xiqworkbench.xiqonline.com Open in urlscan Pro
18.239.18.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Submission Tags: falconsandbox
Submission: On July 27 via api (July 27th 2024, 2:50:57 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 36 HTTP transactions. The main IP is 18.239.18.6, located in United States and belongs to AMAZON-02, US. The main domain is xiqworkbench.xiqonline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2024. Valid for: a year.

This is the only time xiqworkbench.xiqonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	18.239.18.6 18.239.18.6	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	35.80.231.11 35.80.231.11	16509 (AMAZON-02) (AMAZON-02)
4	54.172.247.4 54.172.247.4	14618 (AMAZON-AES) (AMAZON-AES)
1	18.239.94.121 18.239.94.121	16509 (AMAZON-02) (AMAZON-02)
1	52.218.233.56 52.218.233.56	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	18.245.253.48 18.245.253.48	16509 (AMAZON-02) (AMAZON-02)
2	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
5	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	18.245.60.105 18.245.60.105	16509 (AMAZON-02) (AMAZON-02)
36	17

7 18.239.18.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-6.ams58.r.cloudfront.net

xiqworkbench.xiqonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.80.231.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-231-11.us-west-2.compute.amazonaws.com

wb-2-prod.xiqonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.172.247.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-247-4.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.233.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.253.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-253-48.lhr5.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-105.fra60.r.cloudfront.net

537833938274509.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	xiqonline.com xiqworkbench.xiqonline.com wb-2-prod.xiqonline.com	2 MB
5	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 441	2 KB
5	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 22502 537833938274509.webpush.freshchat.com	24 KB
3	gstatic.com fonts.gstatic.com	65 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	42 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	amazonaws.com s3.us-west-2.amazonaws.com	5 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	24 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	102 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	23 KB
36	14

	Domain	Requested by
7	xiqworkbench.xiqonline.com	xiqworkbench.xiqonline.com
5	bam.nr-data.net	xiqworkbench.xiqonline.com
4	wchat.freshchat.com	xiqworkbench.xiqonline.com wchat.freshchat.com
3	fonts.gstatic.com	fonts.googleapis.com
2	js-agent.newrelic.com	xiqworkbench.xiqonline.com
2	wb-2-prod.xiqonline.com	xiqworkbench.xiqonline.com
2	region1.google-analytics.com	xiqworkbench.xiqonline.com
2	fonts.googleapis.com	xiqworkbench.xiqonline.com
1	537833938274509.webpush.freshchat.com	xiqworkbench.xiqonline.com
1	script.hotjar.com	xiqworkbench.xiqonline.com
1	s3.us-west-2.amazonaws.com	xiqworkbench.xiqonline.com
1	static.hotjar.com	xiqworkbench.xiqonline.com
1	stackpath.bootstrapcdn.com	xiqworkbench.xiqonline.com
1	cdnjs.cloudflare.com	xiqworkbench.xiqonline.com
1	code.jquery.com	xiqworkbench.xiqonline.com
1	www.googletagmanager.com	xiqworkbench.xiqonline.com
1	cdn.jsdelivr.net	xiqworkbench.xiqonline.com
36	17

This site contains no links.

Subject Issuer	Validity	Valid
*.xiqonline.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-19` - `2025-07-25`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-07-15` - `2025-07-08`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon RSA 2048 M02	`2024-06-04` - `2025-07-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Frame ID: 7559870197480BF197DCCF787B16EAF3
Requests: 32 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=1f9215d1-96af-4a4d-9634-cecb117ff337&origin=https://xiqworkbench.xiqonline.com
Frame ID: C637F9D92DE34052348FE27B6C90500F
Requests: 1 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=1f9215d1-96af-4a4d-9634-cecb117ff337&referrer=aHR0cHM6Ly94aXF3b3JrYmVuY2gueGlxb25saW5lLmNvbQ==&eagerLoad=true
Frame ID: 10B1E47BF5693C2797400F7FAB5476C2
Requests: 1 HTTP requests in this frame

