m2.xhlcustomer.com Open in urlscan Pro
45.79.56.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m2.xhlcustomer.com/
Submission: On October 16 via automatic, source certstream-suspicious (October 16th 2020, 4:31:52 am UTC)

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 9 domains to perform 49 HTTP transactions. The main IP is 45.79.56.123, located in Dallas, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is m2.xhlcustomer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 16th 2020. Valid for: 3 months.

This is the only time m2.xhlcustomer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	45.79.56.123 45.79.56.123	63949 (LINODE-AP...) (LINODE-AP Linode)
8	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	47.96.194.133 47.96.194.133	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.246.43.223 47.246.43.223	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	2606:4700:303... 2606:4700:3033::6812:3339	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.244.226.94 47.244.226.94	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	47.242.16.186 47.242.16.186	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	128.1.135.160 128.1.135.160	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED)
49	14

18 45.79.56.123 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1155-123.members.linode.com

m2.xhlcustomer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.xhlcustomer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.96.194.133 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

admin.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.223 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

bawa-qiniu.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6812:3339 (United States)

ASN13335 (CLOUDFLARENET, US)

lib1.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.244.226.94 (China)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

hkend.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.242.16.186 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

analysis.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 128.1.135.160 (Central, Hong Kong)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED, HK)

cnend.leadscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xhlcustomer.com m2.xhlcustomer.com chat.xhlcustomer.com	120 KB
10	leadscloud.com admin.leadscloud.com bawa-qiniu.leadscloud.com lib1.leadscloud.com hkend.leadscloud.com analysis.leadscloud.com cnend.leadscloud.com	239 KB
8	ampproject.org cdn.ampproject.org	148 KB
4	youtube.com www.youtube.com
3	google-analytics.com www.google-analytics.com	19 KB
3	gstatic.com fonts.gstatic.com	23 KB
1	doubleclick.net stats.g.doubleclick.net	88 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	googleapis.com fonts.googleapis.com	981 B
49	9

	Domain	Requested by
16	m2.xhlcustomer.com	m2.xhlcustomer.com
8	cdn.ampproject.org	m2.xhlcustomer.com cdn.ampproject.org
4	lib1.leadscloud.com	chat.xhlcustomer.com lib1.leadscloud.com
4	www.youtube.com	cdn.ampproject.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cnend.leadscloud.com	lib1.leadscloud.com
2	chat.xhlcustomer.com	cdn.ampproject.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	lib1.leadscloud.com
1	analysis.leadscloud.com	m2.xhlcustomer.com
1	hkend.leadscloud.com	lib1.leadscloud.com
1	bawa-qiniu.leadscloud.com	m2.xhlcustomer.com
1	admin.leadscloud.com	m2.xhlcustomer.com
1	fonts.googleapis.com	m2.xhlcustomer.com
49	15

This site contains links to these domains. Also see Links.

Domain
www.leadscloud.com

Subject Issuer	Validity	Valid
m2.xhlcustomer.com Let's Encrypt Authority X3	`2020-10-16` - `2021-01-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
chat.xhlcustomer.com Let's Encrypt Authority X3	`2020-10-10` - `2021-01-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.leadscloud.com GoGetSSL RSA DV CA	`2020-02-07` - `2022-02-06`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-25` - `2021-05-25`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://m2.xhlcustomer.com/
Frame ID: C9AA0B72E73BE340218B2A73F07D4FBF
Requests: 34 HTTP requests in this frame

Frame: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
Frame ID: DCF6CB042091C497BF6BED3CF2297D00
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c09m5f7Gnic
Frame ID: 177999A65567C257F2057A83ABF0B1D1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c09m5f7Gnic
Frame ID: E566F4C8D1BB736FE3B09421BD438514
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c09m5f7Gnic
Frame ID: 35EF596136AF1B138368CD1836FCF46D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c09m5f7Gnic
Frame ID: A3C6DF227BB32C0FDEE881C994BBE68F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

49
Requests

100 %
HTTPS

54 %
IPv6

9
Domains

15
Subdomains

14
IPs

5
Countries

587 kB
Transfer

1621 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadscloud.com/
Title: Technical Support: Beijing Xinhulian Technology Co., Ltd.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
m2.xhlcustomer.com/ 61 KB
10 KB 481ms
143ms Document
text/html 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: f1bdc6a85cdcdf04e54dd3f98d96a59ecc220c30d1ac611ca755473048cd61ac

