urlscan.io logo urlscan.io
SecurityTrails logo

www.yeskandu.com Open in urlscan Pro
35.158.87.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kandu.chat/
Effective URL: https://www.yeskandu.com/chat
Submission: On June 17 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 8 domains to perform 33 HTTP transactions. The main IP is 35.158.87.123, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.yeskandu.com.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time www.yeskandu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.152.147 16509 (AMAZON-02)
1 2 35.158.87.123 16509 (AMAZON-02)
1 3.72.135.223 16509 (AMAZON-02)
8 18.65.39.65 16509 (AMAZON-02)
2 172.217.16.202 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
14 104.18.29.104 13335 (CLOUDFLAR...)
2 13.107.246.45 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 13.107.22.237 8068 (MICROSOFT...)
3 20.122.63.128 8075 (MICROSOFT...)
33 10
1    3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
kandu.chat
2    35.158.87.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-87-123.eu-central-1.compute.amazonaws.com
yeskandu.com
www.yeskandu.com
1    3.72.135.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-135-223.eu-central-1.compute.amazonaws.com
fonts.softr-files.com
8    18.65.39.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-65.ams1.r.cloudfront.net
assets.softr-files.com
2    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
maps.googleapis.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.zenbooker.com
14    104.18.29.104 (None, )

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
image.crisp.chat
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.22.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
Apex Domain
Subdomains		 Transfer
14 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 23634
image.crisp.chat — Cisco Umbrella Rank: 80257
269 KB
9 softr-files.com
fonts.softr-files.com — Cisco Umbrella Rank: 298731
assets.softr-files.com — Cisco Umbrella Rank: 233149
206 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
c.clarity.ms — Cisco Umbrella Rank: 1472
p.clarity.ms — Cisco Umbrella Rank: 7796
28 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 391
85 KB
2 yeskandu.com
yeskandu.com
www.yeskandu.com
9 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 226
764 B
1 zenbooker.com
cdn.zenbooker.com — Cisco Umbrella Rank: 600252
15 KB
1 kandu.chat
kandu.chat
319 B
33 8
Domain Requested by
11 client.crisp.chat www.yeskandu.com
client.crisp.chat
8 assets.softr-files.com www.yeskandu.com
3 image.crisp.chat
3 p.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms www.yeskandu.com
www.clarity.ms
2 maps.googleapis.com www.yeskandu.com
maps.googleapis.com
1 c.bing.com 1 redirects
1 cdn.zenbooker.com www.yeskandu.com
1 fonts.softr-files.com www.yeskandu.com
1 www.yeskandu.com
1 yeskandu.com 1 redirects
1 kandu.chat 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
kandu.crisp.watch
Subject Issuer Validity Valid
www.yeskandu.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
fonts.softr-files.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
content.softr-files.com
Amazon RSA 2048 M03		 2024-01-06 -
2025-02-03		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
zenbooker.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
crisp.chat
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://www.yeskandu.com/chat
Frame ID: 1B554B1ADA73B89E96F636FD65B3F8B6
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chat with Us | Kandu

Page URL History Show full URLs

  1. http://kandu.chat/ HTTP 307
    https://kandu.chat/ HTTP 307
    http://kandu.chat/ HTTP 301
    https://yeskandu.com/chat HTTP 301
    https://www.yeskandu.com/chat Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

10
IPs

5
Countries

611 kB
Transfer

1905 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kandu.chat/ HTTP 307
    https://kandu.chat/ HTTP 307
    http://kandu.chat/ HTTP 301
    https://yeskandu.com/chat HTTP 301
    https://www.yeskandu.com/chat Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&RedC=c.clarity.ms&MXFR=191C98BEF6F363C132D58C1FF2F36D92 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&MUID=34E11856DE206E9925C00CF7DFE66FAE

