urlscan.io logo urlscan.io
SecurityTrails logo

accounts.newscred.com Open in urlscan Pro
3.211.96.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.newscred.com/
Effective URL: https://accounts.newscred.com/login
Submission: On June 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 43 HTTP transactions. The main IP is 3.211.96.159, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts.newscred.com.
TLS certificate: Issued by Amazon on February 23rd 2022. Valid for: a year.
This is the only time accounts.newscred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 3.211.96.159 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.233.166.179 14618 (AMAZON-AES)
13 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.159.138.6 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 18.215.56.11 14618 (AMAZON-AES)
3 104.16.53.111 13335 (CLOUDFLAR...)
43 10
11    3.211.96.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-96-159.compute-1.amazonaws.com
accounts.newscred.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    3.233.166.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-166-179.compute-1.amazonaws.com
track.gaconnector.com
13    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
6    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zendesk.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
5    18.215.56.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-56-11.compute-1.amazonaws.com
fs.welcomesoftware.com
3    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
newscred.zendesk.com
Apex Domain
Subdomains		 Transfer
14 typekit.net
use.typekit.net — Cisco Umbrella Rank: 550
p.typekit.net — Cisco Umbrella Rank: 662
255 KB
11 newscred.com
accounts.newscred.com
284 KB
6 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1902
385 KB
5 welcomesoftware.com
fs.welcomesoftware.com — Cisco Umbrella Rank: 446859
151 KB
4 zendesk.com
ekr.zendesk.com — Cisco Umbrella Rank: 3409
newscred.zendesk.com — Cisco Umbrella Rank: 693507
3 KB
2 gaconnector.com
track.gaconnector.com — Cisco Umbrella Rank: 43284
5 KB
1 gstatic.com
www.gstatic.com
146 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 4
968 B
43 8
Domain Requested by
13 use.typekit.net accounts.newscred.com
11 accounts.newscred.com 1 redirects accounts.newscred.com
6 static.zdassets.com accounts.newscred.com
static.zdassets.com
5 fs.welcomesoftware.com accounts.newscred.com
fs.welcomesoftware.com
3 newscred.zendesk.com static.zdassets.com
2 track.gaconnector.com accounts.newscred.com
track.gaconnector.com
1 p.typekit.net accounts.newscred.com
1 ekr.zendesk.com static.zdassets.com
1 www.gstatic.com www.google.com
1 www.google.com accounts.newscred.com
43 10

This site contains links to these domains. Also see Links.

Domain
google.com
welcomesoftware.com
Subject Issuer Validity Valid
*.welcomesoftware.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gaconnector.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-27 -
2022-08-27		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-08 -
2022-12-15		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
zendesk.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2022-07-29		 3 months crt.sh
newscred.zendesk.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://accounts.newscred.com/login
Frame ID: FC885CAB801B9CE397976DAE833E1C2F
Requests: 34 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Frame ID: 8807FB858B4FB6729353D5C5C6099DB8
Requests: 8 HTTP requests in this frame

Frame: https://fs.welcomesoftware.com/s/fs.js
Frame ID: 9EE68931C79BE32CB28F8F4133114AF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome

Page URL History Show full URLs

  1. https://accounts.newscred.com/ HTTP 302
    https://accounts.newscred.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

