2BXHq4x%2Fh2kPxt9S6lu7gKIInsRDnk6pSM8tpJGp6DDGjMODxGrbQefhfVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: _Dpi7A8IulKqwnfX5Ya9rojoN_2lK2xr
cf-ray: 70e586dffdb091ef-FRA

GET
H/1.1 200
OK app.js Show response
www.hellozest.io/js/ 1 MB
373 KB 442ms
223ms Script
application/javascript 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/js/app.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 0559b1dcc306bc96fddb0258e3c584dec26156f7f09f80ca36786f4b35bdd8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:54 GMT
Content-Encoding: gzip
ETag: W/"15b9cd-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
transfer-encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK main.min.js Show response
www.hellozest.io/js/ 10 KB
3 KB 333ms
114ms Script
application/javascript 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/js/main.min.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 868d85b25454ea27da46ed906202f6a14344510d15005368222a246a49eb2af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:54 GMT
Content-Encoding: gzip
ETag: W/"2738-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 2725

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
63 KB 48ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN663TW

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ce41badf094a3b6520986dcc579501b802b85607faddc3d39755b58b396ebd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64354
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 May 2022 13:47:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:700|Oxygen:400,700&display=swap

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6fb33f6455e252bf51b32fd889e91587abcd38c90078fc2068f7072d5518cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 13:47:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 13:47:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 13:47:54 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
1 KB 252ms
219ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1653054474543

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 70e586e22fb99136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 883121fb-5254-49bd-9495-284ef48434cf Show response
ekr.zdassets.com/compose/ 487 B
1 KB 219ms
191ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/883121fb-5254-49bd-9495-284ef48434cf

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=883121fb-5254-49bd-9495-284ef48434cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac24a90bdd2803697ad2888762fca1f7fcf8044c83b032e472b54db06e6ddc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 70e586e22a3d9b37-FRA
status: 200 OK
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-xss-protection: 1; mode=block
x-request-id: 8c8749a6-8e69-403d-8097-64deb1d3d0f7
x-runtime: 0.002251
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ac24a90bdd2803697ad2888762fca1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dpoFG05CUPLG9EkuG3SjPgu7ohqbVD9cRUw4%2Bz9jBEIjahxO2XfY5%2FRkdzFZ%2FcsxmbeoK76ImyJ7bc81Y1FJ66pP5KoFPimezhKUQrqUhslsg53zwdvUDFB2m4RvuVaas8%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8

GET
H2 200 c.gif
grow.clearbitjs.com/api/ 35 B
98 B 191ms
187ms Image
image/gif 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&c=direct

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:54 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 70e586e39b639136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
17 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:700|Oxygen:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hellozest.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:08:14 GMT
x-content-type-options: nosniff
age: 347980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:08:14 GMT

GET
H/1.1 200
OK 116.app.js Show response
www.hellozest.io/js/ 8 KB
3 KB 112ms
112ms Script
application/javascript 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hellozest.io/js/116.app.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/js/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 2c985ec6d5b29854c2f994d78affab71942958a0e7d590c51c46bd07a75fa69e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
Content-Encoding: gzip
ETag: W/"1f1e-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 2474

GET
H2 200 sdk.js Show response
static.axept.io/ 666 KB
183 KB 67ms
10ms Script
text/javascript 2600:9000:21f3:2e00:1c:f638:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/sdk.js
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2e00:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c36c98fd039e45780290506bcc4eb50b6c8119eb337f9dad235288550ad2bbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:06:57 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 14:06:44 GMT
server: AmazonS3
age: 85260
etag: W/"cf16897c50b670a017794c6c8faeaa0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8rbyLpz6eYzOSRpEsaCQfo5XDPh_qpvG_CR2tMO679rT3Y_UdIpajw==

GET
H2 200 web-widget-framework-18a6bbaeee17262f066c.js Show response
static.zdassets.com/web_widget/latest/ Frame 3A80 213 KB
71 KB 27ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=883121fb-5254-49bd-9495-284ef48434cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12e5313fc7e6de3ce64887750d40dcffe04e618c7faf33317e4a5bc79df15cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338891
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: XK136E4AF55RKNYS
x-amz-id-2: zzAHYVzBpc/Gt0iy6RGjvK72FmuGa8kj385/561GGt84+NzAO4BgyfDtyLJSYu9VCz55FkUOCQo=
last-modified: Thu, 12 May 2022 07:56:09 GMT
server: cloudflare
etag: W/"d343d58d9d2daf2ef3f9a50491ca2c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BoFvd0n9eK2cdRdg97GERxUkd6uDZ3IRO8YpM90AGkA0uOotP7lXJtJKTFoBjQVVZNDOFeXtvgJTG30jJk8ZLMPX98z76hLjeJNUNCLNLrM7QoG%2FNDNjgJDMQA6W1q6nHJHI5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: C7bmY63jR21pa.0rqdHmmQUp8IwsgT61
cf-ray: 70e586e6090391ef-FRA
expires: Fri, 12 May 2023 07:56:08 GMT

GET
H2 200 web-widget-chat-sdk-e0157e80c686f09857a7.js Show response
static.zdassets.com/web_widget/latest/ Frame 3A80 202 KB
51 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-e0157e80c686f09857a7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=883121fb-5254-49bd-9495-284ef48434cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c39b727c45724e2446162982ef7eafb30a9aad8b9db79d2cfabbed0f200aeddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306875
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1MV8TVXT02694HYY
x-amz-id-2: ie1CJQRvBqJpQDTYHBWyTarlg5zWrNWYfLFXrHHiklX+WOjN8ThKACsNcxpLIH8to4pKv/XZjN4=
last-modified: Mon, 16 May 2022 06:41:01 GMT
server: cloudflare
etag: W/"8d01509131edc7aed6fb7c768ff1ebef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIrVF8KborUmfaIzBZbfLD1L1%2B1nvil8GN0mqKcaeP9D4XNk16PoGVMAzH5WXWOLell6e9T9EKTy1nHLoYRTnsoj7ze9LbEmIh%2FNTprpSnrIQX3q9wP%2FsgKymuFP6gchON56gck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: WI5dCt4TU_gu9_5js8t4JZ3jevfsOJJV
cf-ray: 70e586e6090491ef-FRA
expires: Tue, 16 May 2023 06:41:00 GMT