Frame: https://537833938274509.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly94aXF3b3JrYmVuY2gueGlxb25saW5lLmNvbQ==
Frame ID: B91044698BE32338B8C8FDB61E13DF26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Workbench

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

36
Requests

100 %
HTTPS

41 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

2151 kB
Transfer

2894 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9a54072a41544c179fab252a45f45d5a Show response
xiqworkbench.xiqonline.com/unsub/ 89 KB
90 KB 1388ms
882ms Document
text/html 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-6.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6a101fde9075ad054e8e363bda36b53cf4eb079734b270d70db3ad371a094af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 91527
content-type: text/html
date: Sat, 27 Jul 2024 14:50:50 GMT
etag: "c4aab37568e46a8cae16c2b67c931092"
last-modified: Fri, 26 Jul 2024 14:29:00 GMT
server: AmazonS3
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-cf-id: RCJBXcA8x84rOizek6Sf7u4zlfHg_VLOSCwjzRsAKJgNqPdsqSQCCQ==
x-amz-cf-pop: AMS58-P6
x-cache: Error from cloudfront

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/ 151 KB
23 KB 334ms
116ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7250019
x-jsd-version: 5.0.0-beta3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22809
x-served-by: cache-fra-eddf8230038-FRA, cache-lga21922-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6s0rthDkCRdQ1FPwhN0BzqFoa2T72zZd22begoM9AzjLy3ryBmJoXAn9iBApRH%2Ba4AIYSC%2F9nk8IzHQO5OXl8i2bqzGG23YY6nVMANGK5pfW96zOmtXboCWCrqx8XqHE3fSm6VGAPFMKFP7oHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9d71af8e939f51-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 343ms
113ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DYPSYYLDKY

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e475979a87795e62429d9a2b597ac954b17d9159a0d4a237fb7888e81ca36c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jul 2024 14:50:50 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 399ms
117ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 177082
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-mad2200132-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722091850.237319,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 14, 5132

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 228ms
109ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 775928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUNquRpSpV074qyYFSpQm2SUAhs4Lpve%2FRFTR9CcHxWxQM2w%2FFljNz%2Fvtj0sUI67PmvtkPyGm1h%2B3xTtY%2FJAKsgkj%2FEQXT4kQjULhvituFx1HoPdShj6rxWMkjlPMGEbc%2FuOZnFx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9d71aeef4f377b-FRA
expires: Thu, 17 Jul 2025 14:50:50 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 245ms
110ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1078
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 467642
cdn-cachedat: 03/18/2024 12:13:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: adbc1b9596075e19024eaf7d975360ce
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8a9d71aefafb915e-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 343ms
98ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 13:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jul 2024 14:50:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
859 B 343ms
98ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600;700&display=swap

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8fb3e27646ebdd89dfe44a287bd41b299a17ac8373ea7f584a13d6aa7ae800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jul 2024 14:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 14:50:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jul 2024 14:50:50 GMT

GET
H2 200 main.6ef2808c.chunk.css
xiqworkbench.xiqonline.com/static/css/ 624 KB
626 KB 1033ms
1032ms Stylesheet
text/css 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xiqworkbench.xiqonline.com/static/css/main.6ef2808c.chunk.css

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ae0faee62e7963d9b5ce9920818acd8c3235533a2ce7c7c0ebae2a0fcb13c305

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:03:03 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: 503EVDZF084QK2RH
x-amz-cf-pop: AMS58-P6
age: 2868
x-cache: Hit from cloudfront
content-length: 639420
x-amz-id-2: sXbJzvI78bHElawpbGU5mPnWWj3PIDOhXkmgS7E/2xI+W0j8kkruNFor+ck8d/Krxc1AdH9x5ow=
referrer-policy: same-origin
last-modified: Mon, 15 Jul 2024 14:00:42 GMT
server: AmazonS3
etag: "95576dc92cdbbd76349cc271d400912b"
x-frame-options: DENY
content-type: text/css
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: vvzoxx2V9oUoa6kZQjIRBwgMFLgvpq8eLEgttWQdV8zfEV1I5ubYTA==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