Request headers

:method: GET
:authority: m2.xhlcustomer.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
content-disposition: inline; filename="index.html"
content-encoding: gzip
content-type: text/html
date: Fri, 16 Oct 2020 04:31:29 GMT
etag: "259da7:f2da:5f8921e4:248f97cb"
last-modified: Fri, 16 Oct 2020 04:30:28 GMT
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 254 KB
70 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854673546c0587e6d9e3715730ef35951f34468f625a617b0e83bb818d2cbe06

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70166
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 04:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "1e193d1cd0ade399"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Oct 2020 04:31:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
981 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

728f072200dbbcaf8e053a58f94ea2277f70710824f205a3a0181e9bf5beaa81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 04:31:29 GMT
server: ESF
date: Fri, 16 Oct 2020 04:31:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Oct 2020 04:31:29 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 48ms
27ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f24ed65a101bd7f1d5c9c6e34dd0276c6f7366ae77fce674eac43612de93a84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8837
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 04:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "e911842a0bbb673a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Oct 2020 04:31:30 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 47ms
27ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

826251bd577ebd402117a5590b8212a321ac09412031620b6c982edb7998a11f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8067
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 04:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "d1a090a121def3c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Oct 2020 04:31:30 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 21 KB
8 KB 45ms
25ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeb521059627eadc5324667e51f7ec549f18c6efb79dbbed96632190895d757f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7756
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 04:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "4f9ee05eb6abb9b8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Oct 2020 04:31:30 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 96 KB
29 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4cc2f1603f6b4ff23b32b630308024a457c1adf178b51381f0923df4302789e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29507
x-xss-protection: 0
server: sffe
date: Fri, 16 Oct 2020 04:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "b381d156b6208406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Oct 2020 04:31:30 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v13/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:01 GMT
server: sffe
age: 329165
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:24 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 21:34:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:00 GMT
server: sffe
age: 197831
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:34:18 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v13/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,900%7CPoppins:400,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 09:05:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:13 GMT
server: sffe
age: 329161
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Tue, 12 Oct 2021 09:05:29 GMT

GET
H3-Q050 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012010010034001/v0/ 6 KB
3 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010010034001/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4625eb056c6f53977b47b89622ab7f7b2d1fe5aa450aa172d9176541074318

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74848
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2583
x-xss-protection: 0
server: sffe
date: Thu, 15 Oct 2020 07:44:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a19dff40e34c726a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Oct 2021 07:44:02 GMT

GET
H2 200 PIC00907logo1.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 3 KB
3 KB 144ms
141ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00907logo1.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 260b42d69664511d6a65a0c78c5ddfd93952d1ea19e759a95f6c71af0780c852

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:06 GMT
etag: "259ebe:b5c:5f8921ce:c01ead8"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00907logo1.png.webp"
accept-ranges: bytes
content-length: 2936

GET
H2 200 sousuo.png
m2.xhlcustomer.com/images/ 1 KB
1 KB 144ms
142ms Image
image/png 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/images/sousuo.png
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 4264acc5c11e949fba3e77bb8eb4ba2014edc6efc22d99d8ea4b1756deb7e482

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
last-modified: Fri, 16 Oct 2020 04:30:04 GMT
etag: "259e0a:512:5f8921cc:299167fe"
vary: Accept-Encoding
content-type: image/png
status: 200
content-disposition: inline; filename="sousuo.png"
accept-ranges: bytes
content-length: 1298

GET
H2 200 PIC00530index_part101.jpg.webp
m2.xhlcustomer.com/uploadImages/webp/ 8 KB
8 KB 295ms
292ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00530index_part101.jpg.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 29eb02b8a67f4e721b7cd54fe7d5b1dd3d365bb34680df7072bdfa34921ff85f

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:04 GMT
etag: "259e8a:2160:5f8921cc:1a4f020f"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00530index_part101.jpg.webp"
accept-ranges: bytes

GET
H2 200 PIC00527title_img.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 386 B
476 B 296ms
294ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00527title_img.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: fe16a9458f344ba51ee92452d1d60185cd2e3ef090ae19af86883216c7af749c

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
last-modified: Fri, 16 Oct 2020 04:30:04 GMT
etag: "259e87:182:5f8921cc:14961bd5"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00527title_img.png.webp"
accept-ranges: bytes
content-length: 386

GET
H2 200 PIC00519index_who_icon01.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 2 KB
2 KB 145ms
142ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00519index_who_icon01.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: e354d9aad229f3110c633178af7ffbcb761027883cc0ece1e8440bb81f93327c