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chat
www.yeskandu.com/
Redirect Chain
  • http://kandu.chat/
  • https://kandu.chat/
  • http://kandu.chat/
  • https://yeskandu.com/chat
  • https://www.yeskandu.com/chat
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.87.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-87-123.eu-central-1.compute.amazonaws.com
Software
my-server /
Resource Hash
efa5646166a7df2ebc0934a15b3cc8e44b70cac90c76a22fc0963ec3688ab9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-AT,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 17 Jun 2024 15:58:20 GMT
expires
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
my-server
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
175
content-type
text/html
date
Mon, 17 Jun 2024 15:58:20 GMT
location
https://www.yeskandu.com/chat
referrer-policy
no-referrer-when-downgrade
server
my-server
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
css
fonts.softr-files.com/google/api/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.softr-files.com/google/api/css?family=Red+Hat+Display:300,400,500,600,700,800,900,300i,400i,500i,600i,700i,800i,900i&display=swap
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.135.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-135-223.eu-central-1.compute.amazonaws.com
Software
my-server /
Resource Hash
80ba9ddb5a07b7bc7a4f5d55c5fb5347501d1ab43c6dcc918d78e525118ff94b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
my-server
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jun 2024 15:58:20 GMT
bootstrap.min.css
assets.softr-files.com/libs/bootstrap/4.3.1/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Sun, 16 Jun 2024 19:57:54 GMT
last-modified
Fri, 27 Jan 2023 23:02:50 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
72027
x-amz-server-side-encryption
AES256
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
99M7WryHIBFmm8jwCPwmO6hdhYF6PaaEOm-cped7GmaFgVZZv3jXwA==
all.min.css
assets.softr-files.com/libs/font-awesome/6.5.0/css/ 		100 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/font-awesome/6.5.0/css/all.min.css
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iWOhSlc2nBFcJoV8gYdJ4rSyEw.AyL87
content-encoding
br
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 07:11:48 GMT
last-modified
Thu, 30 Nov 2023 12:38:50 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
31593
x-amz-server-side-encryption
AES256
etag
W/"c43cd173eeeba2f72aa6b431d06b8c07"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
fFmQvLitXY8outup5ue-rvULZ5_q4ly91NF5vlWheAy1aTll5vqkWg==
js
maps.googleapis.com/maps/api/ 		259 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBasn1yEny407cGVO5X-O7Gt0rhK0Ur7Z8&libraries=places&callback=Function.prototype
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
2386d1663fd064a25db25224c98c203482eb1d4c4d32bc364f5891c7b58534ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87080
x-xss-protection
0
jquery.min.js
assets.softr-files.com/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tGyBKyxF_dLyfd1sC0jRFrbmLIx8v41.
content-encoding
gzip
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 11:07:15 GMT
last-modified
Sun, 24 Dec 2023 11:31:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
17466
x-amz-server-side-encryption
AES256
etag
W/"e6c2415c0ace414e5153670314ce99a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
I5VWAlzWfJjYLBPU4fF_BuUnvkGsrGlmfWJklZi4-4i18zKpN2YfYA==
popper.min.js
assets.softr-files.com/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 07:04:06 GMT
last-modified
Fri, 27 Jan 2023 23:47:26 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
32055
x-amz-server-side-encryption
AES256
etag
W/"56456db9d72a4b380ed3cb63095e6022"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
D5Wb2G-KG8urLsKHYJf6R0_SugrZRfBjkSYZNb2qPgc6MacUobsPRg==
bootstrap.min.js
assets.softr-files.com/libs/bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 11:06:05 GMT
last-modified
Fri, 27 Jan 2023 23:05:08 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
17536
x-amz-server-side-encryption
AES256
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LPKfsuTSZsMi7zmplo61l5BXN9WdQ2iASpnbIOfEnGiwYn4HmNey8w==
micromodal.min.js
assets.softr-files.com/libs/micromodal/0.4.10/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/micromodal/0.4.10/micromodal.min.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 13:02:00 GMT
last-modified
Fri, 27 Jan 2023 23:52:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
10581
x-amz-server-side-encryption
AES256
etag
W/"dd694c727fc5e6f6372e142b66ddb576"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dhWyJLS-KsTN6YgbYZ6thsO0C5jv3P7J9dcXyblbfCvzs9i25z14mA==
zenbooker.js
cdn.zenbooker.com/widget/latest/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zenbooker.com/widget/latest/zenbooker.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01d4d62a404aefb2dc85439344b48dc2614a1dcb505f96a4615f1a692a8b34c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01J0AV4SQZWYZ8YMA3H26XWE82
date
Mon, 17 Jun 2024 15:58:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"c0ae682928b54b7d8ef30920d421b07a-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFWvRt9XkoCFyE1CfgAsFLcYv7%2BHAB8TGqwDN1T7QKtjHGbszwhtobm38XfvnP73ImzwBXrvKiF9xwYnLTJAZogR02dN1YDgRx9qVtXQC9Yd9Us3z0ajHrBW1JjUofn5M93fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
89543d948846c2de-VIE
priority
u=1,i=?0
iframeResizer.contentWindow.min.js
assets.softr-files.com/libs/iframe-resizer/4.2.11/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/libs/iframe-resizer/4.2.11/iframeResizer.contentWindow.min.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
107fbb21d462c56b56e6d741c0c9135cbf87bd6e6d02a578a1ffc76c067b9c47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 07:07:49 GMT
x-amz-cf-pop
AMS1-P1
age
31832
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 27 Jan 2023 23:53:36 GMT
server
AmazonS3
etag