GET
H2 200 config Show response
d3v-zest.zendesk.com/embeddable/ Frame 3A80 827 B
1 KB 103ms
63ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d3v-zest.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cba207d4ff7564b15f67bfbea217f516badabd0ecc243aa5d9b8f1261a895b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Fri, 20 May 2022 13:47:55 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5dd99487dd-x8nbc
x-envoy-upstream-service-time: 18
zendesk-api-version: 2022-01-01
strict-transport-security: max-age=31536000;
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 70e586e6b924912b-FRA
x-runtime: 0.015291
server: cloudflare
etag: W/"cba207d4ff7564b15f67bfbea217f516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zbv5lk5TF2%2FwLriuX%2FulY2nabGNy9Zg%2BwpJxQ6%2FTnheHr4NilJxJoyZcwib3iPP3quvpg3q8kMlUgv9S9KznEvFytp%2BHnJmNWizg9V%2BosbJFsNmpVOygZ%2FjKdutLuklVrovMSxZW"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 70e586e6b924912b-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 47ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4GRBDQD774&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN663TW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aa771e5670a935633a31ca5144b27003313b9f0835fc55ba105340f312fde75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69612
x-xss-protection: 0
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 70ms
33ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN663TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN663TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: XeBl3nSfDDrS2pQFr9hJdybz6mIND/dTB4CuvaQVAEaFc9Kmd5qTJyPdeKVKX331LahfSD/Y+I6/sf1iJJwyBw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 20 May 2022 13:47:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 57ms
15ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dc7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN663TW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=25252
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 IXRT5KvsBmE Show response
www.youtube.com/embed/ Frame 80D0 62 KB
27 KB 86ms
59ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/IXRT5KvsBmE

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a76edb179f147995311b539605c6a021b726eb747e5d900f71e382fdaedfbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellozest.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 20 May 2022 13:47:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loginbutton Show response
app.hellozest.io/ Frame C78B 0
1 KB 391ms
127ms Document
text/html 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/loginbutton

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/js/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hellozest.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 13:47:55 GMT
server: nginx/1.20.0
vary: Origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 health Show response
app.hellozest.io/ 3 B
1 KB 387ms
126ms Fetch
text/html 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/health

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/js/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.hellozest.io
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK zendesk_full.svg
www.hellozest.io/images/ 4 KB
5 KB 110ms
110ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/zendesk_full.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 1ea4eb152d3c555295b4076027af34d1f4ff633b14870596228d4da340446c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"11d9-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4569

GET
H/1.1 200
OK amilia.svg
www.hellozest.io/images/logos/ 7 KB
7 KB 113ms
111ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/amilia.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 9ad093b8e7fb845c824e61c807e160711592efba470ff8086af66691db76871f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"1a2f-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6703

GET
H/1.1 200
OK kiute.png
www.hellozest.io/images/logos/ 32 KB
33 KB 220ms
218ms Image
image/png 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/kiute.png
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: c1f353715baffd449dfe762f782de6343cefcefb9d2a0af9e7d1d00902f36d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"81fd-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33277

GET
H/1.1 200
OK smile.svg
www.hellozest.io/images/logos/ 5 KB
5 KB 113ms
111ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/smile.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 9cd871707706b518c3636518f317a39c2ae4c4be0502368bafe663a6c7c8c47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"148e-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5262

GET
H/1.1 200
OK aula.svg
www.hellozest.io/images/logos/ 4 KB
4 KB 326ms
110ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/aula.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 54051033b6862e01c448d9eb27c2266522369a98af95e0c26d131f014512bd0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"f41-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3905

GET
H/1.1 200
OK agorapulse.svg
www.hellozest.io/images/logos/ 3 KB
4 KB 326ms
110ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/agorapulse.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 4139536cf8092fa87cf2a8d2d6025513a3efac5ad637306c1272eb2181107e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"ce5-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3301

GET
H/1.1 200
OK logiwa.png
www.hellozest.io/images/logos/ 7 KB
7 KB 201ms
110ms Image
image/png 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logos/logiwa.png
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 00129d09c3026424a171ad73fbd2a05f6209c4fe007f9a518c116230959842a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/zendesk-demo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"1a1c-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6684

GET
H/1.1 200
OK illustration-section-01.svg
www.hellozest.io/images/ 57 KB
58 KB 197ms
110ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/illustration-section-01.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: 46b4ee252c94bdd23b7d7a0d6c569d42a262ee0afda77e05229fe7cd2bb0c3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"e565-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58725

GET
H/1.1 200
OK illustration-section-05.svg
www.hellozest.io/images/ 6 KB
6 KB 201ms
110ms Image
image/svg+xml 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/illustration-section-05.svg
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: f1a1e970e6dcbd830a9589a45ed7ec7ab55950fc553419183ea8d0b1b192d6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"189a-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6298

GET
H/1.1 200
OK logo.png
www.hellozest.io/images/ 5 KB
6 KB 109ms
108ms Image
image/png 3.13.230.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hellozest.io/images/logo.png
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/css/addon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.230.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-230-122.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: de41570fd00303de7a584deab232c0878c70366faa77e1ccf3a1d3d48634e84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/css/addon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:47:55 GMT
ETag: W/"151f-180648e0270"
Last-Modified: Tue, 26 Apr 2022 06:27:50 GMT
Server: nginx/1.18.0
X-Powered-By: Express
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5407

GET
H3 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:700|Oxygen:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hellozest.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:01:20 GMT
x-content-type-options: nosniff
age: 351995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:01:20 GMT

GET
H2 200 6135eedfd464876e2d15fdf2.json Show response
client.axept.io/ 5 KB
3 KB 136ms
72ms Fetch
application/json 2600:9000:2315:7e00:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/6135eedfd464876e2d15fdf2.json?r=0
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7e00:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb88f711a04de04b0069df3aac6ef0c97cf232c84a02d3149515c99eeb17930a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Mon, 06 Sep 2021 10:37:39 GMT
server: AmazonS3
etag: W/"7a2b3c366adcb8b9935f284e79556202"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: TQgdDTgYS1Dx43EVx0dDYlHuSatqvIzg
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
content-type: application/json
x-amz-cf-id: O4F3fIyMPdgh0_e602IIsjjN2x5i_hiW3TgwzL_dx2NsgN6ZX-ffdg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3984313%26time%3D1653054475389%26url%3Dhttps%253A%252F%252Fwww.hellozest.io%252Fz...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true&e_ipv6=AQLxB-PcEJCSaAAAAYDhuY8EN-TUHc-YB3ToggZUi2FyKVqgX...

