img.xqkj.top Open in urlscan Pro
163.181.56.155  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response img.xqkj.top/	1 KB 2 KB	4970ms 3686ms	Document text/html	163.181.56.155 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://img.xqkj.top/ Protocol HTTP/1.1 Server 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 3ed21289ea54e8f82de9ebbae4e0ba2930d89c9a4d8527c197ab4acf30496631 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Methods GET,POST,PUT Access-Control-Allow-Origin * Ali-Swift-Global-Savetime 1670921290 Connection keep-alive Content-Encoding gzip Content-MD5 zvbkeqZTAKX9zIgP3NPvoA== Content-Type text/html Date Tue, 13 Dec 2022 08:48:10 GMT EagleId 2ff62b1e16709212866414749e Last-Modified Wed, 13 Jan 2021 11:12:58 GMT Server Tengine Timing-Allow-Origin * Transfer-Encoding chunked Vary Accept-Encoding Via cache21.l2de2[2692,2691,200-0,M], cache3.l2de2[2693,0], ens-cache1.de4[3671,3671,200-0,M], ens-cache6.de4[3676,0] X-Cache MISS TCP_MISS dirn:9:196311255 X-Swift-CacheTime 3600 X-Swift-SaveTime Tue, 13 Dec 2022 08:48:10 GMT x-oss-cdn-auth success x-oss-hash-crc64ecma 8111313946263093044 x-oss-object-type Normal x-oss-request-id 63983C4AECF6463830979D78 x-oss-server-time 119 x-oss-storage-class Standard
GET H/1.1	200 OK	app.a9af844e0ec7f00585ae5f2aa16fe1a3.css img.xqkj.top/static/css/	666 KB 205 KB	451ms 451ms	Stylesheet text/css	163.181.56.155 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://img.xqkj.top/static/css/app.a9af844e0ec7f00585ae5f2aa16fe1a3.css Requested by Host: img.xqkj.top URL: http://img.xqkj.top/ Protocol HTTP/1.1 Server 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash bfa026eb53987ae1661e5515c43f443da8dd3fe843dd6097fecdc9231ff93cb0 Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Tue, 13 Dec 2022 08:48:10 GMT Content-Encoding gzip Via cache5.l2de2[394,393,200-0,M], cache4.l2de2[396,0], ens-cache10.de4[441,441,200-0,M], ens-cache6.de4[443,0] x-oss-request-id 63983C4A72154E303342F43D Content-MD5 ih+FxO4Fn687tD4ZM7Dgig== Age 0 X-Swift-CacheTime 3600 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Tue, 13 Dec 2022 08:48:10 GMT x-oss-object-type Normal Last-Modified Wed, 13 Jan 2021 11:12:54 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1670921290 Content-Type text/css Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,PUT x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 14861743299612662969 EagleId 2ff62b1e16709212903328518e x-oss-server-time 81
GET H/1.1	200 OK	manifest.2ae2e69a05c33dfc65f8.js Show response img.xqkj.top/static/js/	857 B 2 KB	414ms 406ms	Script application/javascript	163.181.56.155 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://img.xqkj.top/static/js/manifest.2ae2e69a05c33dfc65f8.js Requested by Host: img.xqkj.top URL: http://img.xqkj.top/ Protocol HTTP/1.1 Server 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1 Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Tue, 13 Dec 2022 08:48:10 GMT Via cache19.l2de2[394,394,200-0,M], cache11.l2de2[395,0], ens-cache5.de4[398,397,200-0,M], ens-cache6.de4[399,0] x-oss-request-id 63983C4ABEB4E134329F6831 Content-MD5 MjBVwkjAy/bhLPSyfW39mw== X-Swift-CacheTime 3600 X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Tue, 13 Dec 2022 08:48:10 GMT Content-Length 857 x-oss-object-type Normal Last-Modified Wed, 13 Jan 2021 11:12:55 GMT Server Tengine ETag "323055C248C0CBF6E12CF4B27D6DFD9B" Ali-Swift-Global-Savetime 1670921290 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,PUT x-oss-storage-class Standard Accept-Ranges bytes Timing-Allow-Origin * x-oss-hash-crc64ecma 9584248241908438234 EagleId 2ff62b1e16709212903398523e x-oss-server-time 89