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:03 GMT
etag: "259e7f:86e:5f8921cb:37df1360"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00519index_who_icon01.png.webp"
accept-ranges: bytes
content-length: 2186

GET
H2 200 PIC00560index_who_icon02.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 2 KB
2 KB 295ms
293ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00560index_who_icon02.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 7dbf0d6c6da5f6072395393db6f957cd36defb5df57eb281a9d230e0921c1d04

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:05 GMT
etag: "259ea8:7c4:5f8921cd:2321f929"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00560index_who_icon02.png.webp"
accept-ranges: bytes
content-length: 2016

GET
H2 200 PIC00510index_who_icon03.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 2 KB
2 KB 146ms
144ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00510index_who_icon03.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: f37f24e369758b24b11c2fb5ecc45b91a183793a860344fa122f6337231f1d93

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:03 GMT
etag: "259e76:89e:5f8921cb:2269b409"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00510index_who_icon03.png.webp"
accept-ranges: bytes
content-length: 2234

GET
H2 200 PIC00557index_product01.jpg.webp
m2.xhlcustomer.com/uploadImages/webp/ 9 KB
9 KB 145ms
143ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00557index_product01.jpg.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 8c8e88afca9b6ccd2cc70ce74e7ecf8ae502aa6a891ad8b3ee63678ba4a526b8

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:05 GMT
etag: "259ea5:2352:5f8921cd:1c74ec90"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00557index_product01.jpg.webp"
accept-ranges: bytes

GET
H2 200 PIC00499index_newst01.jpg.webp
m2.xhlcustomer.com/uploadImages/webp/ 21 KB
18 KB 144ms
143ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00499index_newst01.jpg.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: e4d55bae61a52dd1eeab2eabbb517e3c5b1654f1b9b597fb24cbb58c6c3390b3

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:02 GMT
etag: "259e6b:531e:5f8921ca:2bf29f91"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00499index_newst01.jpg.webp"
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45c376f8abe4f03681c0c7040db7afdf5973042e8865742042594c2bc1d3117a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45aca9fa8b5acb9f412f26e1a2956c7b29231572067073cc597fd28118bb8f74

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp-chat.php Show response
chat.xhlcustomer.com/ Frame DCF6 2 KB
2 KB 460ms
136ms Document
text/html 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: nginx/1.17.6 / PHP/7.3.15
Resource Hash: 63150437bb530eaec26fbff325c0fe1792c1964a52ed2f7c8aebd068ac95cdc4

Request headers

:method: GET
:authority: chat.xhlcustomer.com
:scheme: https
:path: /amp-chat.php?orgId=10818&title=Home
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m2.xhlcustomer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://m2.xhlcustomer.com/

Response headers

status: 200
access-control-allow-credentials: true
access-control-allow-origin: null
content-type: text/html; charset=UTF-8
date: Fri, 16 Oct 2020 04:31:30 GMT
server: nginx/1.17.6
vary: Origin
x-powered-by: PHP/7.3.15
content-length: 1586

GET
H2 200 c09m5f7Gnic
www.youtube.com/embed/ Frame 1779 0
0 110ms
90ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c09m5f7Gnic

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/c09m5f7Gnic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m2.xhlcustomer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://m2.xhlcustomer.com/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 10213
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
date: Fri, 16 Oct 2020 04:31:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=KsabiYAvtUE; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=KsabiYAvtUE; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 16-Oct-2020 05:01:30 GMT YSC=JWmZ3TRcKlE; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c09m5f7Gnic
www.youtube.com/embed/ Frame E566 0
0 93ms
74ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c09m5f7Gnic

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/c09m5f7Gnic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m2.xhlcustomer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://m2.xhlcustomer.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 10190
date: Fri, 16 Oct 2020 04:31:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Y9lIcZi95S0; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=Y9lIcZi95S0; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 16-Oct-2020 05:01:30 GMT YSC=M1jC8qneq18; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c09m5f7Gnic
www.youtube.com/embed/ Frame 35EF 0
0 109ms
92ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c09m5f7Gnic

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/c09m5f7Gnic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m2.xhlcustomer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://m2.xhlcustomer.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10130
cache-control: no-cache
x-content-type-options: nosniff
date: Fri, 16 Oct 2020 04:31:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=_6sNwAA43lg; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None YSC=7OrKjNizUUE; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 16-Oct-2020 05:01:30 GMT VISITOR_INFO1_LIVE=_6sNwAA43lg; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c09m5f7Gnic
www.youtube.com/embed/ Frame A3C6 0
0 142ms
127ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c09m5f7Gnic

