www.client-helpdeskweb.dns04.com Open in urlscan Pro
40.114.55.61 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.client-helpdeskweb.dns04.com/
Submission: On February 10 via automatic, source certstream-suspicious (February 10th 2022, 7:31:28 pm UTC) — Scanned from DE

Summary HTTP 87 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 87 HTTP transactions. The main IP is 40.114.55.61, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.client-helpdeskweb.dns04.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 10th 2022. Valid for: 3 months.

This is the only time www.client-helpdeskweb.dns04.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Mountain America Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
13	40.114.55.61 40.114.55.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.232.231 104.111.232.231	16625 (AKAMAI-AS) (AKAMAI-AS)
26	45.60.46.50 45.60.46.50	19551 (INCAPSULA) (INCAPSULA)
4	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
17	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	63.128.130.61 63.128.130.61	22013 (GUARD-DC1) (GUARD-DC1)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.0.173.134 142.0.173.134	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.239.236.68 52.239.236.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.139.59 18.66.139.59	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.80 18.66.112.80	16509 (AMAZON-02) (AMAZON-02)
1	13.66.240.155 13.66.240.155	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.42.65.84 20.42.65.84	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
87	22

13 40.114.55.61 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.client-helpdeskweb.dns04.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.232.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-231.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 45.60.46.50 (United States)

ASN19551 (INCAPSULA, US)

www.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oc-cdn-ocprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comms.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ocsdk-prod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.128.130.61 (United States)

ASN22013 (GUARD-DC1, US)
PTR: collector.fraudmap.net

collector.fraudmap.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.botframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.134 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

elq.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.236.68 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

webchatic3.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-59.fra60.r.cloudfront.net

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.66.240.155 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.65.84 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	macu.com 1 redirects www.macu.com — Cisco Umbrella Rank: 221974 elq.macu.com — Cisco Umbrella Rank: 498372	743 KB
16	azureedge.net oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 55700 ocsdk-prod.azureedge.net — Cisco Umbrella Rank: 63429	368 KB
13	dns04.com www.client-helpdeskweb.dns04.com	301 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 399 p.typekit.net — Cisco Umbrella Rank: 510	57 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	58 KB
3	audioeye.com ws.audioeye.com — Cisco Umbrella Rank: 3578 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3357	13 KB
2	microsoft.com browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 91	793 B
2	omnichannelengagementhub.com comms.omnichannelengagementhub.com — Cisco Umbrella Rank: 58481 217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com — Cisco Umbrella Rank: 479053	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	623 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	53 KB
1	windows.net webchatic3.blob.core.windows.net — Cisco Umbrella Rank: 72691	115 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2949	38 KB
1	botframework.com cdn.botframework.com — Cisco Umbrella Rank: 20755	748 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 5576	3 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 631	38 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2202	15 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 331	430 B
1	fraudmap.net collector.fraudmap.net — Cisco Umbrella Rank: 122318	269 B
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 5350
87	20

	Domain	Requested by
26	www.macu.com	www.client-helpdeskweb.dns04.com www.macu.com
15	oc-cdn-ocprod.azureedge.net	www.client-helpdeskweb.dns04.com oc-cdn-ocprod.azureedge.net
13	www.client-helpdeskweb.dns04.com	www.client-helpdeskweb.dns04.com
4	connect.facebook.net	www.client-helpdeskweb.dns04.com connect.facebook.net
4	use.typekit.net	www.client-helpdeskweb.dns04.com use.typekit.net
2	browser.pipe.aria.microsoft.com	oc-cdn-ocprod.azureedge.net
2	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
2	elq.macu.com	1 redirects www.client-helpdeskweb.dns04.com
2	www.facebook.com	www.client-helpdeskweb.dns04.com
2	cdnjs.cloudflare.com	www.client-helpdeskweb.dns04.com
2	code.jquery.com	www.client-helpdeskweb.dns04.com
1	217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	ocsdk-prod.azureedge.net
1	ocsdk-prod.azureedge.net	oc-cdn-ocprod.azureedge.net
1	comms.omnichannelengagementhub.com	oc-cdn-ocprod.azureedge.net
1	ws.audioeye.com	www.client-helpdeskweb.dns04.com
1	webchatic3.blob.core.windows.net	oc-cdn-ocprod.azureedge.net
1	js.monitor.azure.com	oc-cdn-ocprod.azureedge.net
1	cdn.botframework.com	oc-cdn-ocprod.azureedge.net
1	img.en25.com	www.client-helpdeskweb.dns04.com
1	p.typekit.net	use.typekit.net
1	ajax.aspnetcdn.com	www.client-helpdeskweb.dns04.com
1	stackpath.bootstrapcdn.com	www.client-helpdeskweb.dns04.com
1	bat.bing.com	www.client-helpdeskweb.dns04.com
1	collector.fraudmap.net	www.client-helpdeskweb.dns04.com
1	cloud.typography.com	www.client-helpdeskweb.dns04.com
87	25