GET
H2 200 12.707cb48c.chunk.js Show response
xiqworkbench.xiqonline.com/static/js/ 481 KB
482 KB 594ms
593ms Script
application/javascript 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xiqworkbench.xiqonline.com/static/js/12.707cb48c.chunk.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13f4e91245d4055b41b3ebe527956164b48a60884e65bf380c6f5a6b10bd8bf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:04:09 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: 3Y32BRZXV6ZMFFMB
x-amz-cf-pop: AMS58-P6
age: 85602
x-cache: Hit from cloudfront
content-length: 492186
x-amz-id-2: ES7N23hM5K0/tdzsqVPju2qRBRu2jedpr2nJlCdE5iPN7SnWb+s1fz+ei4PJo3oFwJRIsn/2xLM=
referrer-policy: same-origin
last-modified: Fri, 26 Jul 2024 14:28:57 GMT
server: AmazonS3
etag: "c255e478105df86d023181c3d68d39c3"
x-frame-options: DENY
content-type: application/javascript
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: GWANTS9b3gKvC6gEBpTUhF1kFyM7tI7O0hcIcweF2JfiVOyNn74YCQ==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

GET
H2 200 main.b715055f.chunk.js Show response
xiqworkbench.xiqonline.com/static/js/ 537 KB
538 KB 162ms
162ms Script
application/javascript 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xiqworkbench.xiqonline.com/static/js/main.b715055f.chunk.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7b934ef2f0f7c4eeb2f6c3489eb9bc7d19c8bca2279b76a7f6cf10b0d53a637

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:04:09 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: 3Y3DN6GGZ92FXKB8
x-amz-cf-pop: AMS58-P6
age: 85602
x-cache: Hit from cloudfront
content-length: 549419
x-amz-id-2: DyeWtxeWXABczn8vRj5lATOQLPCqgu/Y76oGLFykoza5+Gl/XBUvFCyBYNu5FNLx6pYP4JE71xQ=
referrer-policy: same-origin
last-modified: Fri, 26 Jul 2024 14:28:58 GMT
server: AmazonS3
etag: "8be5fe6d4685f2fd15351f32b3460d7f"
x-frame-options: DENY
content-type: application/javascript
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: PEgQe-_yCPQ25wOWCJ93JT-pztbSGjw1KEFkiDYwx91DoIIj8_a7RA==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 327ms
123ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DYPSYYLDKY&gtm=45je47o0v9167459177za200&_p=1722091850285&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1097917654.1722091851&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722091850&sct=1&seg=0&dl=https%3A%2F%2Fxiqworkbench.xiqonline.com%2Funsub%2F9a54072a41544c179fab252a45f45d5a&dt=Workbench&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2045
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 14:50:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiqworkbench.xiqonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
wb-2-prod.xiqonline.com/api/prod/preference-management/get_recipient_details/ Frame 0
0 742ms
214ms Preflight
text/html 35.80.231.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wb-2-prod.xiqonline.com/api/prod/preference-management/get_recipient_details/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.231.11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-231-11.us-west-2.compute.amazonaws.com

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrftoken
Access-Control-Request-Method: POST
Origin: https://xiqworkbench.xiqonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, custom-agent, REQUEST-TOKEN, Authorization, X-XSRF-TOKEN, X-CSRFToken
access-control-allow-methods: GET, POST
access-control-allow-origin: https://xiqworkbench.xiqonline.com
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 27 Jul 2024 14:50:52 GMT
server: nginx/1.14.2
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Origin

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 67 KB
22 KB 567ms
267ms Script
application/javascript 54.172.247.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.247.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-247-4.compute-1.amazonaws.com