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/c09m5f7Gnic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m2.xhlcustomer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://m2.xhlcustomer.com/

Response headers

status: 200
strict-transport-security: max-age=31536000
content-length: 10214
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
cache-control: no-cache
date: Fri, 16 Oct 2020 04:31:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=qqTxh4ksQs8; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=qqTxh4ksQs8; path=/; domain=.youtube.com; secure; expires=Wed, 14-Apr-2021 04:31:30 GMT; httponly; samesite=None YSC=kPLLlk2b61o; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 16-Oct-2020 05:01:30 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 PIC00523banner.jpg.webp
m2.xhlcustomer.com/uploadImages/webp/ 58 KB
57 KB 253ms
251ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00523banner.jpg.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 5c5b1f2371dbb17887101baf25efae0c2915072fa12fdaaa251a0f4f8e58733c

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:04 GMT
etag: "259e83:e638:5f8921cc:86d329a"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00523banner.jpg.webp"
accept-ranges: bytes

GET
H/1.1 200
OK placeholder.png
admin.leadscloud.com/amp-site/ 91 B
505 B 3273ms
2406ms Image
image/png 47.96.194.133
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.leadscloud.com/amp-site/placeholder.png
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.96.194.133 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: f6f984b609a6c86c510d8a76c9f4a0f37c97a850b755bf78319ceff1e1ce296e

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 04:31:33 GMT
Last-Modified: Tue, 03 Mar 2020 09:18:38 GMT
Server: nginx/1.15.12
ETag: "5e5e20ee-5b"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91
Expires: Fri, 16 Oct 2020 04:31:32 GMT

GET
H2 200 FnxuI7NyglZVcWz2EqAJ6nmNN1Hi
bawa-qiniu.leadscloud.com/ 60 KB
61 KB 297ms
212ms Image
image/jpeg 47.246.43.223
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bawa-qiniu.leadscloud.com/FnxuI7NyglZVcWz2EqAJ6nmNN1Hi
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.223 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b4691d1873812ddc9242255038e8beb95f96dc55b3f1bcc3da0a3915b9344d0d

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-qiniu-zone: 0
x-log: X-Log
date: Thu, 24 Sep 2020 03:55:56 GMT
via: cache5.l2de2[0,206-0,H], cache11.l2de2[17,0], cache11.de2[25,200-0,M], cache14.de2[177,0]
x-svr: IO
content-md5: GTzV2GXXQ0O4K3Q3SLaLOQ==
age: 1902934
x-cache: MISS TCP_MISS dirn:-2:-2
status: 200
content-transfer-encoding: binary
x-swift-cachetime: 2592000
content-disposition: inline; filename="FnxuI7NyglZVcWz2EqAJ6nmNN1Hi"; filename*=utf-8''FnxuI7NyglZVcWz2EqAJ6nmNN1Hi
x-swift-savetime: Fri, 16 Oct 2020 04:31:30 GMT
content-length: 61253
x-m-reqid: wXgAAHjqiUcJnDcW
x-m-log: QNM:jjh1528;QNM3:13
last-modified: Mon, 29 Jun 2020 10:24:09 GMT
server: Tengine
etag: "FnxuI7NyglZVcWz2EqAJ6nmNN1Hi"
access-control-max-age: 2592000
ali-swift-global-savetime: 1600919756
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-qnm-cache: Hit
eagleid: 2ff62ba216028226903158612e
x-reqid: rhkAAAAnmRn1GDYW

GET
H2 200 PIC00564foot_logo.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 2 KB
2 KB 254ms
251ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00564foot_logo.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: b1e9b0d4038a9207b54e61dbc445ed1b04b61e95f3bdbb864f518f882dcd50a3

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 04:30:05 GMT
etag: "259eac:728:5f8921cd:2c3165af"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00564foot_logo.png.webp"
accept-ranges: bytes
content-length: 1860

GET
H2 200 PIC00505footer_lx1.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 378 B
468 B 253ms
250ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00505footer_lx1.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 5ec07a3b368989c6dc9d56af487e0ce104082d46223b85053b2f9503270c3640

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
last-modified: Fri, 16 Oct 2020 04:30:03 GMT
etag: "259e71:17a:5f8921cb:73b6e77"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00505footer_lx1.png.webp"
accept-ranges: bytes
content-length: 378