This site contains links to these domains. Also see Links.

Domain
o.macu.com
www.macu.com
secure.macu.com
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
www.linkedin.com
www.ncua.gov
portal.hud.gov

Subject Issuer	Validity	Valid
client-helpdeskweb.dns04.com cPanel, Inc. Certification Authority	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2021-05-27` - `2022-06-01`	a year	crt.sh
www.macu.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-05` - `2022-05-10`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 02	`2022-02-10` - `2023-02-05`	a year	crt.sh
*.fraudmap.net Thawte TLS RSA CA G1	`2020-03-09` - `2022-04-17`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06	`2021-12-27` - `2022-12-22`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-11-16` - `2022-11-16`	a year	crt.sh
*.audioeye.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-14`	a year	crt.sh
comms.omnichannelengagementhub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-09-08`	a year	crt.sh
*.omnichannelengagementhub.com Microsoft RSA TLS CA 01	`2021-12-04` - `2022-12-04`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2021-12-12` - `2022-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.client-helpdeskweb.dns04.com/
Frame ID: FD755B25F83E352B36066DD230DB3281
Requests: 68 HTTP requests in this frame

Frame: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Frame ID: 80B62DC0A484A353EC6A282B6F44147D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mountain America Credit Union in Utah & the West

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AudioEye (Accessibility) Expand

Overall confidence: 100%
Detected patterns

audioeye\.com/ae\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

25
Subdomains

22
IPs

4
Countries

2584 kB
Transfer

6857 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://o.macu.com/Registration
Title: Register

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotUsername
Title: ID

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotPassword
Title: Password

Search URL Search Domain Scan URL

URL: https://www.macu.com/accounts/checking/mystyle-checking?icid=topsearches-checking
Title: MyStyle Rewards Checking

Search URL Search Domain Scan URL

URL: https://www.macu.com/loans/vehicle-loans/auto?icid=topsearches-auto
Title: Low-rate Auto Loans

Search URL Search Domain Scan URL

URL: https://secure.macu.com/account-opening?productId=52
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MountainAmerica/
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mountainamerica
Title: Follow us on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mountainamericacu/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/MountainAmerica?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mountain-america-credit-union/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/Pages/default.aspx
Title: Go to the National Credit Union Administration Federally insured by NCUA

Search URL Search Domain Scan URL

URL: http://portal.hud.gov/hudportal/HUD
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://secure.macu.com/#/account-opening
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.macu.com/about-us/contact-us/help-center
Title: Check out our FAQs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&firstPartyCookieDomain=elq.macu.com HTTP 302
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&elq1pcGUID=B6F5EE0DABAD4702AC669455394D8B91

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.client-helpdeskweb.dns04.com/ 156 KB
156 KB 300ms
94ms Document
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 09927329c9a15cdedd77368a5a4f7c984ca673f9714d2f926ac1925ea97dd8a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 10 Feb 2022 19:31:20 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 10:51:54 GMT
Accept-Ranges: bytes
Content-Length: 159585
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/689828/7556792/css/ 0
0 1088ms
1038ms Stylesheet
text/html 104.111.232.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/689828/7556792/css/fonts.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-231.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 font-awesome.min.css
www.macu.com/MACU/Stylesheets/ 30 KB
9 KB 624ms
577ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/font-awesome.min.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:20 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 12-10684131-10681940 2VNN RT(1644521480040 0) q(0 0 0 0) r(6 6)
cache-control: max-age=69545, public
content-length: 8332
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 jquery.smartbanner.css
www.macu.com/MACU/Stylesheets/ 5 KB
2 KB 630ms
583ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/jquery.smartbanner.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:20 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 12-10684132-10681943 2VNN RT(1644521480041 0) q(0 0 0 3) r(6 6)
cache-control: max-age=69545, public
content-length: 1766
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 main.6748b61948611561aebb.css
www.macu.com/dist/module/ 198 KB
32 KB 637ms
590ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:20 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 12-10684133-10683329 2VNN RT(1644521480044 0) q(0 0 0 3) r(6 6)
cache-control: max-age=69545, public
content-length: 32719
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 cvd1zmo.css
use.typekit.net/ 3 KB
910 B 396ms
144ms Stylesheet
text/css 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cvd1zmo.css