Software

fwe /

Resource Hash

81d1618fdf5d3b08f0bd7fc157ac489705fb261f922cc29295388f375b053dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-trace-id: 00-0f45f7b33f1830f1546d479e8f38c9d0-1328212f48e39e65-00
date: Sat, 27 Jul 2024 14:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 18 Jul 2024 04:01:04 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: fw7zb
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 88aa5840-fdd2-41b8-b120-e55b188b11fc

GET
H2 200 hotjar-3221786.js Show response
static.hotjar.com/c/ 11 KB
5 KB 188ms
72ms Script
application/javascript 18.239.94.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3221786.js?sv=6

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-121.ams1.r.cloudfront.net

Software

Resource Hash

31f0569570a775c35dd4fd35561551ae00892a7c01d49b87fcff16f67dd0defc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 27 Jul 2024 14:50:51 GMT
via: 1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
etag: W/5776d33699acbba203fd369b38f4ceb8
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: YVme48Xdnc6LLT2WajnIx6lwPJ51xKSXgxhg3xf98jWGRQyqzWbOcA==

POST
H2 200 / Show response
wb-2-prod.xiqonline.com/api/prod/preference-management/get_recipient_details/ 650 B
972 B 798ms
320ms XHR
application/json 35.80.231.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wb-2-prod.xiqonline.com/api/prod/preference-management/get_recipient_details/

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.231.11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-231-11.us-west-2.compute.amazonaws.com

Software

nginx/1.14.2 /

Resource Hash

0db04b61a9a2f49176e22247e42247c511af162c2aab3e1e5dd077c9b53d2297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://xiqworkbench.xiqonline.com/
X-CSRFToken: null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBoz5EBFNoBx2Jkq4

Response headers

date: Sat, 27 Jul 2024 14:50:52 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.14.2
vary: Accept, Origin, Cookie
allow: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xiqworkbench.xiqonline.com
x-frame-options: DENY
access-control-allow-credentials: true
content-length: 650

GET
H/1.1 200
OK gillRoyDesk.png
s3.us-west-2.amazonaws.com/media.xiqonline.com/salesApp/images/ 5 KB
5 KB 708ms
238ms Image
image/png 52.218.233.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-2.amazonaws.com/media.xiqonline.com/salesApp/images/gillRoyDesk.png
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.233.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6a48c2936a9af1d4b0ae0314e2d83af67474ed62c33a4d75c76bcd78a7dc0f91

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 14:50:53 GMT
x-amz-version-id: k_bzyVaneOcFgQyILu1UggT1CN_sZrtP
Last-Modified: Mon, 12 Sep 2022 08:14:29 GMT
Server: AmazonS3
x-amz-request-id: QET3N3VDTEJ04Z23
ETag: "55d984469b496f9d25fdccecc73f9b6a"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4758
x-amz-id-2: PLbrW68CQBsnmKKsv1ym9uykAVBPGhPSfLsqsQqO9MLf0EF5z5Mti6dMV0A8rYd2LxxE9T6Vdfg=

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 176ms
71ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:53:29 GMT
x-content-type-options: nosniff
age: 345442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:53:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 132ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:43:18 GMT
x-content-type-options: nosniff
age: 346053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:43:18 GMT

GET
H2 200 robotoslab-variablefont_wght-webfont.6c81fb90.woff2
xiqworkbench.xiqonline.com/static/media/ 22 KB
23 KB 243ms
242ms Font
font/woff2 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xiqworkbench.xiqonline.com/static/media/robotoslab-variablefont_wght-webfont.6c81fb90.woff2

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/static/css/main.6ef2808c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

