urlscan.io logo urlscan.io
SecurityTrails logo

p19.zdusercontent.com Open in urlscan Pro
104.18.173.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA
Effective URL: https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In...
Submission: On April 20 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 104.18.173.234, located in and belongs to CLOUDFLARENET, US. The main domain is p19.zdusercontent.com. The Cisco Umbrella rank of the primary domain is 52709.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time p19.zdusercontent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.18.173.234 13335 (CLOUDFLAR...)
1 1 104.16.51.111 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains		 Transfer
2 zdusercontent.com
p19.zdusercontent.com — Cisco Umbrella Rank: 52709
4 KB
1 assentcompliance.com
help.assentcompliance.com — Cisco Umbrella Rank: 903000
2 KB
1 2
Domain Requested by
2 p19.zdusercontent.com 1 redirects
1 help.assentcompliance.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
zdusercontent.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..YXL6ufxBZ5rvSuPYz-x8jg.CKhpaVA6YrFh3sFRrbvRov3FrF9qzHTvxNQvXI4q3QT1an1yzNPPJU1FlcgAAY-bFvquDl0aa6uZhcS4PHN4nizbGMffeufycLSWFtzZLiAAvTgqiqYg6tqNNtpG7kZxedffayHgOTUpUFJCU8e4L8qIowkhACkl4pRNoHmeU1ajLjrWnvRDAEKff5vJqc3nWj6kli8IVsh7mWZKqVW3KiSKSlTiwe8lqCMbAYp0ldjjpMSJV1_hdy-zwG_nVyvD65ISFnUoxm5kk3F-vMtdra9ZNDMF5jQC1MQm8Q6DpC8.tHj6TGDxDUKS9BZPz4s2yQ
Frame ID: FCAA25F1B8FCC295380B3D61434C6A41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

fub2EYl56Cqou3FR9WucIrHlA (89×33)

Page URL History Show full URLs

  1. https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA HTTP 302
    https://help.assentcompliance.com/attachments/token/fub2EYl56Cqou3FR9WucIrHlA/?name=image001.png HTTP 302
    https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

3 kB
Transfer

2 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA HTTP 302
    https://help.assentcompliance.com/attachments/token/fub2EYl56Cqou3FR9WucIrHlA/?name=image001.png HTTP 302
    https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..YXL6ufxBZ5rvSuPYz-x8jg.CKhpaVA6YrFh3sFRrbvRov3FrF9qzHTvxNQvXI4q3QT1an1yzNPPJU1FlcgAAY-bFvquDl0aa6uZhcS4PHN4nizbGMffeufycLSWFtzZLiAAvTgqiqYg6tqNNtpG7kZxedffayHgOTUpUFJCU8e4L8qIowkhACkl4pRNoHmeU1ajLjrWnvRDAEKff5vJqc3nWj6kli8IVsh7mWZKqVW3KiSKSlTiwe8lqCMbAYp0ldjjpMSJV1_hdy-zwG_nVyvD65ISFnUoxm5kk3F-vMtdra9ZNDMF5jQC1MQm8Q6DpC8.tHj6TGDxDUKS9BZPz4s2yQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fub2EYl56Cqou3FR9WucIrHlA
p19.zdusercontent.com/attachment/796310/
Redirect Chain
  • https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA
  • https://help.assentcompliance.com/attachments/token/fub2EYl56Cqou3FR9WucIrHlA/?name=image001.png
  • https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..YXL6ufxBZ5rvSuPYz-x8jg.CKhpaVA6YrFh3sFRrbvRov3FrF9qzHTvxNQvXI4q3QT1a...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..YXL6ufxBZ5rvSuPYz-x8jg.CKhpaVA6YrFh3sFRrbvRov3FrF9qzHTvxNQvXI4q3QT1an1yzNPPJU1FlcgAAY-bFvquDl0aa6uZhcS4PHN4nizbGMffeufycLSWFtzZLiAAvTgqiqYg6tqNNtpG7kZxedffayHgOTUpUFJCU8e4L8qIowkhACkl4pRNoHmeU1ajLjrWnvRDAEKff5vJqc3nWj6kli8IVsh7mWZKqVW3KiSKSlTiwe8lqCMbAYp0ldjjpMSJV1_hdy-zwG_nVyvD65ISFnUoxm5kk3F-vMtdra9ZNDMF5jQC1MQm8Q6DpC8.tHj6TGDxDUKS9BZPz4s2yQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.173.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a23a05c9f953530206e166cbf6a8c8ca0d55c5136ba127d140422cd9a506d5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800, private
cf-cache-status
DYNAMIC
cf-ray
6fed5bfb7e899978-FRA
content-disposition
inline; filename="image001.png"
content-length
1978
content-type
image/png
date
Wed, 20 Apr 2022 10:57:29 GMT
etag
"a3a69bb0322fc61e0d9b39717f4ebd05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 11 Apr 2022 06:09:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQc81OZaMs3zZz9k4Cx6qFDDTlaaQbyniA2QZNHR1sW9B1p1pcPESdofmbCyGGz5k%2FBueRK%2FC2vqlABVkXnQI%2FSMtc2Cs9IhPc9w1eKzhGkSeuz8F51Gztey4uDszQpSYRtXXsUyIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
x-amz-server-side-encryption
AES256
x-amz-version-id
Rb9MZJ.ZIXNZhWk68iAP6knvc3I8oLyx
x-content-type-options
nosniff
x-robots-tag
none, noarchive none, noarchive
zendesk-api-version
2022-01-01