GET
H2 200 PIC00548footer_lx2.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 394 B
484 B 350ms
348ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00548footer_lx2.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: e4e7e482ed8bd1e3a2b682003b7b333d7099a7f5d495253b0a51672ffda6a0e3

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:29 GMT
last-modified: Fri, 16 Oct 2020 04:30:05 GMT
etag: "259e9c:18a:5f8921cd:a931d1d"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00548footer_lx2.png.webp"
accept-ranges: bytes
content-length: 394

GET
H2 200 PIC00534footer_lx3.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 398 B
489 B 254ms
252ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00534footer_lx3.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 16937ad46b7835dffa181146c3969dfd9b1b506a54a97a8a5ac027326a71b267

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
last-modified: Fri, 16 Oct 2020 04:30:04 GMT
etag: "259e8e:18e:5f8921cc:21f03506"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00534footer_lx3.png.webp"
accept-ranges: bytes
content-length: 398

GET
H2 200 PIC00562footer_lx4.png.webp
m2.xhlcustomer.com/uploadImages/webp/ 432 B
523 B 350ms
348ms Image
image/webp 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.xhlcustomer.com/uploadImages/webp/PIC00562footer_lx4.png.webp
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: /
Resource Hash: 1c16e74dd415398fee2a02b96bf28bee8492a8140ca31ccd3a6d765b5184ec32

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:30 GMT
last-modified: Fri, 16 Oct 2020 04:30:05 GMT
etag: "259eaa:1b0:5f8921cd:263b75de"
vary: Accept-Encoding
content-type: image/webp
status: 200
content-disposition: inline; filename="PIC00562footer_lx4.png.webp"
accept-ranges: bytes
content-length: 432

GET
H3-Q050 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012010010034001/v0/ 15 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010010034001/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31076833ab6aac7dc14c3d5c7ee155ecd616e4fc04acd40679ca9511fb8ab4cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74841
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3738
x-xss-protection: 0
server: sffe
date: Thu, 15 Oct 2020 07:44:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c7cc447e321dea13"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Oct 2021 07:44:09 GMT

GET
H3-Q050 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012010010034001/v0/ 59 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010010034001/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1ccc9b5b82554583b389c41deb7aa3f20ac541c668d30af16b06237bbe73d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m2.xhlcustomer.com
Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 204216
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17938
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 19:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22b3c7fef08b250c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 19:47:54 GMT

GET
H2 200 xhltrackingwithchat.js Show response
lib1.leadscloud.com/ Frame DCF6 2 KB
2 KB 1155ms
1128ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib1.leadscloud.com/xhltrackingwithchat.js
Requested by: Host: chat.xhlcustomer.com
URL: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32a5745de54cd2e621989a527ec01be8d5be4d88c726257359af8fac79fbdec

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 05d1466f8a0000c2c2ddb26000000001
last-modified: Tue, 25 Aug 2020 10:48:48 GMT
server: cloudflare
etag: W/"5f44ec90-7ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602822692"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 5e2f0cf8dd59c2c2-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: minify

GET
H2 200 cookie.php Show response
chat.xhlcustomer.com/ 141 B
301 B 1264ms
967ms Fetch
application/json 45.79.56.123
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.xhlcustomer.com/cookie.php?orgId=10818&idsite=22147&visitorId=amp-Oo5N_uDLIHImebX-ieZErg&__amp_source_origin=https%3A%2F%2Fm2.xhlcustomer.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.79.56.123 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1155-123.members.linode.com
Software: nginx/1.17.6 / PHP/7.3.15
Resource Hash: 6cbb7c1dfa115e66685f9e37dad44baa15179426e720da9995d27cd37b68a09b

Request headers

Accept: application/json
Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:32 GMT
server: nginx/1.17.6
status: 200
x-powered-by: PHP/7.3.15
vary: Origin
content-type: application/json; charset=utf8
access-control-allow-origin: https://m2.xhlcustomer.com
access-control-allow-credentials: true
content-length: 141

GET
H2 200 getStatus Show response
hkend.leadscloud.com/piwik/websiteSettings/ Frame DCF6 121 B
569 B 1376ms
238ms XHR
application/json 47.244.226.94
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hkend.leadscloud.com/piwik/websiteSettings/getStatus?website=m2.xhlcustomer.com
Requested by: Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.244.226.94 , China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.12 /
Resource Hash: ab8d45dd9727b9d9f335633442708108228b2886aa56583207745f5fc9dbf500