GET H/1.1	200 OK	vendor.fcbf8387ce484c0c685a.js Show response img.xqkj.top/static/js/	1 MB 392 KB	430ms 422ms	Script application/javascript	163.181.56.155 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://img.xqkj.top/static/js/vendor.fcbf8387ce484c0c685a.js Requested by Host: img.xqkj.top URL: http://img.xqkj.top/ Protocol HTTP/1.1 Server 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash c76d3c7d56a998a6bca39a5c9e7dc19b45852c98f08a353a91d60ae79cfe607f Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Tue, 13 Dec 2022 08:48:10 GMT Content-Encoding gzip Via cache10.l2de2[409,408,200-0,M], cache11.l2de2[410,0], ens-cache6.de4[413,412,200-0,M], ens-cache5.de4[416,0] x-oss-request-id 63983C4AA846BB37344F8173 Content-MD5 k0KIDVFEe1baX/uJk7cOJw== Age 0 X-Swift-CacheTime 3600 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Tue, 13 Dec 2022 08:48:10 GMT x-oss-object-type Normal Last-Modified Wed, 13 Jan 2021 11:12:56 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1670921290 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,PUT x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 16843181105791706752 EagleId 2ff62b1d16709212903418633e x-oss-server-time 91
GET H/1.1	200 OK	app.6e2ae37742f7673a4bde.js Show response img.xqkj.top/static/js/	2 MB 436 KB	392ms 385ms	Script application/javascript	163.181.56.155 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://img.xqkj.top/static/js/app.6e2ae37742f7673a4bde.js Requested by Host: img.xqkj.top URL: http://img.xqkj.top/ Protocol HTTP/1.1 Server 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 3b101abcc4386863fd5415a8caad52a2cf43dd690be8b5edd827e3a2200101dd Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Tue, 13 Dec 2022 08:48:10 GMT Content-Encoding gzip Via cache4.l2de2[371,371,200-0,M], cache1.l2de2[372,0], ens-cache3.de4[376,376,200-0,M], ens-cache5.de4[378,0] x-oss-request-id 63983C4A10974233372102C9 Content-MD5 IIC3UcnzPxdh5orA7rQseQ== Age 0 X-Swift-CacheTime 3600 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Tue, 13 Dec 2022 08:48:10 GMT x-oss-object-type Normal Last-Modified Wed, 13 Jan 2021 11:12:55 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1670921290 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,PUT x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 1681453153735780577 EagleId 2ff62b1d16709212903418632e x-oss-server-time 65
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc3ece278b18b537029277b404d5b1f1768b8ac827c85578ba1757e929af6e44 Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c27cd5adcf325aa793afa363782f977d749db8d8491d989756c02642eda0991f Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d19920223212251f98c439f9834dafd1fac97f47c5f9beb68d88efb24b646dfb Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f350368e1001b96419fd0adf7c7391eef18d9abfd2f212ae381292dea489e5f8 Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/png