Redirect headers

access-control-allow-origin
*
access-control-expose-headers
X-Zendesk-API-Warn
cache-control
max-age=3600, private
cf-cache-status
DYNAMIC
cf-ray
6fed5bfa19629a35-FRA
content-length
540
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 10:57:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://p19.zdusercontent.com/attachment/796310/fub2EYl56Cqou3FR9WucIrHlA?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..YXL6ufxBZ5rvSuPYz-x8jg.CKhpaVA6YrFh3sFRrbvRov3FrF9qzHTvxNQvXI4q3QT1an1yzNPPJU1FlcgAAY-bFvquDl0aa6uZhcS4PHN4nizbGMffeufycLSWFtzZLiAAvTgqiqYg6tqNNtpG7kZxedffayHgOTUpUFJCU8e4L8qIowkhACkl4pRNoHmeU1ajLjrWnvRDAEKff5vJqc3nWj6kli8IVsh7mWZKqVW3KiSKSlTiwe8lqCMbAYp0ldjjpMSJV1_hdy-zwG_nVyvD65ISFnUoxm5kk3F-vMtdra9ZNDMF5jQC1MQm8Q6DpC8.tHj6TGDxDUKS9BZPz4s2yQ
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFccHilOes7DjtkpRb%2B85rmtWU9wjMtVQ36TVK0Iz9kZ2Ms9tCa7xbbCRIe1kWtEk3x%2F0f1ZIWkH0%2BZ4FnjG0bzRlEAJsWV2G6LWg4GlnMBsHEdWB7GID%2FXRhgqrDyI%2B9qv23mHbE4%2Fz1zc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200;
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-envoy-decorator-operation
classic.classic.svc.cluster.local:80/*
x-envoy-upstream-service-time
57
x-frame-options
SAMEORIGIN
x-request-id
6fed5bfa19629a35-IAD
x-robots-tag
none, noarchive
x-runtime
0.055109
x-xss-protection
1; mode=block
x-zendesk-origin-server
classic-app-server-d79b7f6d6-5mrx6
zendesk-api-version
2022-01-01

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

5 Cookies

Domain/Path Name / Value
p19.zdusercontent.com/ Name: _zendesk_session
Value: BAh7CEkiD3Nlc3Npb25faWQGOgZFVEkiJWYzNTk4N2I3YWNkYzFkZGU3ZTI5ZTIyNTE0NzlhZTgxBjsAVEkiDmlzX21vYmlsZQY7AFRGSSITd2FyZGVuLm1lc3NhZ2UGOwBUewA%3D--f737700bfbe371fcd2660087e449659834d108aa
.zdusercontent.com/ Name: __cfruid
Value: 570e1fa30d505131a9a6219b7b0386ac9577d0ee-1650452248
help.assentcompliance.com/ Name: _zendesk_session
Value: BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiJTU2YWViYTI2NTMxZWZiZDc3Mjk0MGY3OGY1MzdmNTQ2BjsAVEkiDGFjY291bnQGOwBGaQOWJgxJIgpyb3V0ZQY7AEZpA5OYCkkiDmlzX21vYmlsZQY7AFRG--f36940855f6fd1db490e08c5a235c0de9530c796
.help.assentcompliance.com/ Name: __cfruid
Value: 6f90d18c84b5b65666fc92ce996a69699a2a3c99-1650452248
p19.zdusercontent.com/ Name: _zendesk_shared_session
Value: -Tm5YT05GNWYyVzJDUDRwWXpCV3plQlg1T3NpU203bDQwYlFIa05wM2JCcmJqY1llRGJJM3VUcnZuMEVBekZVdFZ6SXZTLzBQUDMycTFjbHVXY1ZlTlFDZjQvZzJvT3ViVlkxSmduZmQ2VWs9LS1GZXpReklpMzk1ZEZHVHZGampNa1JRPT0%3D--bcd51a2a21735d424df24aeced99e2a12eaccbe1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

help.assentcompliance.com
p19.zdusercontent.com
104.16.51.111
104.18.173.234
c3a23a05c9f953530206e166cbf6a8c8ca0d55c5136ba127d140422cd9a506d5