52de30822f37a1e4a1339d3a412d5a4f36b7f3248390cea8400ac30c7ab8c14f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/static/css/main.6ef2808c.chunk.css
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:53 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: YWA5CS1VCQYMPSYT
x-amz-cf-pop: AMS58-P6
x-cache: RefreshHit from cloudfront
content-length: 22576
x-amz-id-2: afR0gKOR0ELIgK2kpIC6JGqzUJoc1VW49knwAP4HIin9VIyGD/ppwfEkhI6vZbAhc8qZoOyoSyo=
referrer-policy: same-origin
last-modified: Mon, 15 Jul 2024 14:00:44 GMT
server: AmazonS3
etag: "42224a47d2bb538df1b2ccb4ea7a9665"
vary: Origin
access-control-allow-methods: POST, GET, PUT
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: DENY
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: lnKZ72fe1y4-l2g_psnBbW5cLdi2znH4M1k8INLYu0RXDL0tL1Lhxg==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 143ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:29:10 GMT
x-content-type-options: nosniff
age: 354101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 12:29:10 GMT

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 237ms
74ms Script
application/javascript 18.245.253.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.253.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-253-48.lhr5.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 31ef019c1ddee9b68951720b335aec36.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P5
age: 364184
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: p3je8OQTq7h556KAFg94Ws6xBUurf-HO6TewavmcQFbQTSSedwFwFA==

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
15 KB 197ms
63ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Sat, 27 Jul 2024 14:50:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: FTAMXW8WFNFVCG1P
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15227
x-amz-id-2: kXg6H5g1awxnlHoQY4DbhK+RTlIRQcVdQM/IJV9cKfzh066WKh9J7yAZHROLePiDwkWcn6v9YAE=
x-served-by: cache-mrs1050085-MRS
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 8773

GET
H2 200 nr-spa-1.252.0.min.js Show response
js-agent.newrelic.com/ 88 KB
27 KB 197ms
64ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.0.min.js

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Origin: https://xiqworkbench.xiqonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 1zTB_zIu9GsCJr9CnWa8NksGpEL6v25e
content-encoding: br
via: 1.1 varnish
date: Sat, 27 Jul 2024 14:50:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: FJWKEVVND6TCEMQ6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 27042
x-amz-id-2: ahGvE4Gqegw1n+FkwBPkOYfBgR2xctH6CTSRaf4oPLXx7a+h+NkeEfufK4NG83bsHnwqW+bbfJXgciXamzB6WQ==
x-served-by: cache-mrs1050095-MRS
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
etag: "1b4209d0ae18545976f7eb2c5f94d6b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 977

GET
H2 200 favicon.ico
xiqworkbench.xiqonline.com/ 15 KB
16 KB 99ms
99ms Other
image/vnd.microsoft.icon 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xiqworkbench.xiqonline.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

db4d80baf04c0fc3f5ff76dc4299617eb773110afaac1557e8a77b18dc4d3652

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 07:19:30 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: QC7EM6JQ5X5AD5EF
x-amz-cf-pop: AMS58-P6
age: 27083
x-cache: Hit from cloudfront
content-length: 15086
x-amz-id-2: mpWpOi6QbKsUcwx8khraejTcaZrQcGqcYbc4a5F4hRTioR12zr6eQjd4+6HVyAe+f2VPA8q6mXU=
referrer-policy: same-origin
last-modified: Mon, 22 Jul 2024 13:25:15 GMT
server: AmazonS3
etag: "588e5bb3515ab0b5bf11f7bad85981fc"
x-frame-options: DENY
content-type: image/vnd.microsoft.icon
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: mki9vA3B0MgiqlagJjBRd9VuyvkAnNPk2i2G8HoQ6IxUr3hSEz5rjA==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

GET
H/1.1 200 NRJS-deeb8510896115199d5 Show response
bam.nr-data.net/1/ 79 B
574 B 507ms
314ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-deeb8510896115199d5?a=1103311032&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=3931&ck=1&ref=https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a&be=1849&fe=3718&dc=2973&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1722091848546,%22n%22:0,%22f%22:0,%22dn%22:47,%22dne%22:47,%22c%22:47,%22s%22:146,%22ce%22:507,%22rq%22:507,%22rp%22:1387,%22rpe%22:1701,%22dl%22:1393,%22di%22:2972,%22ds%22:2972,%22de%22:2973,%22dc%22:3716,%22l%22:3717,%22le%22:3720%7D,%22navigation%22:%7B%7D%7D&fp=2976&fcp=2976&jsonp=NREUM.setToken
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:52 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-mrs1050106-MRS