0
265 B

765ms
721ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true&e_ipv6=AQLxB-PcEJCSaAAAAYDhuY8EN-TUHc-YB3ToggZUi2FyKVqgX3Vko6c21XpvjNkYmX-du88gUXRFu9rD8DeqEjZlFQUeww
Requested by: Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3F186D3EEB99458FBB0DA2D8C1079E21 Ref B: VIEEDGE1206 Ref C: 2022-05-20T13:47:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXfcbziIVo9Vq2XlDNHqw==
x-li-fabric: prod-lor1

Redirect headers

date: Fri, 20 May 2022 13:47:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 50538A4BEDA94437B6815C186823BB78 Ref B: VIEEDGE1016 Ref C: 2022-05-20T13:47:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3984313&time=1653054475389&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&liSync=true&e_ipv6=AQLxB-PcEJCSaAAAAYDhuY8EN-TUHc-YB3ToggZUi2FyKVqgX3Vko6c21XpvjNkYmX-du88gUXRFu9rD8DeqEjZlFQUeww
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXfcbzWdcY9u51jo0Pysw==

GET
H2 200 web-widget-classic-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 13 KB
4 KB 20ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ecc78f4686bcf2b48ded6825dc558e169e5875119a519e34490f76db59a761

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306875
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1MV28FGAVEXA6XG5
x-amz-id-2: ptbQ5/7H9OaXhOsBs5k4Ptv95bTWrTqUvt6XgaCETrliTjxGr7NzHZNGLe9+x688hcDiV/Su3pg=
last-modified: Thu, 12 May 2022 07:56:23 GMT
server: cloudflare
etag: W/"666e015fc48311f9c2fb30275633baa9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdIMLyJq0r8V%2BksV3CLzExjDv3b%2BB8McKGQ26iU5RJ%2BDkDrYPb%2Fe%2BqekUPm9El7ovUBY0eprhj3bEHHU5pJpZ2DpAGIv%2Bq8yf%2FEq8uNvYvXBS8%2ByXnCS%2F8zAxiDf9NifTGQOiLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7tj7RMhypsbEY7gVCRSLZOETfDShbXDc
cf-ray: 70e586e73b0e91ef-FRA
expires: Fri, 12 May 2023 07:56:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10788441251/ 2 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10788441251/?random=1653054475393&cv=9&fst=1653054475393&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&tiba=Zest&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff877889395b493cf3844282c0a778cd5c4edd1c366fc46f69448008ee1b9749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.60

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: /GRhiHpUeUSOZoSTbafrWFV4N48rXIROOQRqnt15uHIkQMXrOpaCzfIb39lucIVIyVI5K1bwhkMl58/msdUX3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 13:47:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 271201565110051 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 71ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271201565110051?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e37a3ffeb28da8b59b0cdc2ccc8b3f9d667ba7a9de6304c98312892dbbfd1e4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: kFZZyhcDdMw5lw+39YYDC2z3rRY++5XA7MzgNuAv33b05KkjZTzbW0n0NEjmjxXXQ5Ge7UlFSGJ8uN9IEW31mA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 13:47:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653054475474
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/ec0ced91/ Frame 80D0 336 KB
46 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47270
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:52:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/ Frame 80D0 281 KB
86 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88442
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:53:17 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame 80D0 2 MB
529 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541747
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:52:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/ Frame 80D0 9 KB
3 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:53:17 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
348 B 38ms
14ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4GRBDQD774&gtm=2oe5b0&_p=403620159&_z=ccd.tfB&cid=1188017814.1653054475&ul=en-us&sr=1600x1200&_s=1&sid=1653054475&sct=1&seg=0&dl=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&dt=Zest&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GRBDQD774&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:47:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hellozest.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80D0 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 247274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 17:06:41 GMT

GET
H2 200 web-widget-1816-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 641 KB
189 KB 38ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-1816-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fb3bb1efc45258581e04683102d53437f11869802b0020ed26b89d62ae73d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306875
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1MV6BZ71S9JA5T9Q
x-amz-id-2: WOEl1PGKW9+Kjz2og84+r1Wuy5CQot2p89mtKka3ulIgEhhicb3YGzwbAtok0lgzc3vH7Wj++vE=
last-modified: Thu, 12 May 2022 07:56:23 GMT
server: cloudflare
etag: W/"13aad8e4de0bac8f9634c7812d1198c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saSowy0aFC8PJZYOj0NpAktlKqd2vWcIjxIm%2FA4ooiXrFppIGKHEtSpS4%2FFuWEB915NVUz3xFvVvT6IshdhQSPm2C9wq1RNq8Ck%2BoQshCupr%2Fj5oR%2Fj0zKzK8oe6N1leUEG0xYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3sbKc.ObiFsEgc2O6i6uqc.mbFxMjoda
cf-ray: 70e586e7abf291ef-FRA
expires: Fri, 12 May 2023 07:56:22 GMT

GET
H2 200 web-widget-4794-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 465 KB
105 KB 30ms
28ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-4794-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5851af667e6f1dd4a57b5ee2433449dabb8b92f99b2c071fb2d9d89aa476c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306875
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1MV2BX1JTXMWPNGF
x-amz-id-2: eMwEFtl+U86nV+f+M/mffTuNGKpoyIFB9l85b6WKqO7arxlVC9zaQPr2ycznCveS0s6KyvegLJ4=
last-modified: Thu, 12 May 2022 07:56:23 GMT
server: cloudflare
etag: W/"6ed27e309b534047aef81c81e001ecb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dYEdc1%2FJlAleNJMhiA9I%2Fe%2FjAL8NHEvC%2FDN7xCmAWcnYrAJ5SInM3dxffXQgKXvDwlwIZJoR2SvCq06qlI5gONRC7KvpTr3s2RCHvyK9fJzMC397bowvml2SLt55YGHgQ%2FXaOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UuhhlnRUoAOCvXvpFbr2gexBgWlFpWMH
cf-ray: 70e586e7abf891ef-FRA
expires: Fri, 12 May 2023 07:56:22 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10788441251/ 42 B
548 B 44ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10788441251/?random=1653054475393&cv=9&fst=1653051600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&tiba=Zest&async=1&fmt=3&is_vtc=1&random=2955941239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10788441251/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10788441251/?random=1653054475393&cv=9&fst=1653051600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&tiba=Zest&async=1&fmt=3&is_vtc=1&random=2955941239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 31ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271201565110051&ev=PageView&dl=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&rl=&if=false&ts=1653054475509&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1653054475508.1818339695&it=1653054475401&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 31ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271201565110051&ev=PageView&dl=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&rl=&if=false&ts=1653054475511&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1653054475508.1818339695&it=1653054475401&coo=false&exp=p1&rqm=GET

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271201565110051&ev=View%20content&dl=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&rl=&if=false&ts=1653054475512&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1653054475508.1818339695&it=1653054475401&coo=false&exp=p1&rqm=GET