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:33 GMT
amp-access-control-allow-source-origin: https://chat.xhlcustomer.com
server: nginx/1.15.12
amp-same-origin: true
status: 200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://chat.xhlcustomer.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
access-control-allow-headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

GET
H2 200 piwik.php
analysis.leadscloud.com/ 43 B
125 B 941ms
463ms Image
image/gif 47.242.16.186
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analysis.leadscloud.com/piwik.php?action_name=Home&r=0.5581493247559466&idsite=22147&rec=1&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&apiv=1&url=https%3A%2F%2Fm2.xhlcustomer.com%2F&uid=10818FK202010161231bua6V3&_id=10818FK202010161231bua6V3&_idts=1602822692483&_idvc=1&_refts=2394&res=1600x1200&dimension1=10818FK202010161231bua6V3&dimension2=10818&gt_ms=2394&urlref=&_rcn=&_rck=
Requested by: Host: m2.xhlcustomer.com
URL: https://m2.xhlcustomer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.242.16.186 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://m2.xhlcustomer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 04:31:33 GMT
cache-control: no-store
server: nginx/1.14.2
content-type: image/gif

GET
H2 200 userchatmain.js Show response
lib1.leadscloud.com/js/ Frame DCF6 594 KB
157 KB 2534ms
2534ms Script
application/javascript 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216
Requested by: Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/xhltrackingwithchat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b53c4ef4446cb4d17f7cd47094adb36d9473a3fb89796b2067ed0204b5d50c

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 05d14679560000c2c2dca0f000000001
last-modified: Tue, 25 Aug 2020 10:48:48 GMT
server: cloudflare
etag: W/"5f44ec90-9483e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602822695"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 5e2f0d088eb1c2c2-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame DCF6 94 KB
37 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-124614447-1

Requested by

Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/xhltrackingwithchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d0cdaa7b8b381f6188f55a8a5d282967f3e8a04cb503cc103ef5854bcb0f53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Oct 2020 04:31:33 GMT

GET
H2 200 userbase.css
lib1.leadscloud.com/css/ Frame DCF6 96 KB
12 KB 1945ms
1945ms Stylesheet
text/css 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib1.leadscloud.com/css/userbase.css?v=20190315
Requested by: Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6851143668f7a81ff62888d6ded5c8600e619aabc5c1f63154183e11a03eb356

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 05d146839a0000c2c2b18bb000000001
last-modified: Tue, 25 Aug 2020 10:48:48 GMT
server: cloudflare
etag: W/"5f44ec90-180e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602822697"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 5e2f0d18f969c2c2-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 userchat.html Show response
lib1.leadscloud.com/cors/ Frame DCF6 14 KB
4 KB 1419ms
1404ms XHR
text/html 2606:4700:3033::6812:3339
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib1.leadscloud.com/cors/userchat.html
Requested by: Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5d03ea3b92693be8a8bc65709e8ed1ad6e3169433db1a2cbfcad03ff20b4da

Request headers

Accept: */*
Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 04:31:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Aug 2020 10:48:48 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602822697"}],"group":"cf-nel","max_age":604800}
cf-ray: 5e2f0d191c83d6c1-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-request-id: 05d14683ad0000d6c19a39d000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame DCF6 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124614447-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2530
date: Fri, 16 Oct 2020 03:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 16 Oct 2020 05:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame DCF6 2 B
160 B 14ms
13ms XHR
text/plain 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=303704865&t=pageview&_s=1&dl=https%3A%2F%2Fchat.xhlcustomer.com%2Famp-chat.php%3ForgId%3D10818%26title%3DHome&dr=https%3A%2F%2Fm2.xhlcustomer.com%2F&ul=en-us&de=UTF-8&dt=Document&sd=24-bit&sr=1600x1200&vp=115x100&je=0&_u=oGBAAUABAAAAAC~&jid=854703430&gjid=1785392532&cid=266411639.1602822696&tid=UA-124614447-1&_gid=222784762.1602822696&_r=1&gtm=2ou9u1&z=1544260010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 04:31:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://chat.xhlcustomer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame DCF6 35 B
189 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=303704865&t=event&_s=2&dl=https%3A%2F%2Fchat.xhlcustomer.com%2Famp-chat.php%3ForgId%3D10818%26title%3DHome&dr=https%3A%2F%2Fm2.xhlcustomer.com%2F&ul=en-us&de=UTF-8&dt=Document&sd=24-bit&sr=1600x1200&vp=115x100&je=0&ec=general&ea=LCView&_u=oGBAAUABAAAAAC~&jid=&gjid=&cid=266411639.1602822696&tid=UA-124614447-1&_gid=222784762.1602822696&gtm=2ou9u1&cd1=10818&cd2=10818FK202010161231bua6V3&z=660373200