43
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1229 kB
Transfer

2820 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.newscred.com/ HTTP 302
    https://accounts.newscred.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
accounts.newscred.com/
Redirect Chain
  • https://accounts.newscred.com/
  • https://accounts.newscred.com/login
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
/
Resource Hash
9916666892a2ba4529e93d9ed9c198419c587c5676bb86f804d5214f9c8b4ef2
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,no-store,must-revalidate,private
content-encoding
gzip
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
content-type
text/html; charset=utf-8
date
Sun, 12 Jun 2022 05:46:59 GMT
etag
W/"1e09-u5K9wmnPUunqknI6Z11Ba/bMyTE"
pragma
no-cache
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache,no-store,must-revalidate,private
content-length
56
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
content-type
text/html; charset=utf-8
date
Sun, 12 Jun 2022 05:46:59 GMT
location
/login
pragma
no-cache
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 12 Jun 2022 05:46:59 GMT
gaconnector.js
track.gaconnector.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.gaconnector.com/gaconnector.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.166.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-166-179.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5057c6c9ddcdc374eb8cbb4ffe7ae398b306e1cfa4b14ed68660ceafc9607381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
access-control-request-method
*
server
nginx/1.18.0
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
content-encoding
gzip
access-control-allow-headers
*
content-length
4444
expires
Sun, 12 Jun 2022 06:47:00 GMT
base.css
accounts.newscred.com/stylesheets/v2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/stylesheets/v2/base.css?v=10
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69ea42f4317a784d7d3c8e7e8fc4290849e3c9a95b1361b2899f50a69ff5898e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 11:16:34 GMT
server
nginx
etag
W/"629f3392-3856"
x-frame-options
DENY
content-type
text/css
vary
Accept-Encoding
x-xss-protection
1;mode=block
illustrations.css
accounts.newscred.com/stylesheets/v2/ 		886 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/stylesheets/v2/illustrations.css?v=5
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
61aded02dfd0f4421ae838f60fe345b3fc804c065e2510073d74373c030d87b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:46:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 11:16:34 GMT
server
nginx
etag
"629f3392-376"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
886
x-xss-protection
1;mode=block
welcome-optimizely-logo.png
accounts.newscred.com/images/welcome/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.newscred.com/images/welcome/welcome-optimizely-logo.png
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a20ae896cd123d6b6b24b928870a2908431ef527701ed0ea3537b1ff9472fa69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 11:16:34 GMT
server
nginx
etag
"629f3392-735e"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
29534
x-xss-protection
1;mode=block
tabbed-auth.js
accounts.newscred.com/scripts/signup/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/scripts/signup/tabbed-auth.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
/
Resource Hash
d963faf57d5a9069db1a0aabcaf6e101060054fb307b85f9285f826f1197197f
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 05:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 May 2022 17:46:01 GMT
etag
W/"5a5-18116131fa8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,no-store,must-revalidate,private
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
signup.svg
accounts.newscred.com/svgs/illustrations/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.newscred.com/svgs/illustrations/signup.svg
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
/
Resource Hash
a01cda71d89bb570f1ac7f4087d0bb6cb8959ada9639d21c570832467a7aa792
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 05:47:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 May 2022 17:46:01 GMT
etag
W/"2a341-18116131fa8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache,no-store,must-revalidate,private
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
172865
x-xss-protection
1; mode=block
zgp5hzh.js
use.typekit.net/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/zgp5hzh.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3a44288c583063ede055acdc93e1fd056834a8c0d9d8e9b75385cc7e92d96ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 12 Jun 2022 05:47:00 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7004
snippet.js
static.zdassets.com/ekr/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f193f5840151dc7ca6d915a8ca0822470b323da2aa8848eb75f1c255c6bd98e2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
F719BYX1ERTEDPGK
x-amz-id-2
U+d0k9Uh45TRqrsiRGeMMr3rLcr886d/13RSs5I5eBn4Eps4aeR9yP45l4mD4y6d7Q4vunmlYhQ=
last-modified
Thu, 09 Jun 2022 01:19:09 GMT
server
cloudflare
etag
W/"5166c804b2575426885a55c3dcf4118d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIyFeF9rU4cNxN3bLffm1XtfFv3pG9YTJiKsrJsBZFavOfiGpBmzrybWK%2BuV2WwUGzA7uEr%2FKcU%2B2wbU73GzYH9dfgetI9FzPpygV%2Bgx6XXhbWkNAca3H8ihLeAY0IJJvE6ugmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
wdVYW0XWNbJByEtOkm9ugbejeziASQc1
cf-ray
71a04a0dfde090c7-FRA
ie-banner.js
accounts.newscred.com/scripts/ 		435 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/scripts/ie-banner.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
/
Resource Hash
e32d14870080a528b692c034e649ddc2dc037a2ac9805ca63c4175fb3dd27640
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 05:47:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 May 2022 17:46:01 GMT
etag
W/"1b3-18116131fa8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,no-store,must-revalidate,private
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
435
x-xss-protection
1; mode=block
fullstory.js
accounts.newscred.com/scripts/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/scripts/fullstory.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
/
Resource Hash
8cd5fa56158aba36c4f0e85e12b8fdf0ac75577e386b9d7b57c82c1b96e352de
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 May 2022 17:46:01 GMT
etag
W/"135f-18116131fa8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,no-store,must-revalidate,private
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		367 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148524
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 00:46:22 GMT
track_pageview
track.gaconnector.com/ 		35 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.gaconnector.com/track_pageview?gaconnector_id=6f4de84e-1ec0-4b88-f089-58b5358ea5b3&account_id=0d80ef4073fa3d62ff3a109bc0388d05&referer=&GA_Client_ID=undefined&page_url=https%3A%2F%2Faccounts.newscred.com%2Flogin&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by
Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.166.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-166-179.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
759c918b4b08fc0284a95e0f00347dfea780c2ad32bada5813c6a7338f5be1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
access-control-request-method
*
server
nginx/1.18.0
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript
access-control-allow-origin
*
content-encoding
gzip
access-control-allow-headers
*
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"518c5f781d51642b3cf2290d365b9b8257de6e1f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19056
l
use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19524
l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"80987524f2c82c2a36d727971941de8401d3f316"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18692
l
use.typekit.net/af/83c55b/00000000000000003b9ad1bc/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/83c55b/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1d4797f8814994226060d66485b71446067211dbdf5d1799c437c3ee63258d21