POST
H/1.1 200 NRJS-deeb8510896115199d5 Show response
bam.nr-data.net/1/ 151 B
613 B 493ms
317ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-deeb8510896115199d5?a=1103311032&sa=1&v=1.252.0&t=Unnamed%20Transaction&rst=3948&ck=0&s=5dc34a33984089ac&ref=https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a&hr=0&af=err,xhr,stn,ins,spa&be=1387&fe=2333&dc=1586&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1722091848546,%22n%22:0,%22f%22:0,%22dn%22:48,%22dne%22:48,%22c%22:48,%22s%22:147,%22ce%22:507,%22rq%22:507,%22rp%22:1388,%22rpe%22:1701,%22di%22:2972,%22ds%22:2973,%22de%22:2973,%22dc%22:3717,%22l%22:3717,%22le%22:3720%7D,%22navigation%22:%7B%7D%7D&fp=2976&fcp=2976
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6fb3e83ddc48c88e42fa84ae04004c038bf9d3553c7d8b19a5efd7363a375a7e

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 27 Jul 2024 14:50:52 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://xiqworkbench.xiqonline.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://xiqworkbench.xiqonline.com
Content-Length: 151
x-served-by: cache-mrs10580-MRS

GET
H2 200 config_iframe.html
wchat.freshchat.com/widget/ Frame C637 0
0 529ms
187ms Document
text/html 54.172.247.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=1f9215d1-96af-4a4d-9634-cecb117ff337&origin=https://xiqworkbench.xiqonline.com

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.247.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-247-4.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Sat, 27 Jul 2024 14:50:52 GMT
last-modified: Thu, 18 Jul 2024 04:01:04 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 18eb2255-b00f-4525-8534-c3afe9808e4c
x-server: fw7zb
x-trace-id: 00-b23e171d2855ada7e25bced7d588ffed-0f81fe760d51531b-00
x-xss-protection: 1; mode=block

POST
H/1.1 200 NRJS-deeb8510896115199d5 Show response
bam.nr-data.net/resources/1/ 36 B
359 B 365ms
364ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-deeb8510896115199d5?a=1103311032&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=4443&ck=1&ref=https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a&st=1722091848546
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9ccac356bcc9663218027e07162a4f90f985cc26ba8648ae99be234dbbe9031

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 27 Jul 2024 14:50:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://xiqworkbench.xiqonline.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-mrs10562-MRS

GET
H2 200 tick.0ec253da.svg
xiqworkbench.xiqonline.com/static/media/ 257 B
2 KB 140ms
140ms Image
image/svg+xml 18.239.18.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xiqworkbench.xiqonline.com/static/media/tick.0ec253da.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-6.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a113155be7de57dcc6eaa98bea94c4cd5483d74c6bb22552e0fb4ecbdae1bd0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; worker-src blob: ; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age '31536000'; includeSubdomains; preload
X-Content-Security-Policy	upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * .amazonaws.com data: blob: 'unsafe-inline'; frame-src ; style-src * 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 15:48:27 GMT
strict-transport-security: max-age '31536000'; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; worker-src blob: ; style-src * 'unsafe-inline'
via: 1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-request-id: TK7ES3HQQWPBMFX6
x-amz-cf-pop: AMS58-P6
age: 82947
x-cache: Hit from cloudfront
content-length: 257
x-amz-id-2: oYIj6XS5G1y6Yhj9Mt+iUpmH3lQufjpUghMnQ0PIVM5fuuofm3Nqiua8XW7EcXn1z3QkSQNPbg8=
referrer-policy: same-origin
last-modified: Mon, 22 Jul 2024 13:25:37 GMT
server: AmazonS3
etag: "ea939069d6725295218fb70ed1cec22f"
x-frame-options: DENY
content-type: image/svg+xml
feature-policy: geolocation 'none'; midi 'none'; payment 'self';camera 'none';magnetometer 'none';gyroscope 'none'; sync-xhr 'self'
x-webkit-csp: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-amz-cf-id: YNy689wiv4-Mq5Te34rqEG8QQaykM7rd3qqB7IvfR3VH1uxqMig6lg==
x-content-security-policy: upgrade-insecure-requests; default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * *.amazonaws.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'