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 06:11:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80376
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame DCF6 1 B
88 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-124614447-1&cid=266411639.1602822696&jid=854703430&gjid=1785392532&_gid=222784762.1602822696&_u=oGBAAUAAAAAAAC~&z=790571247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Oct 2020 04:31:35 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://chat.xhlcustomer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 getConfigOrBrowserLanguageForChat
cnend.leadscloud.com/cuss-login/translate/ Frame 0
0 1312ms
256ms Other
text/html 128.1.135.160
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForChat
Protocol: HTTP/1.1
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://chat.xhlcustomer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 16 Oct 2020 04:31:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,orgId
Access-Control-Allow-Credentials: true
AMP-Same-Origin: true
Access-Control-Allow-Origin: https://chat.xhlcustomer.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
AMP-Access-Control-Allow-Source-Origin: https://chat.xhlcustomer.com
Content-Encoding: gzip

POST
H/1.1 200 getConfigOrBrowserLanguageForChat Show response
cnend.leadscloud.com/cuss-login/translate/ Frame DCF6 7 KB
3 KB 264ms
264ms XHR
application/json 128.1.135.160
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://cnend.leadscloud.com/cuss-login/translate/getConfigOrBrowserLanguageForChat
Requested by: Host: lib1.leadscloud.com
URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.135.160 Central, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6f25734f63ee84ead576e09373497f3074108a2695f9dd48bbcc7e75a5573d0d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chat.xhlcustomer.com/amp-chat.php?orgId=10818&title=Home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 16 Oct 2020 04:31:38 GMT
Content-Encoding: gzip
AMP-Access-Control-Allow-Source-Origin: https://chat.xhlcustomer.com
Server: nginx
AMP-Same-Origin: true
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://chat.xhlcustomer.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, userId, orgId

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kPLLlk2b61o
.youtube.com/	1970-01-19 17:32:54	Name: VISITOR_INFO1_LIVE Value: qqTxh4ksQs8
chat.xhlcustomer.com/	1970-01-22 13:13:42	Name: enterpriseId Value: 10818
.xhlcustomer.com/	1970-01-19 21:59:18	Name: api_msg Value: ok
.xhlcustomer.com/	1970-01-19 21:59:18	Name: _xhluvisitorid Value: 10818FK202010161231bua6V3
.xhlcustomer.com/	1970-01-19 21:59:18	Name: enterpriseId Value: 10818