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),

Reverse DNS

Software

nginx /

Resource Hash

7a407fce85806e9065c75c121dc9d2c4f5eb149a69e9ecee4ff61e1f1ca3592e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 10 Feb 2022 19:31:20 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 678

GET
H2 200 LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ 2 KB
1 KB 107ms
10ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetFrame.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:19 GMT
content-encoding: br
x-azure-ref-originshield: 0ZyMFYgAAAADhpwbRchMLQbuXUwlDRh8TQU1TMDRFREdFMTkxMwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: T6+Ch2oZZGwEGnAXQDcCfw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BCF7CB0
x-azure-ref: 0CGgFYgAAAAAnBO7cbzTXRr4I/+vSD1GXRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: fc0149f4-a01e-0043-634f-1d7602000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK style.css
www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/ 830 B
1 KB 278ms
92ms Stylesheet
text/css 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/style.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:20 GMT
Last-Modified: Sat, 20 Nov 2021 18:02:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 830

GET
H/1.1 200
OK font-awesome.min.css
www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/ 30 KB
31 KB 281ms
94ms Stylesheet
text/css 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:20 GMT
Last-Modified: Sat, 04 Dec 2021 12:42:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31033

GET
H2 200 icon-security-padlock.svg
www.macu.com/media/Icons/ 2 KB
1 KB 675ms
673ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-security-padlock.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:11 GMT
x-cdn: Imperva
etag: "6ca188bdb2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684311-10683358 2VNN RT(1644521481095 0) q(0 0 0 1) r(7 7)
cache-control: max-age=81913, public
content-length: 633
expires: Fri, 11 Feb 2022 18:16:34 GMT

GET
H2 200 icon-map-location.svg
www.macu.com/media/Icons/ 1 KB
1 KB 674ms
672ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-map-location.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:01 GMT
x-cdn: Imperva
etag: "36132e85db2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684312-10683356 2VNN RT(1644521481096 0) q(0 0 0 2) r(7 7)
cache-control: max-age=81913, public
content-length: 646
expires: Fri, 11 Feb 2022 18:16:34 GMT

GET
H2 200 icon-market-prediction.svg
www.macu.com/media/Icons/ 2 KB
1 KB 621ms
619ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-market-prediction.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:02 GMT
x-cdn: Imperva
etag: "9ab4bc85db2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684313-10683208 2VNN RT(1644521481100 0) q(0 1 1 1) r(7 7)
cache-control: max-age=69544, public
content-length: 707
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 icon-account.svg
www.macu.com/media/Icons/ 2 KB
1 KB 219ms
218ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-account.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:45 GMT
x-cdn: Imperva
etag: "84e99f7bdb2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684314-10681943 2VNN RT(1644521481103 0) q(0 0 0 19) r(2 2)
cache-control: max-age=69544, public
content-length: 639
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 icon-budget-accounting.svg
www.macu.com/media/Icons/ 4 KB
1 KB 183ms
182ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-budget-accounting.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:20 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:52 GMT
x-cdn: Imperva
etag: "7545a17fdb2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684315-10683329 2VNN RT(1644521481111 0) q(0 0 0 13) r(1 1)
cache-control: max-age=69545, public
content-length: 910
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H2 200 icon-fraud-detection.svg
www.macu.com/media/Icons/ 2 KB
1 KB 622ms
620ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-fraud-detection.svg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:54 GMT
x-cdn: Imperva
etag: "207efd80db2d51:0"
content-type: image/svg+xml
x-iinfo: 12-10684318-10684323 2VNN RT(1644521481127 0) q(0 0 0 5) r(0 6)
cache-control: max-age=81913, public
content-length: 735
expires: Fri, 11 Feb 2022 18:16:34 GMT