GET H2	200	img.xqkj.top Show response api.xqkj.top/h5/region/	76 B 450 B	1415ms 464ms	XHR application/json	163.181.56.160 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://api.xqkj.top/h5/region/img.xqkj.top Requested by Host: img.xqkj.top URL: http://img.xqkj.top/static/js/vendor.fcbf8387ce484c0c685a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.56.160 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 7c942b9905893ff160307f924d9e233aa6a62e77a52d3899c1ac7c0819eee175 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer http://img.xqkj.top/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Tue, 13 Dec 2022 08:48:12 GMT via cache30.l2sg2[31,0], cache2.l2de2[187,0], ens-cache9.de4[191,0] x-content-type-options nosniff server Tengine x-frame-options DENY vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate content-disposition inline;filename=f.txt timing-allow-origin * x-xss-protection 1; mode=block eagleid 2ff62b2116709212924203933e expires 0
GET H2	200	img.xqkj.top Show response api.xqkj.top/h5/region/	76 B 193 B	1420ms 470ms	XHR application/json	163.181.56.160 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://api.xqkj.top/h5/region/img.xqkj.top Requested by Host: img.xqkj.top URL: http://img.xqkj.top/static/js/vendor.fcbf8387ce484c0c685a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.56.160 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 7c942b9905893ff160307f924d9e233aa6a62e77a52d3899c1ac7c0819eee175 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer http://img.xqkj.top/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Tue, 13 Dec 2022 08:48:12 GMT via cache18.l2sg2[34,0], cache9.l2de2[187,0], ens-cache9.de4[189,0] x-content-type-options nosniff server Tengine x-frame-options DENY vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate content-disposition inline;filename=f.txt timing-allow-origin * x-xss-protection 1; mode=block eagleid 2ff62b2116709212926934231e expires 0
GET H2	200	img.xqkj.top Show response api.xqkj.top/h5/info/	139 B 256 B	1418ms 468ms	XHR application/json	163.181.56.160 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://api.xqkj.top/h5/info/img.xqkj.top?url=img.xqkj.top Requested by Host: img.xqkj.top URL: http://img.xqkj.top/static/js/vendor.fcbf8387ce484c0c685a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.56.160 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 2ffbb77b0f5f89e4b7fe7ee5ced1580b5382d1b3a46c1a56326063d3edf12bd5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer http://img.xqkj.top/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Tue, 13 Dec 2022 08:48:12 GMT via cache8.l2sg2[31,0], cache17.l2de2[185,0], ens-cache9.de4[187,0] x-content-type-options nosniff server Tengine x-frame-options DENY vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate content-disposition inline;filename=f.txt timing-allow-origin * x-xss-protection 1; mode=block eagleid 2ff62b2116709212926934232e expires 0
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	23 KB 7 KB	95ms 61ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=775ee965-e4eb-4d57-b608-a0b105a57f00 Requested by Host: img.xqkj.top URL: http://img.xqkj.top/static/js/vendor.fcbf8387ce484c0c685a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:13 GMT x-amz-version-id TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id PWKPA99RYMGAKE7W age 17 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 +15kZAJGUZge3hgKV9TIh9Toh6yvqcLyU6yh5udb9yTtI9QRUtqXlBcgQfbtXA0crjrAmjsEmtU= last-modified Thu, 28 Jul 2022 23:44:02 GMT server cloudflare etag W/"5cae6ce528dce0c327b2bcbaad459fdb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY5D6Fj7Orfd68TsDb78pYtHgwvLubF2lUn0fTw7fLx9VXpZ07BNQyVLqFwoY9aAaa7%2BDTeKehOH8J9GLNX%2BJuIwLYdKXNMSfvxCIm4oSvCUFWAK1gADoYxyy%2BNqmAYfhBwJ27E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 778d70810b87918c-FRA