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"131c73b236b0a451c55436b26d3b7857d5a10680"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19048
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18504
l
use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"8887aa07a5e31ddeba60d1317cef52532c1e4862"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19188
l
use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/l?subset_id=2&fvd=n3&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
75993a0da3a07c0a849c4a41cba9cb2e9889d3aaed349d8025d4bb0a1869964f

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"53497a4c5bfe1988b36f82f4d92f806e8f60ed2a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18468
l
use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/l?subset_id=2&fvd=i3&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8a1dad9de1aa9c74be45cf44683df66a86700243ea46e2173674f887ac1fc52

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"310ad429a0939667a546dec619105e3becb5f16a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19052
l
use.typekit.net/af/9faf92/00000000000000003b9ad1b7/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9faf92/00000000000000003b9ad1b7/27/l?subset_id=2&fvd=n5&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3140ad52237f42e478de506bdd4fc0c1a9567fed12132d27c5ae273113c70af2

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"eff2a0ded0ab2ed959041dc23f00f867069c4d59"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18632
l
use.typekit.net/af/cddac3/00000000000000003b9ad1b8/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cddac3/00000000000000003b9ad1b8/27/l?subset_id=2&fvd=i5&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fda8deb213cae46b04790e8b8633b5c4e5478368eef49e06d3db8dfe30cb25d1

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"509ce7dd0126da2f3562094cda45b6f4af568183"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19092
l
use.typekit.net/af/572e5b/00000000000000000001786f/27/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/572e5b/00000000000000000001786f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b1d98d1effad2f3dde5b075c266dae157cf79980d21218eb5a4556e384d6cb6a

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"3950b34ee81ba1db334ac725706cb91638f22e0e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31064
l
use.typekit.net/af/a5aede/000000000000000000017873/27/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a5aede/000000000000000000017873/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d8c7a457bf771825254758e929c43d11475af032747257b455236034e4826ce