POST
H/1.1 200 NRJS-deeb8510896115199d5 Show response
bam.nr-data.net/events/1/ 24 B
341 B 360ms
359ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-deeb8510896115199d5?a=1103311032&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=4521&ck=1&ref=https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 27 Jul 2024 14:50:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://xiqworkbench.xiqonline.com
access-control-allow-credentials: true
Connection: close
Content-Length: 24
x-served-by: cache-mrs10571-MRS

GET
H2 200 /
wchat.freshchat.com/widget/ Frame 10B1 0
0 188ms
187ms Document
text/html 54.172.247.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=1f9215d1-96af-4a4d-9634-cecb117ff337&referrer=aHR0cHM6Ly94aXF3b3JrYmVuY2gueGlxb25saW5lLmNvbQ==&eagerLoad=true

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.247.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-247-4.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Sat, 27 Jul 2024 14:50:53 GMT
last-modified: Thu, 18 Jul 2024 04:01:04 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: aaffb378-2f57-4a1d-815f-b1c712ab5a93
x-server: gnvfq
x-trace-id: 00-2563a83cc9101da1ea740b4a6c6453c0-82a767d07efce58e-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
wchat.freshchat.com/widget/css/ 9 KB
2 KB 192ms
191ms Stylesheet
text/css 54.172.247.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1722091853295

Requested by

Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.247.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-247-4.compute-1.amazonaws.com

Software

fwe /

Resource Hash

58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 14:50:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: a229f01f-15d9-4d00-8630-cf9d8ea8552d
x-trace-id: 00-baa070d699036a01924d651a4e1ffdbe-d2af467ca3773356-00
last-modified: Thu, 18 Jul 2024 04:01:04 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: gnvfq
expires: Sun, 27 Jul 2025 14:50:53 GMT

POST
H/1.1 200 NRJS-deeb8510896115199d5 Show response
bam.nr-data.net/events/1/ 24 B
346 B 224ms
222ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-deeb8510896115199d5?a=1103311032&sa=1&v=1.252.0&t=Unnamed%20Transaction&rst=4812&ck=0&s=5dc34a33984089ac&ref=https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a&hr=0
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 27 Jul 2024 14:50:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://xiqworkbench.xiqonline.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-mrs10531-MRS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 104ms
103ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DYPSYYLDKY&gtm=45je47o0v9167459177za200&_p=1722091850285&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1097917654.1722091851&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722091850&sct=1&seg=0&dl=https%3A%2F%2Fxiqworkbench.xiqonline.com%2Funsub%2F9a54072a41544c179fab252a45f45d5a&dt=Workbench&en=scroll&epn.percent_scrolled=90&_et=8&tfd=7055
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://xiqworkbench.xiqonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 14:50:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiqworkbench.xiqonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html
537833938274509.webpush.freshchat.com/ Frame B910 0
0 739ms
503ms Document
text/html 18.245.60.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://537833938274509.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly94aXF3b3JrYmVuY2gueGlxb25saW5lLmNvbQ==
Requested by: Host: xiqworkbench.xiqonline.com
URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://xiqworkbench.xiqonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 27 Jul 2024 14:50:57 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
x-amz-cf-id: haRhnFFYAe1LDFpnqWbGLesj5715lYnpW5EcENXsABPvP_UgryRuOw==
x-amz-cf-pop: FRA60-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xiqonline.com/	1970-01-21 07:57:31	Name: _ga Value: GA1.1.1097917654.1722091851
.xiqonline.com/	1970-01-21 07:57:31	Name: _ga_DYPSYYLDKY Value: GS1.1.1722091850.1.0.1722091850.0.0.0
.xiqonline.com/	1970-01-21 07:07:07	Name: _hjSessionUser_3221786 Value: eyJpZCI6IjM4OTY0MDM2LWFlMmQtNTJhNy04MGZhLWVhM2U5YjA4ZGFiYyIsImNyZWF0ZWQiOjE3MjIwOTE4NTIwNTQsImV4aXN0aW5nIjpmYWxzZX0=
.xiqonline.com/	1970-01-20 22:21:33	Name: _hjSession_3221786 Value: eyJpZCI6ImIyYWVjNzFkLWIwY2QtNGEzYy05ZjEwLWQ5OTA1NWYxNGJjNyIsImMiOjE3MjIwOTE4NTIwNTUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: dd289790422143fc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://xiqworkbench.xiqonline.com/unsub/9a54072a41544c179fab252a45f45d5a(Line 5) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://xiqworkbench.xiqonline.com/static/media/robotoslab-variablefont_wght-webfont.6c81fb90.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