GET H2	200	775ee965-e4eb-4d57-b608-a0b105a57f00 Show response ekr.zdassets.com/compose/	394 B 1 KB	273ms 246ms	XHR application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/775ee965-e4eb-4d57-b608-a0b105a57f00 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=775ee965-e4eb-4d57-b608-a0b105a57f00 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c8e916edccffcac5e6ba77ba5c662ab05b5ac4e48974d823a503d161291ee24 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://img.xqkj.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:13 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK x-xss-protection 1; mode=block x-request-id 778d70819840bb74-SEA, 778d70819840bb74-SEA x-runtime 0.031917 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"4c8e916edccffcac5e6ba77ba5c662ab" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u73CbnSmqR6RzwwGFhtEKk9zGn9R7hQdVDxVjzmKOz3%2BlqAcbQl8ic34g%2FrT8yWxG5oXuFMLrIWd5Y%2Feg9Eo%2F6kd2lIBwUrddUNr187LlxHkcLqfrMfZLpqDIceMvz2%2FeQA%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600 content-type application/json; charset=utf-8 x-zendesk-zorg yes vary Origin, Accept-Encoding cf-ray 778d70819840bb74-FRA
GET H2	200	web-widget-framework-3a16b4e4334cbd2a5f4b.js Show response static.zdassets.com/web_widget/latest/ Frame 60FD	151 KB 49 KB	63ms 63ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=775ee965-e4eb-4d57-b608-a0b105a57f00 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6393160a31d4531e0bab111ea31113b0012c52151a08bb3eb8f48cd008974c8b Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:13 GMT x-amz-version-id mAdpmZbYpyxtztBajj267uZ7zcp7XUPj content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id HE9GN8THV6EJ2N1R age 31692 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 xvJX1SEDJg9Z1/AmlYMnuEf+RyQ3JrlrcCiY1ifbYtwjRdmqHRVszpUHetghgkSNlTNwFiKLpP0= last-modified Mon, 12 Dec 2022 03:53:48 GMT server cloudflare etag W/"0c4afe4fc1ec97a9ec0f5a2d287e53d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsVtslS4njbh6RnU9Dhl%2BpzevIcOmSBg2lKjKegQI2vpB77ZeBmy1KdR2PZnuEL1N%2BG7QALQCQ%2BTsbwOQi8S7xBN3P7VLUbrVzga4pKfErd4MZY0puqCOxbBGbb3a%2F8GF1AaEhc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d70834829918c-FRA expires Tue, 12 Dec 2023 03:53:47 GMT
GET H2	200	config Show response newmagpiesupport.zendesk.com/embeddable/ Frame 60FD	876 B 1 KB	507ms 425ms	Fetch application/json	104.18.248.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newmagpiesupport.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.18.248.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73cd8ead2853ff5405d717b51b467c4c2b258f005024bd46c7ee9b8e04b19e47 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:13 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-57d6f46845-tknz7 x-cached MISS x-request-id 778d70845c819208-FRA x-runtime 0.017871 server cloudflare etag W/"73cd8ead2853ff5405d717b51b467c4c" access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMgiKstLZoMhf0n1xyWhIXZXA%2BkFtYHJ16RdQzltNH6QjCaewwRzUl037Fq3cjUHANeO8ZSLxh8gs6eBvyWcKnbxQV80w%2Bkgm0GCDhWhy7ZoU4b8zbLkZhjtS2%2BaH733VfkUKG36A%2FPaEt0Zhfo%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control max-age=60, public, stale-while-revalidate=600, stale-if-error=3600 vary Origin, Accept-Encoding cf-ray 778d70845c819208-FRA