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H2 200 embeddable_blip Show response
d3v-zest.zendesk.com/ Frame 3A80 0
363 B 40ms
40ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d3v-zest.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAxLjAuNDk1MS42NCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiODkzYTE1MTE2ZDA5NDI5NGE1YmVlODQ4ZjlkM2M5YzciLCJzdWlkIjoiMDkyMjVkYjRhNjUyNGFkNDhjYjg1OWIxZTMzNTVkMjIiLCJ2ZXJzaW9uIjoiMzhjOTVjYSIsInRpbWVzdGFtcCI6IjIwMjItMDUtMjBUMTM6NDc6NTUuNTk3WiIsInVybCI6Imh0dHBzOi8vd3d3LmhlbGxvemVzdC5pby96ZW5kZXNrLWRlbW8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: d66f8ba8cf15645136d118017477ca37
last-modified: Fri, 20 May 2022 13:47:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8ItBnT6fJguuxJvGD1cIF9Tt36SpZiGLRcysAm8i1Ji8ACFa79gzL1VSmvPrvjPShC6Y3ZCmQJfWJ%2BR%2FK6f8Af6rTwFwsL4ZM5w%2B2379k9Rp97%2FFdG4AspjH6CpwYnPlavHnTgG"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.hellozest.io
accept-ranges: bytes
cf-ray: 70e586e88d16912b-FRA

GET
H2 200 de-de-json-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 3A80 27 KB
7 KB 21ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306874
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BG9CN08VQ5VMNHEY
x-amz-id-2: GZwdzNNxWR87tBhPFiK3aKIZDuxWsHHZOzBzXPxqqmCA0iZr9CHocvPwRFqHxHuCGfN6tY6bSTQ=
last-modified: Thu, 12 May 2022 07:56:24 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elCfwE9fq6rYCLVxd5%2BRp0aSynupPYnz8K0QK%2FsqZVnabwqjCJe58rUFX5RPNDeF1LjrEqMaT56Yq89WOGL0Pwhjb%2B82JfGQe27wHyGdYHHG627BkyY5QWTvKnD6d%2FPXTfyqGFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: dXXfK37jUQH41aeN.X3BoVPR_7YgU4jb
cf-ray: 70e586e89d9691ef-FRA
expires: Fri, 12 May 2023 07:56:23 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 80D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

16ms
16ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b5a564f0aa6ae6f2329b3f73d27b5af215da445c24670b15dd627642f5619e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 80D0 29 B
588 B 28ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:40:21 GMT
x-content-type-options: nosniff
age: 454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 May 2022 13:55:21 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
15ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 20 May 2022 13:47:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 80D0 45 KB
22 KB 37ms
23ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8cad01204a17d259056b8c7fefbb131c2afaf2b5bd839099d61e00e4d9078b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22125
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame 80D0 119 KB
37 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37805
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:52:14 GMT

GET
H3 200 J-JqwDdrHMrAGx52GI7A_c8zl3LVl5ImfaYMzf75s1I.js Show response
www.google.com/js/th/ Frame 80D0 35 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/J-JqwDdrHMrAGx52GI7A_c8zl3LVl5ImfaYMzf75s1I.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27e26ac0376b1ccac01b1e76188ec0fdcf339772d59792267da60ccdfef9b352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13655
x-xss-protection: 0
last-modified: Mon, 02 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 08:40:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame 80D0 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8029
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:56:20 GMT

GET
DATA 200
OK truncated
/ Frame 80D0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSd-a_iEoXKfZeGRmQ2nAy2jx6arvecukwIaYPz=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 80D0 3 KB
3 KB 43ms
21ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSd-a_iEoXKfZeGRmQ2nAy2jx6arvecukwIaYPz=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a4278f5efd8d3b61bd2c7cfc4858cd529e476353f13f33f53d8ad845e12ca98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2770
x-xss-protection: 0
server: fife
etag: "v48"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 May 2022 09:04:38 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/IXRT5KvsBmE/ Frame 80D0 67 KB
68 KB 108ms
85ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/IXRT5KvsBmE/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20a7cba8ede879c8180b8992c5cbf224e0c91adb425d2fbad72bd69a5caec1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
server: sffe
etag: "1635353357"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68898
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 20 May 2022 15:47:55 GMT

GET
H2 200 web-widget-chat-sdk-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 202 KB
51 KB 24ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b30953e01a5ba895b0b7173bec99f93adeb7d33e9ca76b2e0d69688aba0017e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306874
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BG9EW8HR5HNQ04A3
x-amz-id-2: nCN59AVBkkX/cZojE0MVbfr6Ac313Yzc17CU9HsvLW2QHVU89gBNHWl+AhSgR9w0NxpSJXv1S5k=
last-modified: Thu, 12 May 2022 07:56:23 GMT
server: cloudflare
etag: W/"42f501240bd78580d4623ea5583ed406"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAgYqrIrdkueP2FTeiQmTdTy1VJtdb68JX%2FXdhp69RqFfXbaVMPQUQXf0o%2BQJC69KjE4em3S2vZnzDE1M3ZaLwYWxaDuLYiI7GKqUAFJS1DVSbmosY8lwkdcW670L4%2FW8EAhx6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: EybMuZ.Z380Sc4INtC3bu2LX5CFrePoE
cf-ray: 70e586e9f80291ef-FRA
expires: Fri, 12 May 2023 07:56:22 GMT

GET
H2 200 embeddable_blip
d3v-zest.zendesk.com/ Frame 3A80 0
0 30ms
30ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d3v-zest.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InRpbWUiOjI0NiwibG9hZFRpbWUiOjM3LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiWmVzdCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDEuMC40OTUxLjY0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlLCJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmhlbGxvemVzdC5pby96ZW5kZXNrLWRlbW8ifSwiYnVpZCI6Ijg5M2ExNTExNmQwOTQyOTRhNWJlZTg0OGY5ZDNjOWM3Iiwic3VpZCI6IjA5MjI1ZGI0YTY1MjRhZDQ4Y2I4NTliMWUzMzU1ZDIyIiwidmVyc2lvbiI6IjM4Yzk1Y2EiLCJ0aW1lc3RhbXAiOiIyMDIyLTA1LTIwVDEzOjQ3OjU1Ljg0MloiLCJ1cmwiOiJodHRwczovL3d3dy5oZWxsb3plc3QuaW8vemVuZGVzay1kZW1vIn0=

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-18a6bbaeee17262f066c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 3e87516e47080f3fd559836e92871fe2
last-modified: Fri, 20 May 2022 13:47:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLCiWQNmEn%2Fp6bvejBmQaOV5Hn7flFpRQUqPltmDA2v2i8QNmQm%2FWD7C7S1mYxGvQzejbg5z7vIfBdpQYMZ1H4pMetRWXMn8rLaSYM%2Bpum0e6PDPH4V5Mfx3tWtkfTNVDDro2I8A"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.hellozest.io
accept-ranges: bytes
cf-ray: 70e586ea18e2912b-FRA