537833938274509.webpush.freshchat.com
bam.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
region1.google-analytics.com
s3.us-west-2.amazonaws.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
wb-2-prod.xiqonline.com
wchat.freshchat.com
www.googletagmanager.com
xiqworkbench.xiqonline.com
104.17.25.14
104.18.10.207
162.247.243.29
18.239.18.6
18.239.94.121
18.245.253.48
18.245.60.105
2001:4860:4802:32::36
2602:816:5001::39
2606:4700::6812:bb1f
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:829::200a
2a04:4e42:400::649
35.80.231.11
52.218.233.56
54.172.247.4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
0db04b61a9a2f49176e22247e42247c511af162c2aab3e1e5dd077c9b53d2297
13f4e91245d4055b41b3ebe527956164b48a60884e65bf380c6f5a6b10bd8bf7
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
31f0569570a775c35dd4fd35561551ae00892a7c01d49b87fcff16f67dd0defc
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
52de30822f37a1e4a1339d3a412d5a4f36b7f3248390cea8400ac30c7ab8c14f
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
6a48c2936a9af1d4b0ae0314e2d83af67474ed62c33a4d75c76bcd78a7dc0f91
6fb3e83ddc48c88e42fa84ae04004c038bf9d3553c7d8b19a5efd7363a375a7e
81d1618fdf5d3b08f0bd7fc157ac489705fb261f922cc29295388f375b053dd5
8e475979a87795e62429d9a2b597ac954b17d9159a0d4a237fb7888e81ca36c3
a113155be7de57dcc6eaa98bea94c4cd5483d74c6bb22552e0fb4ecbdae1bd0a
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
ae0faee62e7963d9b5ce9920818acd8c3235533a2ce7c7c0ebae2a0fcb13c305
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6
b9ccac356bcc9663218027e07162a4f90f985cc26ba8648ae99be234dbbe9031
c6a101fde9075ad054e8e363bda36b53cf4eb079734b270d70db3ad371a094af
c7b934ef2f0f7c4eeb2f6c3489eb9bc7d19c8bca2279b76a7f6cf10b0d53a637
db4d80baf04c0fc3f5ff76dc4299617eb773110afaac1557e8a77b18dc4d3652
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8fb3e27646ebdd89dfe44a287bd41b299a17ac8373ea7f584a13d6aa7ae800e

xiqworkbench.xiqonline.com Open in urlscan Pro 18.239.18.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

41 %IPv6

14 Domains

17 Subdomains

17 IPs

3 Countries

2151 kBTransfer

2894 kBSize

5 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xiqworkbench.xiqonline.com Open in urlscan Pro
18.239.18.6 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

41 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

2151 kB
Transfer

2894 kB
Size

5
Cookies

36 HTTP transactions
0 data transactions