GET
H2 200 search_icon_white.png
www.macu.com/MACU/Images/ 1 KB
2 KB 324ms
323ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/search_icon_white.png
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 12-10684324-10683329 2VNN RT(1644521481135 0) q(0 1 1 4) r(3 3)
cache-control: max-age=69544, public
content-length: 1333
expires: Fri, 11 Feb 2022 14:50:25 GMT

GET
H/1.1 404
Not Found tippy.all.min.js
www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/ 0
0 92ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/tippy.all.min.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found main.bundle.6748b61948611561aebb.js
www.client-helpdeskweb.dns04.com/dist/module/ 0
0 92ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/dist/module/main.bundle.6748b61948611561aebb.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK validate.js Show response
collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/ 0
269 B 628ms
155ms Script
application/javascript 63.128.130.61
GUARD-DC1

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/validate.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.128.130.61 , United States, ASN22013 (GUARD-DC1, US),

Reverse DNS

collector.fraudmap.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Keep-Alive: timeout=5, max=65
Content-Length: 0
X-XSS-Protection: 1

GET
H/1.1 404
Not Found skipto.js
www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/ 0
0 92ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/skipto.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ 10 KB
2 KB 9ms
7ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:20 GMT
content-encoding: br
x-azure-ref-originshield: 06SsFYgAAAADSKvXeV0tZRZMSZEjj4NxwQU1TMDRFREdFMTkxMwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: thkHRtTmATEZlK21AHK9Yg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFF6B508EE
x-azure-ref: 0CWgFYgAAAADQyy/3DEL8Tqf/4BrNuDJDRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 537adff8-701e-008b-7d6e-1d9433000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 204 0
bat.bing.com/action/ 0
430 B 69ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4014792&tm=gtm002&Ver=2&mid=42ad0409-03c2-46af-b38d-c937e7fbe5f1&sid=d02e7e60550311ecb91869c28ee55430&vid=d02f0200550311ec8a902f0fefbfce0e&vids=0&pi=0&lg=en-US&sw=1366&sh=768&sc=24&tl=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&kw=home&p=https%3A%2F%2Fwww.macu.com%2F&r=&lt=4738&evt=pageLoad&msclkid=N&sv=1&rn=903490
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 19:31:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97175404EE764F6BB325562DA2E34C7E Ref B: FRAEDGE1511 Ref C: 2022-02-10T19:31:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK loading.gif
www.client-helpdeskweb.dns04.com/cmss/script/custom/fonts/images/img/ 38 KB
38 KB 93ms
93ms Image
image/gif 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.client-helpdeskweb.dns04.com/cmss/script/custom/fonts/images/img/loading.gif
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Last-Modified: Sat, 11 Aug 2018 13:03:52 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 38636

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 58ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1644521481.dop020.ml1.t,1644521481.cds203.ml1.hn,1644521481.cds202.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 58ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1644521481.dop009.ml1.t,1644521481.cds208.ml1.hn,1644521481.cds003.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 105ms
67ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6912160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6rqWQg2cqQQD3XKfT411VLhIg9NBlQsSNMjotzLxrOZP30UaZtNqYyaWkYzr1qclkKpfsm1ysIJ3LnVlGH%2Fz6dofkv69QBrkHb0q0vk%2B%2BD8ueoU3wwJQhOccOil%2BtEprAzh4lJRDqjkIOi1YbHuBn4D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6db7c1da5b99839c-MXP
expires: Tue, 31 Jan 2023 19:31:21 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 119ms
71ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 565, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9e2e4ee7f7348abc2250208335b91fb1
cf-ray: 6db7c1da6d6959ef-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
38 KB 30ms
7ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11902633
x-cache: HIT
content-length: 38892
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/8E87)
etag: "af301a17b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 70ms
32ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7343376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iMDtkRU7UlCP54Dd6OTFaYAaTROYqwx%2Feaub1Ti6zmpJg7ynfr81onTjWWkZpi7biYQWAGp0uOD366%2BWItpdQm5ofFqZ589GXSG%2BQgPG%2B7L6UBgKvTWV1xgDqtmVKYin6JPlTubMQHCZq5tBNWvWJuT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6db7c1da5f210f4e-MXP
expires: Tue, 31 Jan 2023 19:31:21 GMT