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 80D0 4 KB
3 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 13:47:55 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 80D0 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?cXJjEA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/IXRT5KvsBmE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 80D0 52 KB
15 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 21 May 2022 08:52:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271201565110051&ev=Microdata&dl=https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo&rl=&if=false&ts=1653054476019&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Zest%22%2C%22meta%3Adescription%22%3A%22With%20Zest%2C%20users%20can%20record%20their%20screen%20and%20voice%20and%20instantly%20share%20their%20feedback%20in%20less%20time%20than%20it%20would%20take%20to%20take%20screenshots%2C%20annotate%20them%20and%20type%20an%20email.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo%22%2C%22og%3Adescription%22%3A%22With%20Zest%2C%20users%20can%20record%20their%20screen%20and%20voice%20and%20instantly%20share%20their%20feedback%20in%20less%20time%20than%20it%20would%20take%20to%20take%20screenshots%2C%20annotate%20them%20and%20type%20an%20email.%22%2C%22og%3Atype%22%3A%22video.other%22%2C%22og%3Atitle%22%3A%22Zest%20Demo%20-%20Secure%20screen%20recording%20for%20Support%20teams%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hellozest.io%2Fimages%2Fmeta-demo.png%22%2C%22og%3Aimage%3Awidth%22%3A%22700%22%2C%22og%3Aimage%3Aheight%22%3A%22504%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fwww.hellozest.io%2Fzendesk-demo%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.1.1653054475508.1818339695&it=1653054475401&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 20 May 2022 13:47:56 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 80D0 98 B
142 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77fcedb96591c343b7ce93170f1a3fd7040b7aca38e8badfe2cbfdd79a65b9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 20 May 2022 13:47:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 web-widget-chat-incoming-message-notification-38c95ca.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 208 B
630 B 28ms
28ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-38c95ca.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-38c95ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306874
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 306BHC3HCXYSCAZ0
x-amz-id-2: gNZSkQcn+Dg05ik0lgnS62IscY6IIPy39mtvL1GXPji7WYFe3XmPTOtVThEw1l8/RtCw5g24680=
last-modified: Thu, 12 May 2022 07:56:23 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBdqHtynLgVPufWasEiqIVmE5hWk4JvgC0KE1X2v%2FeykxInPC7ZxeN9gCtC5kP1nZV5mXdDi4mP%2FPOJ6hQ%2BfLApd7E7Wny5VJAuL9HAMB2mJmrYkB557HLy%2FXR1WCqNUQlr66lI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 2k4L0aUkyrkE1yqCc8K.H5vLtd.dkHx5
cf-ray: 70e586ec2c4391ef-FRA
expires: Fri, 12 May 2023 07:56:22 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 3A80 19 KB
20 KB 24ms
23ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6439370
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 7EGPXZHMK2QBMHZ4
x-amz-id-2: v7yf28sATFm9cv7zEB3MF3nkt9+hbmGaH0kl0OR+OlqQHNwQAsoN4UD5GMrFXBf8qkMKi8sShGA=
last-modified: Sat, 05 Mar 2022 21:30:07 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjUal56RFDU9hFUZn0YX7KElmWD0bNNSdBR%2BvPAz9lNsQyaPqqNyrp26sN4kWByf%2BuckPyYuGCgf2sI0qmFx2Ms62mBDkDZTOtFPeS8rX%2FwSHNicqio%2FNtq%2Fg%2BRWzMG5xvVY0Mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rEiIcwVoP6Gqhntax3yVPyGX.ebLEQ6h
Content-Length: 19698
cf-ray: 70e586ec5c8891ef-FRA
expires: Sun, 05 Mar 2023 21:30:06 GMT

GET
H2 200 e4bf56a2 Show response
app.hellozest.io/zendesk/widget/ 4 KB
6 KB 146ms
142ms Script
application/javascript 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/zendesk/widget/e4bf56a2

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

bbe0931deb7450babbb9b42f4e95b189ddb8529ee2409525595bdff2fd169f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
cache-control: no-cache, private
x-content-type-options: nosniff
server: nginx/1.20.0
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8

GET
H2 200 e4bf56a2 Show response
app.hellozest.io/widget/ 322 KB
324 KB 468ms
464ms Script
application/javascript 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/widget/e4bf56a2

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ab590bc41ac69ff7cb6e5bad48b3093c7d2692ac669caba925b783b9958c911b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 05:49:58 GMT
server: nginx/1.20.0
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public
accept-ranges: bytes
content-length: 329790
x-xss-protection: 1; mode=block

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/awzqwki9
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

106ms
24ms

Script
application/javascript

99.86.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 99.86.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-39.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8970aa5fc14d1ac130fb97a267426b51eeb0a14c65b1aa95073b669a4d0b883b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 20 May 2022 13:44:28 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 17:09:23 GMT
server: AmazonS3
age: 210
etag: "c482e40d975ed074be723d73c0a12fc5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 6156
x-amz-cf-id: C7QHiEe6BoKTK71pZEAZ7zvaT1ptmOKC2M75C6yoxM3ocI5NxzBKUw==

Redirect headers

date: Mon, 14 Feb 2022 06:47:04 GMT
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
server: AmazonS3
age: 8233253
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: 0z-hAiHTA2RnP8S5y_MslCfuad0wvhQtrLAbxEE8g9JuS_ID2NuV9A==

GET
H2 200 e4bf56a2 Show response
app.hellozest.io/widget/embed/ 142 KB
143 KB 249ms
246ms Script
application/javascript 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/widget/embed/e4bf56a2

Requested by

Host: www.hellozest.io
URL: https://www.hellozest.io/zendesk-demo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

0e5d1a29ea8e126137a064270e952bdcccc6f1ebe89a54abffbaacb4cb14f0a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:56 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
content-disposition: attachment; filename="main.js"
x-xss-protection: 1; mode=block

GET
H2 200 frame-modern.27278550.js Show response
js.intercomcdn.com/ Frame 7923 314 KB
84 KB 27ms
27ms Script
application/javascript 99.86.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.27278550.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/awzqwki9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-39.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf51c93a6e7c11eda07567fae4fe5937876ab4ce54a007b52c713e7f4bf6fba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 20 May 2022 13:09:26 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 17:08:10 GMT
server: AmazonS3
age: 2311
etag: "a78ed3181e64b43ec7322916e51107c7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 85311
x-amz-cf-id: GIbNY8B5RQXXrXDpJwz03LWplotUJjOQzPEaS5QEc-JW7wJf3ztLbQ==

GET
H2 200 vendor-modern.84b6e3af.js Show response
js.intercomcdn.com/ Frame 7923 136 KB
42 KB 60ms
59ms Script
application/javascript 99.86.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.84b6e3af.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/awzqwki9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-39.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96a22ec4ff8c2b7a4c3c8eacfc75c591c39fe48a0a2a6b9c123ed8944e3a27b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 20 May 2022 13:09:26 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 17:08:10 GMT
server: AmazonS3
age: 2312
etag: "b843378fb5da4bf1ef317da3c4a39ea6"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 42640
x-amz-cf-id: YMmf9YsrbvP808Fg9LkVhELjtpZs3Ls3rXGfI9iwGzI_xu3LBZ754A==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 7923 4 KB
2 KB 847ms
643ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.27278550.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

ca883747638cb88eaecdc18ecc543892f426f3e84b93e2b14411c032f761c69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 May 2022 13:47:57 GMT
content-encoding: gzip
x-ami-version: ami-0b6a6480dd0a84b5c
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0004u7r1hoije1l6i4h0
x-runtime: 0.538337
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ca883747638cb88eaecdc18ecc543892"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hellozest.io
x-intercom-version: 0331a850f4762989854c0f9e299f3f02e9a4ad72
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1653054480
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 main.css
app.hellozest.io/blur/css/ 11 KB
12 KB 109ms
109ms Stylesheet
text/css 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/blur/css/main.css