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
server
nginx
etag
"9398c887e4db95279e82701645848bad1fbe9b9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30804
Graphik-Regular-Web.woff2
accounts.newscred.com/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/fonts/Graphik-Regular-Web.woff2
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/stylesheets/v2/base.css?v=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6434b3fcfad7396e9d950ec2b9293225d6f48500739fa91faa4e30322e55f608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://accounts.newscred.com/stylesheets/v2/base.css?v=10
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 11:16:34 GMT
server
nginx
etag
"629f3392-8ead"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
36525
x-xss-protection
1;mode=block
Graphik-Medium-Web.woff2
accounts.newscred.com/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.newscred.com/fonts/Graphik-Medium-Web.woff2
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/stylesheets/v2/base.css?v=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.96.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-96-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
955ea1c95d7405ddb14c351a2d4efc5db4957909798b862685e8701543a34ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://accounts.newscred.com/stylesheets/v2/base.css?v=10
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 11:16:34 GMT
server
nginx
etag
"629f3392-8aa1"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
35489
x-xss-protection
1;mode=block
593e245b-6c35-4ab9-a404-23934684ddfe
ekr.zendesk.com/compose/ 		355 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zendesk.com/compose/593e245b-6c35-4ab9-a404-23934684ddfe
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07078d7ff4aafd19a9f65227543223f67bba44ae92e027f6e0ae1d4d6cbac0f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cf-ray
71a04a0e7c9a9b3f-FRA
status
200 OK
x-envoy-upstream-service-time
4
access-control-allow-methods
GET, POST, OPTIONS
vary
Origin, Accept-Encoding
x-zendesk-zorg
yes
x-request-id
c8f37e25cf6f4277a5bc46b5c696e5b6, c8f37e25cf6f4277a5bc46b5c696e5b6
x-runtime
0.003315
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"07078d7ff4aafd19a9f65227543223f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvzAcL6wtmK0ARibo721cT8Eg4IF2N7IGJi%2BNzo5mbrK5s9WMTaDXXhCFvytTTnoFK50vaQ7i%2B6ZbdBelD%2BoHQYhpbASLVfjqlkvye8%2Bl6Hlj7WCuYhqVh88ltnSqmQv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
access-control-expose-headers
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=zgp5hzh&ht=tk&h=accounts.newscred.com&f=139.140.173.174.175.176.5474.5475.25136.25137.14032.14034&a=803271&js=1.21.0&app=typekit&e=js&_=1655012820204
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
fs.js
fs.welcomesoftware.com/s/ 		241 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.welcomesoftware.com/s/fs.js
Requested by
Host: accounts.newscred.com
URL: https://accounts.newscred.com/scripts/fullstory.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.56.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-56-11.compute-1.amazonaws.com
Software
UploadServer /
Resource Hash
3530030acc0f5d3366126f9c6f2b2b527657f363f5a95e5873613056cf335d7c