GET H2	200	web-widget-classic-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/ Frame 60FD	13 KB 4 KB	49ms 48ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1034fc3cbbd0dc0da3041ff81c4d7afaceeb90797dc7ee7a820115509af5ec6d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:13 GMT x-amz-version-id WKSulJEqXAv_ju6oTFa_dnL3taTDP4Dt content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id NWC19N7BEG8WFVY8 age 31691 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 blsv0ohSQHzUzgY/VNqBdlxi63YWkKWQhOLOvI5CD6C77ue1r9X6j9FZUv2bBK0/BuuQlUV7+O4= last-modified Mon, 12 Dec 2022 03:56:30 GMT server cloudflare etag W/"01d8bfa51a238bd912133562c0a25a5e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLZIG92OEG8yJ%2BS9NdkA2M4XazZEdExUTZLY2xpmLUSYyAvjVBl%2BIWHS0pPBGtYdyG2EdpqXZo66%2FnEOU3oepo3X8CnaChzriMuoOyOw%2F9APKKfRq1hY1wXWzOpO8mB7BopIaAo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d7087084d918c-FRA expires Tue, 12 Dec 2023 03:56:29 GMT
GET H2	200	web-widget-8165-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/ Frame 60FD	663 KB 190 KB	50ms 50ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT x-amz-version-id fp99Zm_D4223iXBfjf0boSUdnKNTOxqu content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id NWC77SCGKP3E63D6 age 31691 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 6gTfF6YiMqKoIRGcgeYUSZsSETv5W09ZQBz21dwuCts8rzTAVo2ULH1GTHf8WAI9mMh5ClG7Dos= last-modified Mon, 12 Dec 2022 03:56:30 GMT server cloudflare etag W/"d519ea27f763cb6ec80aeec5b45213a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajemCvvUiJUw6%2BRTCOJluIECnaaOFZvgNGaupSaAdq7%2FCkQ1mhMRClAsvmIlf5g8%2FUkXbTFqSQP26E09Iv6ihlTlgOIeGgdqkkvjywuSmGae%2BPYfs1iZQ5h%2FA%2FixfgFgF4xBMCE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d7087591d918c-FRA expires Tue, 12 Dec 2023 03:56:29 GMT
GET H2	200	web-widget-5324-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/ Frame 60FD	492 KB 108 KB	40ms 40ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a1ca1171a7bf349f8037fa8f2f1b3b491ac5c081fc23f8c9f7d75b249e4a225 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT x-amz-version-id cUupAnfVyVKVaOdHLgbjSv75rCFq4.x5 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id NWC3ASPJ9Q28BTCG age 31691 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 gZAEG7KMH2pnGfx919LBK1H9vge3E6jg4s68iSCiKzv/Su1HdKTL2uWwt/M9WlER+V7JLCF5HBk= last-modified Mon, 12 Dec 2022 03:56:30 GMT server cloudflare etag W/"3af63eb3b3f7544b747fa56736c9a54e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNdhB9TF05eV7aG9kF%2BV%2BdQAs23aem56%2BFDfI6%2BVzC1M71zDonbyixllmxv7BYiw%2FRpZdBDjhfdX0S3%2B2xigHN0l85FQDDTSrf8LGsu1T8CUPpmOSNNZf8%2B%2BU%2BdPfguZFUZ5GSE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d70875920918c-FRA expires Tue, 12 Dec 2023 03:56:29 GMT
GET H2	200	embeddable_blip Show response newmagpiesupport.zendesk.com/ Frame 60FD	0 452 B	142ms 142ms	XHR text/plain	104.18.248.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newmagpiesupport.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiMTAyNjQ3MzllMjk1NDYwZWEwYmYzZjE5NjI1N2I5OTgiLCJzdWlkIjoiZWVlNWY3YzA5ZDE1NGEyMDlmM2ZhMTI3MzE5Zjc3MTMiLCJ2ZXJzaW9uIjoiOTRhMzUyZiIsInRpbWVzdGFtcCI6IjIwMjItMTItMTNUMDg6NDg6MTQuMTMwWiIsInVybCI6Imh0dHA6Ly9pbWcueHFrai50b3AvIy8ifQ%3D%3D Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.18.248.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT cf-cache-status MISS last-modified Tue, 13 Dec 2022 08:48:14 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare x-zendesk-zorg yes vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2F7a4ImursQ8cpzjOOb%2FyVUsNqY0Yi7iuuDN0q2WnG3pOGk1FFjIN%2FiegAAIhvOvWauFfoNXNqHEEXD0GRIHeNQOXIxiaMzCGVA5XBEg6%2FsaF3BD7kRo90hvs0Wp0sjcDQFkq4ANbDnBIeQ1gKw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * accept-ranges bytes cf-ray 778d70885ac49208-FRA content-length 0 x-request-id 778d70885ac49208-IAD