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/embed/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

3087421e4e5dd82c8513b1560cbfcbb27f698d6584abf4162994e2793f504806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 05:49:58 GMT
server: nginx/1.20.0
etag: "62872c06-2d9b"
content-type: text/css
accept-ranges: bytes
content-length: 11675
x-xss-protection: 1; mode=block

POST
H2 200 e4bf56a2 Show response
app.hellozest.io/wsauth/ 174 B
1 KB 156ms
155ms XHR
application/json 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/wsauth/e4bf56a2

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/embed/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

fd37462849845c9989b0747589731198a49f5120a2e28f860d10f6a94da03cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cache-control: no-cache
Referer: https://www.hellozest.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 May 2022 13:47:57 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hellozest.io
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

OPTIONS
H2 204 e4bf56a2
app.hellozest.io/wsauth/ Frame 0
0 118ms
118ms Preflight 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/wsauth/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://www.hellozest.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://www.hellozest.io
access-control-max-age: 0
cache-control: no-cache, private
date: Fri, 20 May 2022 13:47:57 GMT
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.css
app.hellozest.io/widget/assets/css/ 14 KB
15 KB 110ms
109ms Stylesheet
text/css 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/widget/assets/css/main.css

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

d12662e30cfedf40c2e7820393e82c8f567cad32cf2171a4c55e2e6b35a9bc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 05:49:58 GMT
server: nginx/1.20.0
etag: "62872c06-397d"
content-type: text/css
accept-ranges: bytes
content-length: 14717
x-xss-protection: 1; mode=block

GET
H2 200 auth Show response
app.hellozest.io/widget/e4bf56a2/ 333 B
2 KB 142ms
142ms XHR
application/json 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellozest.io/widget/e4bf56a2/auth?audience=visitors&referer=https://www.hellozest.io/zendesk-demo

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

3a63e1d7626d0470bff59f1b70fe15dc914cc9a6d6648766bbc2911153835b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hellozest.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:57 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hellozest.io
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
428 B 35ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/assets/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:26:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 13:47:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 13:47:57 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 80D0 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/IXRT5KvsBmE
X-YouTube-Client-Version: 1.20220517.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtzcHRMWlFWNzVxWSiLuJ6UBg%3D%3D
X-YouTube-Ad-Signals: dt=1653054475618&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C896%2C538&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 20 May 2022 13:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 20 May 2022 13:47:58 GMT

POST
H2 200 livesync Show response
api.hellozest.io/v1/ 2 B
1 KB 126ms
125ms XHR
text/html 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hellozest.io/v1/livesync

Requested by

Host: app.hellozest.io
URL: https://app.hellozest.io/widget/embed/e4bf56a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cache-control: no-cache
Referer: https://www.hellozest.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 20 May 2022 13:47:58 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.hellozest.io
x-ratelimit-remaining: 119
cache-control: no-store, no-cache, must-revalidate, no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 120
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 204 livesync
api.hellozest.io/v1/ Frame 0
0 137ms
119ms Preflight 18.190.30.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hellozest.io/v1/livesync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.30.138 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-30-138.us-east-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://www.hellozest.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://www.hellozest.io
access-control-max-age: 0
cache-control: no-cache, private
date: Fri, 20 May 2022 13:47:58 GMT
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 thumbprint-full.png
axeptio.imgix.net/2019/01/ 26 KB
27 KB 35ms
12ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2019/01/thumbprint-full.png?hue=50&sat=100&bri=55&w=200

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

402dfd177a61a9614dc9c6261191ae886dd07f2c6438ad9863eccd462f7db0e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:59 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Wed, 16 Mar 2022 09:05:36 GMT
server: imgix
age: 5632942
x-cache: MISS, HIT, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 0b8e32f08df2a3c464c89655eb3050b0a8b0af77
accept-ranges: bytes
content-length: 27009
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10031-SJC, cache-sjc10041-SJC, cache-sjc10040-SJC, cache-fra19138-FRA

GET
H2 200 persos_site_suite_05.png
axeptio.imgix.net/2020/09/ 6 KB
7 KB 35ms
12ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=96&h=96&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b8dc9d359d62bab5075ed8af0213ffcad687d53f7891fb870f47cf99e1738707

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:59 GMT
x-content-type-options: nosniff
age: 5546004
x-cache: MISS, HIT, HIT, HIT
x-imgix-id: 1b8c38011741d8d3dff050b7e708674f6bdf5f11
fastly-restarts: 1
x-served-by: cache-sjc10072-SJC, cache-sjc10078-SJC, cache-sjc10078-SJC, cache-fra19138-FRA
accept-ranges: bytes
last-modified: Thu, 17 Mar 2022 09:14:35 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 6634
cross-origin-resource-policy: cross-origin

GET
H2 200 persos%20site-44.png
axeptio.imgix.net/2021/02/ 9 KB
10 KB 14ms
11ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2021/02/persos%20site-44.png?auto=format&fit=crop&w=170&h=auto&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

df17f967bc50d1f730bac9414676ae71d8c67928ed831ad7fa223ad2901ae9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellozest.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:47:59 GMT
x-content-type-options: nosniff
age: 3371399
x-cache: MISS, HIT, HIT, HIT
x-imgix-id: 35da1315f14fc465ff00dcb0914dbb7dcaa7590b
fastly-restarts: 1
x-served-by: cache-sjc10074-SJC, cache-sjc10055-SJC, cache-sjc10080-SJC, cache-fra19138-FRA
accept-ranges: bytes
last-modified: Mon, 11 Apr 2022 13:17:59 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 9682
cross-origin-resource-policy: cross-origin