Request headers

Referer
https://accounts.newscred.com/
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
gzip
age
3347
x-guploader-uploadid
ADPycdv16C8HjzIpzlsNoJotc2JDYkotXeOG_x0XHp9JoL5iSHnrZDB1J4uEaxOwM3YTuPf9WcNhpC0-SLP9mJSHm16E_B3kEzQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73500
last-modified
Fri, 10 Jun 2022 16:24:33 GMT
server
UploadServer
etag
"8525604707cd16c817bd692c7887e5ab"
x-goog-hash
crc32c=SXtPOQ==, md5=hSVgRwfNFsgXvWkseIflqw==
x-goog-generation
1654878272957586
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
73500
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 12 Jun 2022 05:51:13 GMT
web-widget-framework-7e6e850c2ae905f5475f.js
static.zdassets.com/web_widget/latest/ Frame 8807 		213 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834e5a6b0507da437180f737d73900f3dbda7183bd2ceb132391a1c92fff6efa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535664
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9847TCGNFRYFM6BM
x-amz-id-2
8ZAImZOYiR+KfnHGukIHvt2ym8gZmkUov0hY4UKu7jhbMMjm1+TQQ6AptqLQicMZSl9FcJWzEpo=
last-modified
Fri, 27 May 2022 02:22:43 GMT
server
cloudflare
etag
W/"ddbee94259dd9ab3c67c114e8f283805"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxY0i5wstK03N9WJtfADWj9t96H6cjGvj0P7w24IofUX4DCNjk4tA8OVcTTXVdx12TZmcDPgUYnftN4kuzzVlQ%2BGqDdNATJHRzCyXCdZ%2FyeC%2F%2BKquuLeJdjMBttGrPxeUSPMPmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7qGyRMHiBfk22ejuxeMRkVraHfSrSyOj
cf-ray
71a04a0fdf5990c7-FRA
expires
Sat, 27 May 2023 02:22:42 GMT
config
newscred.zendesk.com/embeddable/ Frame 8807 		432 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newscred.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063850525f23343ddfd43ed4f7d70123eabdfedca849b30451aa568c81e087f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
x-envoy-decorator-operation
embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11
x-zendesk-origin-server
embeddable-app-server-56cbc4c489-snttw
x-envoy-upstream-service-time
4
zendesk-api-version
2022-01-01
access-control-allow-methods
GET
content-encoding
br
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
71a049c8ba50911f-FRA
x-runtime
0.001847
last-modified
Sun, 12 Jun 2022 05:46:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB1X1SH1THQ0V3aounE4HCV25IfuDgMpWoOTEu1JjU5kXtS9kI2T%2FMTOBYGW7mx5nz23OLFBo7ddzCLRvIxtbbli%2BgIg08qpYX3x2p6WPTXpSasojyd9zJHl672r8O%2BM0yswJwa4"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
71a04a10cc90910c-FRA
web-widget-classic-87a8c75.js
static.zdassets.com/web_widget/latest/classic/ Frame 8807 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-87a8c75.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5659dd49d17bd588858020f121bad803bd2fd30822c7f44fb9cf02838fac52bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459167
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
6V5FX6HWRKJY4DAB
x-amz-id-2
QDNUd9Ybp2LE2swudAzK7hOhihibozl9Lp4mIOTfNKBXXMsLTlyFy2nWXJbusJbpmdu75wdUNf4=
last-modified
Fri, 27 May 2022 02:22:59 GMT
server
cloudflare
etag
W/"23cc613465bce96ef36b3f9683f9e203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYmy%2FcphpitBmTvAqEtXYtFab5GgDL8hpXc5FX18ml1EzrIMvaSbg8NizbW1%2FYTtElwia7bOmTKv9CjEsZvLa20bEMD7BE6qw12FiL4a0Kll2t0jgcXIHyZ5cY5HNJV%2BJnlb4xg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Tv8A0dy3Fclm0WGlTqbU.iM.OuRmuqSZ
cf-ray
71a04a11485790c7-FRA
expires
Sat, 27 May 2023 02:22:58 GMT
web-widget-1062-87a8c75.js
static.zdassets.com/web_widget/latest/classic/ Frame 8807 		641 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-1062-87a8c75.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-87a8c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b6ba48254db607c979d3dce5fe9761e7f98b4ea6b241d7528864e8b016c85a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459167