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/v0.js(Line 526) Message: Powered by AMP ⚡ HTML – Version 2010010034001 https://m2.xhlcustomer.com/
console-api	warning	URL: https://cdn.ampproject.org/v0.js(Line 22) Message: [amp-sidebar toolbar] amp-sidebar toolbar is recommended to be a direct child of the <body> element to preserve a logical DOM order.
console-api	log	URL: https://lib1.leadscloud.com/xhltrackingwithchat.js(Line 1) Message: HOST m2.xhlcustomer.com
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: document.referrer https://m2.xhlcustomer.com/
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: document.referrer https://m2.xhlcustomer.com/
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: 获取游客ID或生成ID 10818FK202010161231bua6V3
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: [object Object]
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: Fri Oct 16 2020 06:31:35 GMT+0200 (Central European Summer Time)
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: urlGclid null
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: en-us
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: en
console-api	log	URL: https://lib1.leadscloud.com/js/userchatmain.js?v=20191216(Line 1) Message: ret====> [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.leadscloud.com
analysis.leadscloud.com
bawa-qiniu.leadscloud.com
cdn.ampproject.org
chat.xhlcustomer.com
cnend.leadscloud.com
fonts.googleapis.com
fonts.gstatic.com
hkend.leadscloud.com
lib1.leadscloud.com
m2.xhlcustomer.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
128.1.135.160
2606:4700:3033::6812:3339
2a00:1450:4001:802::200a
2a00:1450:4001:816::2001
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
45.79.56.123
47.242.16.186
47.244.226.94
47.246.43.223
47.96.194.133
16937ad46b7835dffa181146c3969dfd9b1b506a54a97a8a5ac027326a71b267
1c16e74dd415398fee2a02b96bf28bee8492a8140ca31ccd3a6d765b5184ec32
260b42d69664511d6a65a0c78c5ddfd93952d1ea19e759a95f6c71af0780c852
29eb02b8a67f4e721b7cd54fe7d5b1dd3d365bb34680df7072bdfa34921ff85f
31076833ab6aac7dc14c3d5c7ee155ecd616e4fc04acd40679ca9511fb8ab4cb
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4264acc5c11e949fba3e77bb8eb4ba2014edc6efc22d99d8ea4b1756deb7e482
45aca9fa8b5acb9f412f26e1a2956c7b29231572067073cc597fd28118bb8f74
45c376f8abe4f03681c0c7040db7afdf5973042e8865742042594c2bc1d3117a
4d0cdaa7b8b381f6188f55a8a5d282967f3e8a04cb503cc103ef5854bcb0f53b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c5b1f2371dbb17887101baf25efae0c2915072fa12fdaaa251a0f4f8e58733c
5ec07a3b368989c6dc9d56af487e0ce104082d46223b85053b2f9503270c3640
5f24ed65a101bd7f1d5c9c6e34dd0276c6f7366ae77fce674eac43612de93a84
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63150437bb530eaec26fbff325c0fe1792c1964a52ed2f7c8aebd068ac95cdc4
6851143668f7a81ff62888d6ded5c8600e619aabc5c1f63154183e11a03eb356
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbb7c1dfa115e66685f9e37dad44baa15179426e720da9995d27cd37b68a09b
6f25734f63ee84ead576e09373497f3074108a2695f9dd48bbcc7e75a5573d0d
728f072200dbbcaf8e053a58f94ea2277f70710824f205a3a0181e9bf5beaa81
7a5d03ea3b92693be8a8bc65709e8ed1ad6e3169433db1a2cbfcad03ff20b4da
7dbf0d6c6da5f6072395393db6f957cd36defb5df57eb281a9d230e0921c1d04
826251bd577ebd402117a5590b8212a321ac09412031620b6c982edb7998a11f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854673546c0587e6d9e3715730ef35951f34468f625a617b0e83bb818d2cbe06
8c8e88afca9b6ccd2cc70ce74e7ecf8ae502aa6a891ad8b3ee63678ba4a526b8
a32a5745de54cd2e621989a527ec01be8d5be4d88c726257359af8fac79fbdec
ab8d45dd9727b9d9f335633442708108228b2886aa56583207745f5fc9dbf500
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1e9b0d4038a9207b54e61dbc445ed1b04b61e95f3bdbb864f518f882dcd50a3
b4691d1873812ddc9242255038e8beb95f96dc55b3f1bcc3da0a3915b9344d0d
b8b53c4ef4446cb4d17f7cd47094adb36d9473a3fb89796b2067ed0204b5d50c
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
be4625eb056c6f53977b47b89622ab7f7b2d1fe5aa450aa172d9176541074318
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e354d9aad229f3110c633178af7ffbcb761027883cc0ece1e8440bb81f93327c
e4cc2f1603f6b4ff23b32b630308024a457c1adf178b51381f0923df4302789e
e4d55bae61a52dd1eeab2eabbb517e3c5b1654f1b9b597fb24cbb58c6c3390b3
e4e7e482ed8bd1e3a2b682003b7b333d7099a7f5d495253b0a51672ffda6a0e3
eeb521059627eadc5324667e51f7ec549f18c6efb79dbbed96632190895d757f
ef1ccc9b5b82554583b389c41deb7aa3f20ac541c668d30af16b06237bbe73d7
f1bdc6a85cdcdf04e54dd3f98d96a59ecc220c30d1ac611ca755473048cd61ac
f37f24e369758b24b11c2fb5ecc45b91a183793a860344fa122f6337231f1d93
f6f984b609a6c86c510d8a76c9f4a0f37c97a850b755bf78319ceff1e1ce296e
fe16a9458f344ba51ee92452d1d60185cd2e3ef090ae19af86883216c7af749c

m2.xhlcustomer.com Open in urlscan Pro 45.79.56.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

49 Requests

100 %HTTPS

54 %IPv6

9 Domains

15 Subdomains

14 IPs

5 Countries

587 kBTransfer

1621 kBSize

6 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m2.xhlcustomer.com Open in urlscan Pro
45.79.56.123 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

54 %
IPv6

9
Domains

15
Subdomains

14
IPs

5
Countries

587 kB
Transfer

1621 kB
Size

6
Cookies

49 HTTP transactions
2 data transactions