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hellozest.io/	1970-01-20 05:20:30	Name: _gcl_au Value: 1.1.691027331.1653054475
www.hellozest.io/	1970-01-20 11:56:30	Name: axeptio_cookies Value: {%22$$token%22:%222nrkcsxjgxeu0qoxxxxd7%22%2C%22$$date%22:%222022-05-20T13:47:55.378Z%22%2C%22$$completed%22:false}
www.hellozest.io/	1970-01-20 11:56:30	Name: axeptio_authorized_vendors Value: %2C%2C
www.hellozest.io/	1970-01-20 11:56:30	Name: axeptio_all_vendors Value: %2C%2C
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: aMmEOB8zk-k
.youtube.com/	1970-01-20 07:30:06	Name: VISITOR_INFO1_LIVE Value: sptLZQV75qY
.hellozest.io/	1970-01-20 20:42:06	Name: _ga_4GRBDQD774 Value: GS1.1.1653054475.1.0.1653054475.0
.hellozest.io/	1970-01-20 20:42:06	Name: _ga Value: GA1.1.1188017814.1653054475
.doubleclick.net/	1970-01-20 03:10:55	Name: test_cookie Value: CheckForPermission
.hellozest.io/	1970-01-20 05:20:30	Name: _fbp Value: fb.1.1653054475508.1818339695
.facebook.com/	1970-01-20 05:20:30	Name: fr Value: 09FaHZYf61t2T39ZS..Bih5wL...1.0.Bih5wL.
.linkedin.com/	1970-01-20 03:54:06	Name: UserMatchHistory Value: AQJfwO8wg5P8IgAAAYDhuY0TSkViwDehxcV0vek3oI8HweL0SaqYptEL542IYVfXdKq8uBJsvHTv7Q
.linkedin.com/	1970-01-20 03:54:06	Name: AnalyticsSyncHistory Value: AQJ7UNkWqUa7cQAAAYDhuY0TVp9BhQY1_vLllw5xkTrILXFymkQWhrCXe4xeYS1TxYo8yjezFSy61iAg6sXwTw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:42:48	Name: bcookie Value: "v=2&c26d5927-932d-4042-8d50-fd71f5004770"
.linkedin.com/	1970-01-20 03:12:20	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2311:u=1:x=1:i=1653054475:t=1653140875:v=2:sig=AQEuvp89USjpLeeX_wjcLNALglh8xUfX"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:42:48	Name: bscookie Value: "v=1&202205201347555cf1fe2e-872e-4710-8cbb-c97c343b9844AQH-TCvcJsKlxreTXQgQ_aMl7gl058Ru"
.linkedin.com/	1970-01-20 20:30:50	Name: li_gc Value: MTswOzE2NTMwNTQ0NzU7MjswMjGdA7m2/ZDxfWZixwPHlfWGOF1683qOlCFv8LvHXxLc6w==
widget-mediator.zopim.com/	1970-01-20 03:20:59	Name: AWSALBCORS Value: SeMYKc0q9mrF+lZzrKKDF737kiZ1Yu5Y/1GerWL1pWFubNv5cUccWeHahQ/1rjds0Ub8YboOADZDaHK5GRHMGLWH4/K4tK94gaSRF5Ui/Q2Db0GU8rt5vFDl7o79
.hellozest.io/	1970-01-20 11:56:30	Name: __zlcmid Value: 1A4kwIINt9urKma
.hellozest.io/	1970-01-20 03:11:01	Name: XSRF-TOKEN Value: eyJpdiI6IjhyNHgzT3B0ZnNjcllVWGVMdlZCRkE9PSIsInZhbHVlIjoiK2FycHVRSFVvU0s1T2JTNENWTmoxRjJLaW16UGxIY3c5K3p4NWM3ZHVYK2ZzYU80QnpVbXB5T0dIV3pXeEFSVjNRZ3BJZGdGYWFLa2NBQmk0MTJ1ZEhWckkwMDhBY0k2eGpHOWxRTVQ1eTNwTUUzZXN2c1lxQ29OYlhFTm1XYloiLCJtYWMiOiI0MzA3Njc0YWM4YmQ4OGFkMTQ3YzI1YzIwZWVmMWJkNjIxOGM5YTMyZDg3NGU5YTI1ZGYyNmJhN2YxZjQyMTIxIiwidGFnIjoiIn0%3D
.hellozest.io/	1970-01-20 03:11:01	Name: zest_session Value: eyJpdiI6InBFeVUyQkVNTWVRZVBycnZ6TmZSeFE9PSIsInZhbHVlIjoiMzh3ZkEwT0RtMjJoTXlvQ08vTnhNcDVjYm1PUkNxU1g5YjlUV1ppNkxudDRST0EvYXYyRC9EQ0IvUmRIRUJGQ0xjU2ZWbUc2WlFyb2Y4TjlsZ1FNU3U5NjRiTFRQTXhCM1I5bzNNck03QUgxRXR5VHhHWC91K0NEeGpmdWFYdTAiLCJtYWMiOiJiZjBjOTVjOWVjNDUwYzM5YmQ0NWEzZGY0NjE1YTIxN2YyZmQyZGNiNzliM2M4YjEyYTAxZTA2ZWEzYzhkMjJmIiwidGFnIjoiIn0%3D
app.hellozest.io/	1970-01-20 03:20:59	Name: AWSALB Value: 4fRsfRUv4/48NNB93hCiW6wO2qVZnv23POmswQhKtosIyJi+SZ8jwJ5vrqE+B3Awev7KHus2RYqC//GSc1TnQUyDRB+ue+UbCO5t3GXY60c+fx0QdZ/NGRptfpaz
app.hellozest.io/	1970-01-20 03:20:59	Name: AWSALBCORS Value: 4fRsfRUv4/48NNB93hCiW6wO2qVZnv23POmswQhKtosIyJi+SZ8jwJ5vrqE+B3Awev7KHus2RYqC//GSc1TnQUyDRB+ue+UbCO5t3GXY60c+fx0QdZ/NGRptfpaz
.hellozest.io/	1970-01-20 09:39:44	Name: intercom-id-awzqwki9 Value: 7679c2bd-a5c0-4dc3-845c-60a3e379aaaa
.hellozest.io/	1970-01-20 03:20:59	Name: intercom-session-awzqwki9 Value:
socket.hellozest.io/	1970-01-20 03:20:59	Name: AWSALB Value: BTKBsd9pGOHDXRlRAGgFx/tCyLv/2RFPi5R3D5Nxx+4O98xkjnQ9VNEbb45H19inRvm25+0Ild7/7vAlJYDmazdPEkifnk6FdRdWHHwqpVEvLMWyImGs+hx3PDFs
socket.hellozest.io/	1970-01-20 03:20:59	Name: AWSALBCORS Value: BTKBsd9pGOHDXRlRAGgFx/tCyLv/2RFPi5R3D5Nxx+4O98xkjnQ9VNEbb45H19inRvm25+0Ild7/7vAlJYDmazdPEkifnk6FdRdWHHwqpVEvLMWyImGs+hx3PDFs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.hellozest.io
app.hellozest.io
axeptio.imgix.net
cdn.jsdelivr.net
client.axept.io
code.jquery.com
connect.facebook.net
d3v-zest.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
i.ytimg.com
jnn-pa.googleapis.com
js.intercomcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.axept.io
static.doubleclick.net
static.zdassets.com
unpkg.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.hellozest.io
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.16.51.111
104.18.70.113
108.157.4.112
13.107.43.14
18.190.30.138
2001:4de0:ac18::1:a:2b
216.24.57.3
216.58.212.162
2600:9000:21f3:2e00:1c:f638:2940:93a1
2600:9000:2315:7e00:19:61a3:b200:93a1
2606:4700::6810:5514
2606:4700::6810:7aaf
2620:1ec:22::14
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a02:26f0:3500:7::17d8:4dc7
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::720
3.13.230.122
99.83.219.81
99.86.7.39
00129d09c3026424a171ad73fbd2a05f6209c4fe007f9a518c116230959842a8
0559b1dcc306bc96fddb0258e3c584dec26156f7f09f80ca36786f4b35bdd8ef