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
6V518VSDKWHRE8M8
x-amz-id-2
hJ3g5do6giimK8eEeEkaKGRN3vneeubCUa6nHx3vR8ehzVub+jGqW7boAZdyDhhjBp+S7Mbs3D8=
last-modified
Fri, 27 May 2022 02:22:59 GMT
server
cloudflare
etag
W/"658030e90c20901289c131f50ab95d6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktGPvis%2FF%2FsPx89NhPeazo6AeEU%2BM%2B3ZJJh9y94m7OIPUBTHdk6YqyFBUBz%2BZEdVLg3icsryMlmS2thh%2FQrc8aPGp8uWDtjvWsx52yyw7vbBQUJID10QLe7mD5KQg98aq92zCI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
zC93AXfCMNHf4AWZmQUW97kQ9..Ni42N
cf-ray
71a04a11788c90c7-FRA
expires
Sat, 27 May 2023 02:22:58 GMT
web-widget-6090-87a8c75.js
static.zdassets.com/web_widget/latest/classic/ Frame 8807 		467 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-6090-87a8c75.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-87a8c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50b809f64a4c031bbfbbd9e31893783274624c407915773eb0abfd19343bab7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535663
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4C0HWQF1RYMT0QMF
x-amz-id-2
v6Dhtaz2JMDAPuHokcN8dh98gHWzMVDOY+2wlAlRcVhVxjw2k4V59Hx6aMptW3iRHUaFOz7aOLE=
last-modified
Fri, 27 May 2022 02:22:59 GMT
server
cloudflare
etag
W/"83c1f9f1b2406d7e4de123f1792bd1f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTO8bxrP15Fg2b44ZUcGicXqaVyRsFD4ufVVwUAre2lT%2FUrj0wTkJFW7%2BTI10MOHXj67qXz9E3Re2QbLKp8UFsNSM5H8E2NwSmsKJN2FM65xlhV6908mDEthFikF%2FLt3n1pJz48%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EMd64qRwtcALxliGockgqJFmL7jMsnY0
cf-ray
71a04a11789090c7-FRA
expires
Sat, 27 May 2023 02:22:58 GMT
embeddable_blip
newscred.zendesk.com/ Frame 8807 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscred.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAyLjAuNTAwNS42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiY2MzYTg3OGQ1MzJhNDExZWIyMWM3M2E0OTdhMzExNTkiLCJzdWlkIjoiN2VmOGUyMjgwYjVhNDVjY2IzNzFiMjc2NmEyOGE1YzkiLCJ2ZXJzaW9uIjoiODdhOGM3NSIsInRpbWVzdGFtcCI6IjIwMjItMDYtMTJUMDU6NDc6MDAuODgyWiIsInVybCI6Imh0dHBzOi8vYWNjb3VudHMubmV3c2NyZWQuY29tL2xvZ2luIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:01 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
zendesk-api-version
2022-01-01
content-length
0
x-zendesk-zorg
yes
x-request-id
27ddfffb18ea77cafbd10aadad137aff
last-modified
Sun, 12 Jun 2022 05:47:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBOOzTxMlwgTaWWq1UhS4PMv%2BElsLKitxhdTv2LJ2ppJpZC7tp3eXBf6vw9aHquRvU1YF2Wob79SzBQrKdDaGMYHp%2FY42yf72qDJdApCD8VvFz%2BR84nVbGsE37NRGi%2BreMzE54aw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
71a04a128e43910c-FRA
de-de-json-87a8c75.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 8807 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-87a8c75.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-87a8c75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459167
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
6V5944PY9PY5BMCE
x-amz-id-2
5OhPXDWG9u5jdL+EtmyxFnDfO6GnF/9u2yTFojxXG8iTHNJEzkOQGxs8XEwj+Hm+PJv1D5Glkv4=
last-modified
Fri, 27 May 2022 02:22:59 GMT
server
cloudflare
etag
W/"dee0c6a89a545cab72e7f62ab96b94c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqdXGaRNkzrWy8HY7aMGVTdyvfgBB7Or0Tu2RSytv4oBBHcVITN2Ixv92uG%2FpdScf%2Boct6LCuF5xV0Mi14FqA8uNZX6qJ1Zd%2BkBPQtdEPvv9vt8NBRubgFZV0ZV278Paauj17pA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
YrZk3W3F24lTCn_qwDucc58NYgDQiMQS
cf-ray
71a04a12997590c7-FRA
expires
Sat, 27 May 2023 02:22:58 GMT
page
fs.welcomesoftware.com/rec/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fs.welcomesoftware.com/rec/page
Requested by
Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.56.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-56-11.compute-1.amazonaws.com
Software
/
Resource Hash
6afd278903d5e2fd2e33d7c343a2789efa467e4e536566f6a3ceab5f7f637e74

Request headers

Referer
https://accounts.newscred.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 12 Jun 2022 05:47:01 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://accounts.newscred.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1319
via
1.1 google
embeddable_blip
newscred.zendesk.com/ Frame 8807 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newscred.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InRpbWUiOjk1LCJsb2FkVGltZSI6NzQuNjAwMDAyMjg4ODE4MzYsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJXZWxjb21lIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuNjEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZSwicmVmZXJyZXIiOiJodHRwczovL2FjY291bnRzLm5ld3NjcmVkLmNvbS9sb2dpbiJ9LCJidWlkIjoiY2MzYTg3OGQ1MzJhNDExZWIyMWM3M2E0OTdhMzExNTkiLCJzdWlkIjoiN2VmOGUyMjgwYjVhNDVjY2IzNzFiMjc2NmEyOGE1YzkiLCJ2ZXJzaW9uIjoiODdhOGM3NSIsInRpbWVzdGFtcCI6IjIwMjItMDYtMTJUMDU6NDc6MDAuOTc3WiIsInVybCI6Imh0dHBzOi8vYWNjb3VudHMubmV3c2NyZWQuY29tL2xvZ2luIn0=
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:01 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
0
zendesk-api-version
2022-01-01
content-length
0
x-zendesk-zorg
yes
x-request-id
b78c713b0ef6267797236c070f1fb026
last-modified
Sun, 12 Jun 2022 05:47:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqCJP%2BMAyCU66eH3D42cU47ddpjvR9P7qNDB47JCKQpa37PNKyNrV9jPDaTelrOZQ287%2FrwcrxA%2F9Ai4raVhPVsfwyYawCPuhxt%2BC3lnLbNg9OOZx6%2FfSa73BdrepKIN3OSgudBc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
71a04a132ed1910c-FRA
integrations
fs.welcomesoftware.com/rec/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.welcomesoftware.com/rec/integrations?OrgId=LjU
Requested by
Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.56.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-56-11.compute-1.amazonaws.com
Software
/
Resource Hash
aac216d9b1d004a0a4d9895a532fd4a9b50cd70759639d6047f3502a3d0f964f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.newscred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
fs.js
fs.welcomesoftware.com/s/ Frame 9EE6 		241 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.welcomesoftware.com/s/fs.js
Requested by
Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.56.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-56-11.compute-1.amazonaws.com
Software
UploadServer /
Resource Hash
3530030acc0f5d3366126f9c6f2b2b527657f363f5a95e5873613056cf335d7c

Request headers

Referer
Origin
https://accounts.newscred.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:47:01 GMT
content-encoding
gzip
age
3589
x-guploader-uploadid
ADPycduwQGx8hvXBuwdGVx2qJy4q8GocuQAC386AAh4B2GNb_T38Gr75zzMV_VYTbFfskcRNgG2_rzASrAqUQMoIwY3Hi3lxt440
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73500
last-modified
Fri, 10 Jun 2022 16:24:33 GMT
server
UploadServer
etag
"8525604707cd16c817bd692c7887e5ab"
x-goog-hash
crc32c=SXtPOQ==, md5=hSVgRwfNFsgXvWkseIflqw==
x-goog-generation
1654878272957586
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
73500
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 12 Jun 2022 05:47:12 GMT
bundle
fs.welcomesoftware.com/rec/ 		29 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fs.welcomesoftware.com/rec/bundle?OrgId=LjU&UserId=5455989760462848&SessionId=5111900724662272&PageId=5129724358692864&Seq=1&PageStart=1655012821219&PrevBundleTime=0&LastActivity=585&IsNewSession=true
Requested by
Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.56.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-56-11.compute-1.amazonaws.com
Software
/
Resource Hash
fb8bd9ed98d73f1148265fb06dda9aa85ba2f0f31046ec6fcc8a0886af33a9f6

Request headers

Referer
https://accounts.newscred.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://accounts.newscred.com
date
Sun, 12 Jun 2022 05:47:01 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaconnector2 function| updateButtonState function| getInputValidity function| handleEmailInputChange function| handlePasswordInputChange function| validate function| onSubmit function| openTab object| Typekit object| zEWebpackACJsonp function| zE function| zEmbed boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized object| recaptcha boolean| zEACLoaded function| $zopim string| _fs_loaded function| _fs_shutdown