W/"52d6fb0d394ff9d946143dfb1104719b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
EnvrxN2pfPlyK3oVkvj1VMQaTn1PkPHAK6-UMA6r6d_QVbvhPeTO-g==
l.js
client.crisp.chat/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a92fc5517861a30778d20421b8aa6361b53b0f072f9f02f31bf871655d3131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3432
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-217d"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d95ebac5bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Tue, 18 Jun 2024 15:58:21 GMT
dkkdyziqta
www.clarity.ms/tag/ 		655 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dkkdyziqta?ref=softr
Requested by
Host: www.yeskandu.com
URL: https://www.yeskandu.com/chat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfdf3e419f37cc6b0ea2920ec4a0d042dd678470447648b841e5b44944f0b33e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 17 Jun 2024 15:58:21 GMT
x-azure-ref
20240617T155821Z-186d9555b948xsbpnnvukt0akc00000000d000000001yww3
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
655
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
client.js
client.crisp.chat/static/javascripts/ 		445 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7ca38139fc108f4edbc04a292cd759680078c0c549631ce9572ce2fc3a60e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-6f47a"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89543d961bf65bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:21 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		432 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023a286adfb7f15cc9d76b4e54eba5c0b2907a863fb07508bd185ea54e769a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 12:04:43 GMT
server
cloudflare
etag
W/"6670265b-6bf5a"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89543d961bf85bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:21 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBasn1yEny407cGVO5X-O7Gt0rhK0Ur7Z8&libraries=places&callback=Function.prototype
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yeskandu.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dkkdyziqta?ref=softr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240617T155821Z-186d9555b948xsbpnnvukt0akc00000000d000000001ywwp
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9fe942ff-a01e-003d-2de8-bf58c0000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
/
client.crisp.chat/settings/website/79696a0c-6de3-480b-96b8-ef4700a060ad/prelude/ 		214 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/79696a0c-6de3-480b-96b8-ef4700a060ad/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-5-17-17-58
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5700657dd67bf158eb18a33f54cb8d1378937036f2f586d74a66eaab5707d064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
173
last-modified
Mon, 17 Jun 2024 15:58:21 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d976d675bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Mon, 17 Jun 2024 19:58:21 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&RedC=c.clarity.ms&MXFR=191C98BEF6F363C132D58C1FF2F36D92
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&MUID=34E11856DE206E9925C00CF7DFE66FAE
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&MUID=34E11856DE206E9925C00CF7DFE66FAE
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-AT,de;q=0.9;q=0.9
Referer
https://www.yeskandu.com/chat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 15:58:20 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 17 Jun 2024 15:58:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0DAD7380C15A4A40B53A71FC5BA3250F Ref B: VIEEDGE2519 Ref C: 2024-06-17T15:58:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F48599267FCD44AC875DB635BE5E6829&MUID=34E11856DE206E9925C00CF7DFE66FAE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
10b4a84a-088e-4f75-af1f-00b4787ea36c.png
assets.softr-files.com/applications/5080e05d-b574-4110-a554-01f286d600f6/assets/ 		98 KB
99 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.softr-files.com/applications/5080e05d-b574-4110-a554-01f286d600f6/assets/10b4a84a-088e-4f75-af1f-00b4787ea36c.png?rnd=1658671797715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-65.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58bb722524d412ac77bfe2c5797f883a20ac8dded8f09b60e217681d63895db0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
x-amz-version-id
null
via
1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
last-modified
Sun, 24 Jul 2022 14:09:58 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
etag
"f5652e970a648143158a4296536a159b"
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
100737
x-amz-cf-id
EYr9EIA5Ybxb1jJxkbAlrERHNXNkdHRlYmWdShevNTkmZdg97FIlGQ==
collect
p.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.yeskandu.com
Date
Mon, 17 Jun 2024 15:58:21 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
client.crisp.chat/settings/website/79696a0c-6de3-480b-96b8-ef4700a060ad/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/79696a0c-6de3-480b-96b8-ef4700a060ad/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1717494139080
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4cff182ae9ad37d2831eee615ce24008e51ab8062859e7088a6c9a3cfd3dde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1321
last-modified
Mon, 17 Jun 2024 15:58:21 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9a18375bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Mon, 17 Jun 2024 19:58:21 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050407433b701535895e0212bc339244187d5ce0abe93f255fb7e0a76765872d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3610
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-250b"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9ab8ca5bad-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:21 GMT
truncated
/ 		613 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dabd2a598ecc313b7b3b6f43b443acf5e2296b3636f9610ae44741bcc8654d15