GET H2	200	embeddable_blip Show response newmagpiesupport.zendesk.com/ Frame 60FD	0 285 B	155ms 155ms	XHR text/plain	104.18.248.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newmagpiesupport.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29sb3IiOnsidGhlbWUiOiIjMEFCNzgxIiwiYnV0dG9uIjoiIzBBQjc4MSIsImhlYWRlciI6IiMwQUI3ODEiLCJsYXVuY2hlciI6IiMwQUI3ODEiLCJsYXVuY2hlclRleHQiOiIjZmZmIiwiYXJ0aWNsZUxpbmtzIjoiI0ZGNDUwMCIsInJlc3VsdExpc3RzIjoiIzAwMCJ9LCJjb250YWN0Rm9ybSI6eyJhdHRhY2htZW50cyI6dHJ1ZSwiZmllbGRzIjpbeyJpZCI6ImVtYWlsIiwicHJlZmlsbCI6eyIqIjoiTXkgY3VzdG9tIGZpZWxkIHRleHQifX0seyJpZCI6InBob25lIiwicHJlZmlsbCI6eyIqIjoiTXkgY3VzdG9tIGZpZWxkIHRleHQifX0seyJpZCI6Im1vYmlsZSIsInByZWZpbGwiOnsiKiI6Ik15IGN1c3RvbSBmaWVsZCB0ZXh0In19XSwic2VsZWN0VGlja2V0Rm9ybSI6eyIqIjoiUGxlYXNlIGNob29zZToifSwic3ViamVjdCI6dHJ1ZX0sIm5hdmlnYXRpb24iOnsicG9wb3V0QnV0dG9uIjp7ImVuYWJsZWQiOnRydWV9fSwibGF1bmNoZXIiOnsibGFiZWwiOnsiZW4tVVMiOiJOZWVkIGhlbHA%2FIiwiZnIiOiJCZXNvaW4gZCdhaWRlPyJ9LCJ0YWxrTGFiZWwiOnsiKiI6IkhlbGxvISIsImZyIjoiQm9uam91ciEiLCJkZSI6IkhhbGxvISJ9LCJiYWRnZSI6eyJsYXlvdXQiOiJkYXRhOmltYWdlL2pwZWc7YmFzZTY0LC85ai80QUFRU2taSlJnQUJBUUVBQVFBQkFBRC8yd0JEQUFVREJBUUVBd1VFQkFRRkJRVUdCd3dJQndjSEJ3OExDd2tNRVE4U0VoRVBFUkVURmh3WEV4UWFGUkVSR0NFWUdoMGRIeDhmRXhjaUpDSWVKQndlSHg3LzJ3QkRBUVVGQlFjR0J3NElDQTRlRkJFVUhoNGVIaDRlSGg0ZUhoNGVIaDRlSGg0ZUhoNGVIaDRlSGg0ZUhoNGVIaDRlSGg0ZUhoNGVIaDRlSGg0ZUhoNGVIaDcvd0FBUkNBQkxBRXNEQVNJQUFoRUJBeEVCLzhRQUd3QUJBQUVGQVFBQUFBQUFBQUFBQUFBQUFBRUNBd1FHQ0FmL3hBQXZFQUFCQXdNRUFnQUVCQWNBQUFBQUFBQUJBQUlEQkFVUkJnY1NJUk14RkJWQlVWSmhjWUVJRnlJeWthSHcvOFFBSEFFQkFBSUNBd0VBQUFBQUFBQUFBQUFBQUFFQ0JRWURCQWNJLzhRQUtoRUFBUU1EQkFFREF3VUFBQUFBQUFBQUFRQUNFUU1TSVFRRk1VRWlCaE54STJHQmNwR2gwZkgvMmdBTUF3RUFBaEVERVFBL0FQVzBSRjhzcjBaRVJFUkVSRVJFUkVSRVJFUlZJaXBra2pqWTU4ajJNYXdaYzV6Z0EwZm1UNlZRSlJWSW9EbWxuTU9ISEdlV2VzZmZLdEdxcGhVTXB6VVErYVJ2SmtmTWNuRDdnZThmbXBEU2VBa3E4aW9xSkk2ZUYwMVE5c01iUmx6M25pQVAxS3QxMVhTME5PNmV0cUk2ZUpveVhTTzQvd0Rmb3BhMXpvZ2NvU0FyNkkzSllIOFhnRVpHV2tmNktuRHZ3bi9DcWloRmlVMXhvNm11cUtLbW1FMDFNUUorSFlpY1JrTmNmUWRqdkh2NzRXV3JPWTVwaHdoQVFlRnB1OWQycjdGdGZlN3RhN2pKYnEybWpZNkNlTmpYT0R6STBCdUhkZDV4K2k1eWRWWHR1azd0bzJsckt1OXd4WEthNDFIQ3Foak5QU1VyMnlTeTV3UVhTT2RrRWs0REc0QnpoZFVhbzAxWTlUMGtGSGY3ZEZjS2FDWVRzaWxjN2h6QUlCSUJHZWllajB0Y3ZXMFczbDJsaWtxTk9Rd0NLSHdOWlJ5dnBtY0NTU0MyTWdFa25zbnMvc3R1MkhmTkR0K245dXN3azNYVGFEeEZ2WU9Nbmtjbjd6ak5ibzZ0Wjl6RGlJNVA1NlhLVjZ1RlZldGF3WE9hdHJaWXhKQXd1dUUvbmxjR3NEejVIRGp5d005aG85QVlXeDdXTXRicnRlSzNXZDFyS1MyZkpmTk5LMmVlT1J3YzRCcGpEbUFPTDNQY1dnWndjNCtwSFFQOGx0dWZpSHovQUNXbzV2NVpIekNmai9VMHRQWExBNkpRYkxiY0Nra3BYV09kOE1uajVOZmNKM2RNenhBSmZrQWNqME9sc2RmMWx0bFNqN0xROW9nREFiSUU5ZVhLNkROcTFEWDNFZy92L1M1a3ZrVmRTV3NhdnRncTdiYkxqVi9CMmR0ZFhHYW9pYmc4NmcvaEpBd0RnWXljZWc1Yk52SnAvVDIzVnl0c21tZFV6MU4va2hZeDdacC9LK0J6dXpWdGVPbUVnWUE5alBJRWRGZTRRN0c3V3hGeEdsMnU1TkxUenE1bmRINmpMK2o5ajlGazB1elcydE5hS20xeDZYZ2REVTQ4ajVKWkh6ZEhJNHlGM0p2N1kvUEs0M2VzdEI3akhBdnRiTWkxdmtEQUFKTGlUYUovVVQwcEcxVnJTTVNlNU9QakE1L2hlRGJ3MDQyc3ZWSFQ2WTFkZVo3bFYyc21xZkpYRjVEM1BBOG5YckxRNGdIT09pQ3NmZU9oZzIycXJDZEo2cHVNOXl1RnRrTjBlYTN5Q1VQYUdoeEE5QjNKK0FjK2dmZmE2QnRlemUyOXZvS3VpWnBxR29aVnRESlgxTXI1Wk1BNUFhNG5MUFEvdHdWRkZzenR0U1cycW9JZE5SK0txQWJNOTFSSzZRdERnNE5EeTdMUmtESUdNNDd5dUtoNnQwRk0wNzczV3lIZUxmcVR4UGxnTnpBejFrSzc5c3JPdWlCUEdUajR4MzJWZ2Z3ejBORmJOcExQaDlPSzI0ZVNxbkllM3lTT2M5M0hQZVNlSUM5UFdtYVIydTBMcE84dHZGaHNud2xjMk4wYlpUVXl5WWE0WVBUbkVldnF0eldrYnhxYU9xMWo2OUp4SWVTY2dBaVR4Z25BK2Z3c3RwYWJxZElNY0JqR1A4Q0lveW1WallYWVVvb3ltVWhGS0tNcGxJUlNpaktaU0VVb295bVVoRkNJaWxFUkVSRVJFUkVSRVJFUkVSRi8vOWs9IiwiaW1hZ2UiOiIiLCJsYWJlbCI6eyIqIjoieHh4IiwiZnIiOiJEaXNjdXRlIGF2ZWMgbm91cyJ9fSwibW9iaWxlIjp7ImxhYmVsVmlzaWJsZSI6dHJ1ZX19LCJvZmZzZXQiOnsiaG9yaXpvbnRhbCI6IjBweCIsInZlcnRpY2FsIjoiMjBweCIsIm1vYmlsZSI6eyJob3Jpem9udGFsIjoiMHB4IiwidmVydGljYWwiOiIxMzBweCJ9fSwicG9zaXRpb24iOnsiaG9yaXpvbnRhbCI6ImxlZnQiLCJ2ZXJ0aWNhbCI6ImJvdHRvbSJ9fX0sImJ1aWQiOiIxMDI2NDczOWUyOTU0NjBlYTBiZjNmMTk2MjU3Yjk5OCIsInN1aWQiOiJlZWU1ZjdjMDlkMTU0YTIwOWYzZmExMjczMTlmNzcxMyIsInZlcnNpb24iOiI5NGEzNTJmIiwidGltZXN0YW1wIjoiMjAyMi0xMi0xM1QwODo0ODoxNC4xNDFaIiwidXJsIjoiaHR0cDovL2ltZy54cWtqLnRvcC8jLyJ9 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a16b4e4334cbd2a5f4b.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.18.248.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT cf-cache-status MISS last-modified Tue, 13 Dec 2022 08:48:14 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare x-zendesk-zorg yes vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH%2FL13JeonYQSo%2BantjKMJjWETUxl62C98X7jZOJg%2FSjj9YstURlKTeL8%2BEcMlRdhYCZr5oSMSPYfLs3NKqOc8WyHoCmFVBXaVlnK4Yyl7b98TeDdUEjn%2FQYyGmx4blyIS2VFkiYNcV6OJAnClg%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * accept-ranges bytes cf-ray 778d70886ad89208-FRA content-length 0 x-request-id 778d70886ad89208-IAD
GET H2	200	de-de-json-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 60FD	27 KB 7 KB	39ms 39ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT x-amz-version-id X1A07GGKsLRTlUd2wDKhtshmTz7ylURy content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id CZN2S9CKK12ZBW2D age 31691 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 D4hO4fcMt+tr1Fca714dvMI9Gjy6MDMuRoiUGC3SKWMz2U7u9PQMkk+VjuHkklEmxXXm9NkgWHA= last-modified Mon, 12 Dec 2022 03:56:31 GMT server cloudflare etag W/"dee0c6a89a545cab72e7f62ab96b94c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvvgQw0ME7lQZCp%2BRAUa4GOQzVExKlihZQSyWgfwBY8WIQYqt%2Fo5n7vm5EkadRyiLXHNzPMax6fcfHgAus4pLJIeA%2BVA5UlhC%2F4QiRrSqP5jynlukjab1DeGPXAYBfMb3jQ9s70%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d70886b3a918c-FRA expires Tue, 12 Dec 2023 03:56:30 GMT
GET H2	200	web-widget-chat-sdk-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/ Frame 60FD	202 KB 51 KB	29ms 29ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:14 GMT x-amz-version-id J6RQQMMyudfm_O5U7y2MyVS_G8ASS_pD content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id CZN4HQY5XFN8RX7H age 31691 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 cyZdpHfWgm0RdRuNmNR/3bQBBr85JgCPUzEkGk1FAE6qb/a7LS2W2c/zASUkh67/pHA7GonfA9BuPD6ZFrY4Dw== last-modified Mon, 12 Dec 2022 03:56:30 GMT server cloudflare etag W/"d366c0776c2bacba354d40e564c3d3e6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiZeyKU1ZZhKR8RTLQ%2BBbulKjojivXcDMlDomyzYM6wyMG3Yy7sCSmCwxLdJEj3S3Mf9cd8vy4YyFdaZqCDEAEP0cUMsU1LxAvgTuztfxQiWXYIveJSA8MSlBUijjhc%2FYTHGWaI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d7088bc09918c-FRA expires Tue, 12 Dec 2023 03:56:29 GMT
GET H2	200	web-widget-chat-incoming-message-notification-94a352f.js Show response static.zdassets.com/web_widget/latest/classic/ Frame 60FD	208 B 632 B	25ms 25ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-94a352f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-94a352f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 08:48:16 GMT x-amz-version-id iJEwP_HLV3ltHLSebqqxktlSQ5_Vrhqf content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id CZNFY2A25ZZ5MV23 age 31693 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 ic35cQAt+zm1zOlCjNeN9avIW6YCQs5glR0Y/gYQuk9tCtMT38FSYR4hYKkKgzrA6V36Utzt3yQ= last-modified Mon, 12 Dec 2022 03:56:30 GMT server cloudflare etag W/"659635f5ad1b6653645380f46aa42236" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDDBHT26fnCQYQKdN6qMCVCPa7WIMZnLr5FyLDYXoEc3d%2BtuHxHVXjjQtpzenPVEyM%2FuuYhTnx0aoztEbGVts%2F84UXsu9xrblBg7k1uzQP7dFMQ6AwimyGTi0gI7oxFSoPRzZOk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d7093fc47918c-FRA expires Tue, 12 Dec 2023 03:56:29 GMT