3 Cookies

Domain/Path Name / Value
accounts.newscred.com/ Name: _csrf
Value: 7D1g-Xb-rrLiy2ptogt70575
.newscred.com/ Name: gaconnector2_id
Value: 6f4de84e-1ec0-4b88-f089-58b5358ea5b3
.newscred.com/ Name: fs_uid
Value: #LjU#5455989760462848:5111900724662272/1686548820

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com *.welcomesoftware.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.newscred.com
ekr.zendesk.com
fs.welcomesoftware.com
newscred.zendesk.com
p.typekit.net
static.zdassets.com
track.gaconnector.com
use.typekit.net
www.google.com
www.gstatic.com
104.16.53.111
104.18.70.113
162.159.138.6
18.215.56.11
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
3.211.96.159
3.233.166.179
063850525f23343ddfd43ed4f7d70123eabdfedca849b30451aa568c81e087f3
07078d7ff4aafd19a9f65227543223f67bba44ae92e027f6e0ae1d4d6cbac0f7
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af
1d4797f8814994226060d66485b71446067211dbdf5d1799c437c3ee63258d21
2d8c7a457bf771825254758e929c43d11475af032747257b455236034e4826ce
3140ad52237f42e478de506bdd4fc0c1a9567fed12132d27c5ae273113c70af2
3530030acc0f5d3366126f9c6f2b2b527657f363f5a95e5873613056cf335d7c
3a44288c583063ede055acdc93e1fd056834a8c0d9d8e9b75385cc7e92d96ad3
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d
5057c6c9ddcdc374eb8cbb4ffe7ae398b306e1cfa4b14ed68660ceafc9607381
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
5659dd49d17bd588858020f121bad803bd2fd30822c7f44fb9cf02838fac52bc
61aded02dfd0f4421ae838f60fe345b3fc804c065e2510073d74373c030d87b4
6434b3fcfad7396e9d950ec2b9293225d6f48500739fa91faa4e30322e55f608
65b6ba48254db607c979d3dce5fe9761e7f98b4ea6b241d7528864e8b016c85a
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
69ea42f4317a784d7d3c8e7e8fc4290849e3c9a95b1361b2899f50a69ff5898e
6afd278903d5e2fd2e33d7c343a2789efa467e4e536566f6a3ceab5f7f637e74
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d
75993a0da3a07c0a849c4a41cba9cb2e9889d3aaed349d8025d4bb0a1869964f
759c918b4b08fc0284a95e0f00347dfea780c2ad32bada5813c6a7338f5be1ab
834e5a6b0507da437180f737d73900f3dbda7183bd2ceb132391a1c92fff6efa
8cd5fa56158aba36c4f0e85e12b8fdf0ac75577e386b9d7b57c82c1b96e352de
955ea1c95d7405ddb14c351a2d4efc5db4957909798b862685e8701543a34ac9
9916666892a2ba4529e93d9ed9c198419c587c5676bb86f804d5214f9c8b4ef2
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a01cda71d89bb570f1ac7f4087d0bb6cb8959ada9639d21c570832467a7aa792
a20ae896cd123d6b6b24b928870a2908431ef527701ed0ea3537b1ff9472fa69
aac216d9b1d004a0a4d9895a532fd4a9b50cd70759639d6047f3502a3d0f964f
b1d98d1effad2f3dde5b075c266dae157cf79980d21218eb5a4556e384d6cb6a
d50b809f64a4c031bbfbbd9e31893783274624c407915773eb0abfd19343bab7
d963faf57d5a9069db1a0aabcaf6e101060054fb307b85f9285f826f1197197f
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2
e32d14870080a528b692c034e649ddc2dc037a2ac9805ca63c4175fb3dd27640
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f193f5840151dc7ca6d915a8ca0822470b323da2aa8848eb75f1c255c6bd98e2
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d
f8a1dad9de1aa9c74be45cf44683df66a86700243ea46e2173674f887ac1fc52
fb8bd9ed98d73f1148265fb06dda9aa85ba2f0f31046ec6fcc8a0886af33a9f6
fda8deb213cae46b04790e8b8633b5c4e5478368eef49e06d3db8dfe30cb25d1