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0e5d1a29ea8e126137a064270e952bdcccc6f1ebe89a54abffbaacb4cb14f0a5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1a76edb179f147995311b539605c6a021b726eb747e5d900f71e382fdaedfbe5
1ea4eb152d3c555295b4076027af34d1f4ff633b14870596228d4da340446c40
20a7cba8ede879c8180b8992c5cbf224e0c91adb425d2fbad72bd69a5caec1ca
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27e26ac0376b1ccac01b1e76188ec0fdcf339772d59792267da60ccdfef9b352
2aa771e5670a935633a31ca5144b27003313b9f0835fc55ba105340f312fde75
2c985ec6d5b29854c2f994d78affab71942958a0e7d590c51c46bd07a75fa69e
2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811
3087421e4e5dd82c8513b1560cbfcbb27f698d6584abf4162994e2793f504806
3a22420e29aa928da67cdc267fc569feb91d7989342b0498f88485325634a057
3a63e1d7626d0470bff59f1b70fe15dc914cc9a6d6648766bbc2911153835b8a
3bc4ac4300e0d51d745a728937262077d277ae5a26f984957066c41794667c59
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e37a3ffeb28da8b59b0cdc2ccc8b3f9d667ba7a9de6304c98312892dbbfd1e4
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
402dfd177a61a9614dc9c6261191ae886dd07f2c6438ad9863eccd462f7db0e3
4139536cf8092fa87cf2a8d2d6025513a3efac5ad637306c1272eb2181107e0a
46b4ee252c94bdd23b7d7a0d6c569d42a262ee0afda77e05229fe7cd2bb0c3aa
48fb3bb1efc45258581e04683102d53437f11869802b0020ed26b89d62ae73d2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
54051033b6862e01c448d9eb27c2266522369a98af95e0c26d131f014512bd0a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf51c93a6e7c11eda07567fae4fe5937876ab4ce54a007b52c713e7f4bf6fba
6ce41badf094a3b6520986dcc579501b802b85607faddc3d39755b58b396ebd4
6f5851af667e6f1dd4a57b5ee2433449dabb8b92f99b2c071fb2d9d89aa476c5
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
77fcedb96591c343b7ce93170f1a3fd7040b7aca38e8badfe2cbfdd79a65b9c2
7a4278f5efd8d3b61bd2c7cfc4858cd529e476353f13f33f53d8ad845e12ca98
808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4
85ecc78f4686bcf2b48ded6825dc558e169e5875119a519e34490f76db59a761
868d85b25454ea27da46ed906202f6a14344510d15005368222a246a49eb2af0
8970aa5fc14d1ac130fb97a267426b51eeb0a14c65b1aa95073b669a4d0b883b
8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4
92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9
96a22ec4ff8c2b7a4c3c8eacfc75c591c39fe48a0a2a6b9c123ed8944e3a27b5
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9ad093b8e7fb845c824e61c807e160711592efba470ff8086af66691db76871f
9b30953e01a5ba895b0b7173bec99f93adeb7d33e9ca76b2e0d69688aba0017e
9cd871707706b518c3636518f317a39c2ae4c4be0502368bafe663a6c7c8c47a
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
ab590bc41ac69ff7cb6e5bad48b3093c7d2692ac669caba925b783b9958c911b
ac24a90bdd2803697ad2888762fca1f7fcf8044c83b032e472b54db06e6ddc22
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
b8dc9d359d62bab5075ed8af0213ffcad687d53f7891fb870f47cf99e1738707
bbe0931deb7450babbb9b42f4e95b189ddb8529ee2409525595bdff2fd169f71
c12e5313fc7e6de3ce64887750d40dcffe04e618c7faf33317e4a5bc79df15cd
c1f353715baffd449dfe762f782de6343cefcefb9d2a0af9e7d1d00902f36d34
c36c98fd039e45780290506bcc4eb50b6c8119eb337f9dad235288550ad2bbcd
c39b727c45724e2446162982ef7eafb30a9aad8b9db79d2cfabbed0f200aeddb
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4
c8cad01204a17d259056b8c7fefbb131c2afaf2b5bd839099d61e00e4d9078b2
ca883747638cb88eaecdc18ecc543892f426f3e84b93e2b14411c032f761c69a
cba207d4ff7564b15f67bfbea217f516badabd0ecc243aa5d9b8f1261a895b76
d12662e30cfedf40c2e7820393e82c8f567cad32cf2171a4c55e2e6b35a9bc91
d3b5a564f0aa6ae6f2329b3f73d27b5af215da445c24670b15dd627642f5619e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626
db08f9fdccb60a180fde19d2e35ec8978490a01ea9399d9887b56556cb2bbe39
de41570fd00303de7a584deab232c0878c70366faa77e1ccf3a1d3d48634e84a
df17f967bc50d1f730bac9414676ae71d8c67928ed831ad7fa223ad2901ae9aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fb33f6455e252bf51b32fd889e91587abcd38c90078fc2068f7072d5518cb9
e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad
eb22ab1ba4eabf49b554674fba4e478a11d13186cb951875cf4cbd7fd10279b5
eb88f711a04de04b0069df3aac6ef0c97cf232c84a02d3149515c99eeb17930a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a1e970e6dcbd830a9589a45ed7ec7ab55950fc553419183ea8d0b1b192d6d8
f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd37462849845c9989b0747589731198a49f5120a2e28f860d10f6a94da03cf8
ff877889395b493cf3844282c0a778cd5c4edd1c366fc46f69448008ee1b9749

www.hellozest.io Open in urlscan Pro 3.13.230.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

95 %HTTPS

70 %IPv6

26 Domains

36 Subdomains

32 IPs

4 Countries

3271 kBTransfer

9613 kBSize

29 Cookies

9 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hellozest.io Open in urlscan Pro
3.13.230.122 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

95 %
HTTPS

70 %
IPv6

26
Domains

36
Subdomains

32
IPs

4
Countries

3271 kB
Transfer

9613 kB
Size

29
Cookies

99 HTTP transactions
1 data transactions