GET H2	206	fda6cd35495c75f83508d9d2e77ee33d.mp3 static.zdassets.com/web_widget/latest/classic/ Frame 60FD	19 KB 20 KB	31ms 31ms	Media audio/mpeg	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Range bytes=0- Response headers date Tue, 13 Dec 2022 08:48:16 GMT x-amz-version-id 3iTCFLMhOfhdTdwytLDLKnm7Oh_paPiP cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id Z95MG44K9JP3V4EX age 5412749 x-amz-server-side-encryption AES256 Content-Range bytes 0-19697/19698 x-amz-replication-status COMPLETED Content-Length 19698 x-amz-id-2 e/jehAy//i99RJWHmpdaRVHUEj/SaRGFB0uS86a5XtXssyK+BFM1l1b39fk5+/AQL1CT1UIO2Uk= last-modified Tue, 11 Oct 2022 04:42:31 GMT server cloudflare etag "f11ce9e8f40a392830217253fe75d6de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0Rhq8zqFWQc5KkHQWWVykMsRGUg%2F45Vno2y7rO3z%2B04NPDwmMuBz%2FkexDnRxVD5Yljhqai0njB3CrTfy2Kwa9nHlKoUAW6e0QG8ncKwzVMl5aFlcCpuA9l%2BC3tSPJpnGxs37Co%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg; charset=utf-8 cache-control public, max-age=31536000 cf-ray 778d70942c92918c-FRA expires Wed, 11 Oct 2023 04:42:30 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange function| webpackJsonp object| __core-js_shared__ function| _ function| $log function| setRem object| zESettings object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			widget-mediator.zopim.com/	1970-01-20 08:18:46	Name: AWSALBCORS Value: TJJ8mBFuLRyR/DV1X1Jx/m7GKi7r68L8wb5MMu3nSGkSugq5HEK5gto9Bw98aES8xdoK4GdU2Q790usa0EvT54irzIhBgmQub+VSsTd+6xmQj2YL2gACnxURovLO
			.xqkj.top/	1970-01-20 16:54:17	Name: __zlcmid Value: 1DPlRkXTNqeN6k3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.xqkj.top
ekr.zdassets.com
img.xqkj.top
newmagpiesupport.zendesk.com
static.zdassets.com
104.18.248.37
104.18.70.113
104.18.72.113
163.181.56.155
163.181.56.160
1034fc3cbbd0dc0da3041ff81c4d7afaceeb90797dc7ee7a820115509af5ec6d
2ffbb77b0f5f89e4b7fe7ee5ced1580b5382d1b3a46c1a56326063d3edf12bd5
3b101abcc4386863fd5415a8caad52a2cf43dd690be8b5edd827e3a2200101dd
3ed21289ea54e8f82de9ebbae4e0ba2930d89c9a4d8527c197ab4acf30496631
4c8e916edccffcac5e6ba77ba5c662ab05b5ac4e48974d823a503d161291ee24
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
5a1ca1171a7bf349f8037fa8f2f1b3b491ac5c081fc23f8c9f7d75b249e4a225
6393160a31d4531e0bab111ea31113b0012c52151a08bb3eb8f48cd008974c8b
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
73cd8ead2853ff5405d717b51b467c4c2b258f005024bd46c7ee9b8e04b19e47
7c942b9905893ff160307f924d9e233aa6a62e77a52d3899c1ac7c0819eee175
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
bfa026eb53987ae1661e5515c43f443da8dd3fe843dd6097fecdc9231ff93cb0
c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89
c27cd5adcf325aa793afa363782f977d749db8d8491d989756c02642eda0991f
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c76d3c7d56a998a6bca39a5c9e7dc19b45852c98f08a353a91d60ae79cfe607f
d19920223212251f98c439f9834dafd1fac97f47c5f9beb68d88efb24b646dfb
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f350368e1001b96419fd0adf7c7391eef18d9abfd2f212ae381292dea489e5f8
fc3ece278b18b537029277b404d5b1f1768b8ac827c85578ba1757e929af6e44