Request headers

Referer
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

Accept-Language
de-AT,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
image.crisp.chat/avatar/operator/dd4c1477-a3d0-4542-97b0-f016184fe430/120/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.crisp.chat/avatar/operator/dd4c1477-a3d0-4542-97b0-f016184fe430/120/?1717494139080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d25a365d0373c78621b39d3e71aef431bacfb4dbcba8ec5402f5a644a39cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4371
last-modified
Mon, 17 Jun 2024 12:28:59 GMT
server
cloudflare
etag
W/"1113-190262c0bdd"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89543d9b49575bad-VIE
expires
Thu, 15 Jun 2034 15:58:22 GMT
/
image.crisp.chat/avatar/operator/6b72c0b5-d9d7-4c8d-ae62-2546a38f79ff/120/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.crisp.chat/avatar/operator/6b72c0b5-d9d7-4c8d-ae62-2546a38f79ff/120/?1717494139080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f0c778f1c3f99532a85efd24df7a08c4f56779443d8552c63d3069bc7c83bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1782
last-modified
Mon, 17 Jun 2024 14:02:28 GMT
server
cloudflare
etag
W/"6f6-1902681a4d3"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89543d9b49565bad-VIE
expires
Thu, 15 Jun 2034 15:58:22 GMT
/
image.crisp.chat/avatar/website/79696a0c-6de3-480b-96b8-ef4700a060ad/120/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.crisp.chat/avatar/website/79696a0c-6de3-480b-96b8-ef4700a060ad/120/?1717494139080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa324daf5b5a9f465ad70df8dea9939634162b06be58e266671f14a6dd4f087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2078
last-modified
Mon, 17 Jun 2024 14:02:28 GMT
server
cloudflare
etag
W/"81e-1902681a40b"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
89543d9b49545bad-VIE
expires
Thu, 15 Jun 2034 15:58:22 GMT
truncated
/ 		383 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eac5040e4125a427316bfda3515a596b2e7d8baea9918b2e180477bea91a5eac

Request headers

Referer
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		589 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe55866cd0de081f276c1b847c2cbb2a142bc8ff0a546756e2a7b7636045705

Request headers

Referer
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		472 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c8458beb62bebb5a473323fea91587a5189fcf8dc7a42a58bd6d1a25b6d2604

Request headers

Referer
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8511221f0380f32a9ebdd03ce5d1deef04787915482a3a285df8a1ac0c06fba

Request headers

Referer
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10252
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
"64d22e8c-280c"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9b8a8ec2e8-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:22 GMT
noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10340
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
"64d22e8c-2864"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9b8a90c2e8-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:22 GMT
noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/2000-206F/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/fonts/noto_sans/2000-206F/noto_sans_regular.woff2?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://client.crisp.chat/static/stylesheets/client_default.css?b6c718d
Origin
https://www.yeskandu.com
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7012
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
"64d22e8c-1b64"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9b8a91c2e8-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:22 GMT
chat-message-receive.oga
client.crisp.chat/static/sounds/events/ 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11014
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
"64d22e8c-2b06"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
audio/ogg
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9b7a7ac2e8-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:22 GMT
chat-message-action.oga
client.crisp.chat/static/sounds/events/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/sounds/events/chat-message-action.oga?b6c718d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8022aa161cb6a8060e3d1582e184a1315a51f5de5f39b4641e4bf1a691ba745b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4290
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
"64d22e8c-10c2"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
audio/ogg
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89543d9b7a79c2e8-VIE
access-control-allow-headers
Content-Type, Origin
expires
Thu, 15 Jun 2034 15:58:22 GMT
collect
p.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.yeskandu.com
Date
Mon, 17 Jun 2024 15:58:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
p.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.yeskandu.com/chat
Accept-Language
de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.yeskandu.com
Date
Mon, 17 Jun 2024 15:58:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| $crisp string| CRISP_WEBSITE_ID object| d object| s function| clarity object| application_context boolean| is401Page function| getUrlVars object| crisp_keys object| CRISP_RUNTIME_CONFIG function| $ function| jQuery function| Popper object| bootstrap object| MicroModal function| openSwModal object| custom-code1 function| addConversionDetailsToZenbookerHostedBookingLinks string| eventMethod function| eventer string| messageEvent function| zenbookerPassQueryStringsToEmbed function| iFrameResize object| Zenbooker function| setCookie function| getUrlParam boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView

12 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 215d294207834325926eb2330b773708.20240617.20250617
.yeskandu.com/ Name: _clck
Value: ygmqks%7C2%7Cfmp%7C0%7C1629
.yeskandu.com/ Name: crisp-client%2Fsession%2F79696a0c-6de3-480b-96b8-ef4700a060ad
Value: session_eea2554f-8b6f-49a3-b8a5-a96458dae6a1
.bing.com/ Name: MUID
Value: 34E11856DE206E9925C00CF7DFE66FAE
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 34E11856DE206E9925C00CF7DFE66FAE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 34E11856DE206E9925C00CF7DFE66FAE
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.yeskandu.com/ Name: crisp-client%2Fsocket%2F79696a0c-6de3-480b-96b8-ef4700a060ad
Value: 1
.yeskandu.com/ Name: _clsk
Value: uojnmz%7C1718639902005%7C1%7C1%7Cp.clarity.ms%2Fcollect

3 Console Messages

Source Level URL
Text
rendering warning URL: https://www.yeskandu.com/chat(Line 8)
Message:
The key "target-densitydpi" is not supported.
rendering warning URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d(Line 6)
Message:
The key "target-densitydpi" is not supported.
other warning URL: https://client.crisp.chat/static/javascripts/client.js?b6c718d(Line 6)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.softr-files.com
c.bing.com
c.clarity.ms
cdn.zenbooker.com
client.crisp.chat
fonts.softr-files.com
image.crisp.chat
kandu.chat
maps.googleapis.com
p.clarity.ms
www.clarity.ms
www.yeskandu.com
yeskandu.com
104.18.29.104
13.107.22.237
13.107.246.45
172.217.16.202
18.65.39.65
188.114.96.3
20.122.63.128
3.33.152.147
3.72.135.223
35.158.87.123
68.219.88.97
023a286adfb7f15cc9d76b4e54eba5c0b2907a863fb07508bd185ea54e769a30
02d25a365d0373c78621b39d3e71aef431bacfb4dbcba8ec5402f5a644a39cd7
050407433b701535895e0212bc339244187d5ce0abe93f255fb7e0a76765872d
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
107fbb21d462c56b56e6d741c0c9135cbf87bd6e6d02a578a1ffc76c067b9c47
158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4
2386d1663fd064a25db25224c98c203482eb1d4c4d32bc364f5891c7b58534ad
34f0c778f1c3f99532a85efd24df7a08c4f56779443d8552c63d3069bc7c83bf
46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7
4fe55866cd0de081f276c1b847c2cbb2a142bc8ff0a546756e2a7b7636045705
5700657dd67bf158eb18a33f54cb8d1378937036f2f586d74a66eaab5707d064
58bb722524d412ac77bfe2c5797f883a20ac8dded8f09b60e217681d63895db0
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
7c8458beb62bebb5a473323fea91587a5189fcf8dc7a42a58bd6d1a25b6d2604
8022aa161cb6a8060e3d1582e184a1315a51f5de5f39b4641e4bf1a691ba745b
80ba9ddb5a07b7bc7a4f5d55c5fb5347501d1ab43c6dcc918d78e525118ff94b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a5a92fc5517861a30778d20421b8aa6361b53b0f072f9f02f31bf871655d3131
bd7ca38139fc108f4edbc04a292cd759680078c0c549631ce9572ce2fc3a60e6
bfdf3e419f37cc6b0ea2920ec4a0d042dd678470447648b841e5b44944f0b33e
c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dabd2a598ecc313b7b3b6f43b443acf5e2296b3636f9610ae44741bcc8654d15
de4cff182ae9ad37d2831eee615ce24008e51ab8062859e7088a6c9a3cfd3dde
dfa324daf5b5a9f465ad70df8dea9939634162b06be58e266671f14a6dd4f087
e01d4d62a404aefb2dc85439344b48dc2614a1dcb505f96a4615f1a692a8b34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8511221f0380f32a9ebdd03ce5d1deef04787915482a3a285df8a1ac0c06fba
eac5040e4125a427316bfda3515a596b2e7d8baea9918b2e180477bea91a5eac
efa5646166a7df2ebc0934a15b3cc8e44b70cac90c76a22fc0963ec3688ab9b2
fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848