GET
H/1.1 404
Not Found actions.js
www.client-helpdeskweb.dns04.com/js/ 0
0 93ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/js/actions.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 333ms
83ms Stylesheet
text/css 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cvd1zmo&ht=tk&f=39680.39685.39687&a=1540528&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
etag: "613bee4d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 header_logo.svg
www.macu.com/MACU/Images/ 10 KB
4 KB 564ms
564ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/header_logo.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684393-10684394 2VNN RT(1644521481431 0) q(0 0 0 0) r(0 5)
cache-control: max-age=81889, public
content-length: 3737
expires: Fri, 11 Feb 2022 18:16:10 GMT

GET
H2 200 l
use.typekit.net/af/a3a085/00000000000000007735ba73/30/ 16 KB
17 KB 387ms
144ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3a085/00000000000000007735ba73/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
server: nginx
etag: "c8312ec3794d199c4baa21fae3f300f4162a37ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16816

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.client-helpdeskweb.dns04.com/module/media/Script/lib/Fonts/ 75 KB
76 KB 93ms
93ms Font
font/woff2 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/module/media/Script/lib/Fonts/fontawesome-webfont.woff2
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Last-Modified: Sat, 04 Dec 2021 08:52:26 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 77160

GET
H2 200 l
use.typekit.net/af/a741c0/00000000000000007735ba66/30/ 19 KB
19 KB 321ms
91ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a741c0/00000000000000007735ba66/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: 821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
server: nginx
etag: "519cefc842ab7db6e740a26a5e2b3c236659ca6b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684

GET
H2 200 info-icon.png
www.macu.com/MACU/Images/ 1 KB
2 KB 536ms
536ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/info-icon.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 12-10684400-10684401 2VNN RT(1644521481460 0) q(0 0 0 0) r(0 5)
cache-control: max-age=81890, public
content-length: 1150
expires: Fri, 11 Feb 2022 18:16:11 GMT

GET
H2 200 2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
www.macu.com/media/3-column-images/ 94 KB
94 KB 397ms
396ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Wed, 20 Oct 2021 18:04:33 GMT
x-cdn: Imperva
etag: "905881efdcc5d71:0"
content-type: image/jpeg
x-iinfo: 12-10684402-10684456 2VNN RT(1644521481462 0) q(0 3 3 0) r(4 4)
cache-control: max-age=69545, public
content-length: 96057
expires: Fri, 11 Feb 2022 14:50:26 GMT

GET
H2 200 2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
www.macu.com/media/3-column-images/ 87 KB
88 KB 536ms
535ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03074f175d2e30b0c6a3418ea28c1b9877b135ecf5f36685a71a5a9c949192fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Fri, 23 Jul 2021 19:51:14 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "c7e9718fc7fd71:0"
content-type: image/jpeg
x-iinfo: 12-10684403-10684323 2NNN RT(1644521481464 0) q(0 3 3 0) r(5 5) U1
accept-ranges: bytes
content-length: 88674
x-cdn: Imperva

GET
H2 200 3colflex-value-analyzer-2020-V1TSP-457x644.jpg
www.macu.com/media/3-column-images/ 93 KB
94 KB 452ms
451ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/3colflex-value-analyzer-2020-V1TSP-457x644.jpg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Wed, 15 Jul 2020 21:28:58 GMT
x-cdn: Imperva
etag: "b45296f3ee5ad61:0"
content-type: image/jpeg
x-iinfo: 12-10684404-10683329 2VNN RT(1644521481466 0) q(0 3 3 4) r(5 5)
cache-control: max-age=69545, public
content-length: 95317
expires: Fri, 11 Feb 2022 14:50:26 GMT

GET
H2 200 social-icon-facebook.svg
www.macu.com/MACU/Images/ 656 B
970 B 533ms
532ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-facebook.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684407-10683358 2VNN RT(1644521481472 0) q(0 3 3 2) r(5 5)
cache-control: max-age=81890, public
content-length: 452
expires: Fri, 11 Feb 2022 18:16:11 GMT

GET
H2 200 social-icon-youtube.svg
www.macu.com/MACU/Images/ 1 KB
1 KB 544ms
542ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-youtube.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684408-10683356 2VNN RT(1644521481476 0) q(0 4 4 1) r(5 5)
cache-control: max-age=81890, public
content-length: 745
expires: Fri, 11 Feb 2022 18:16:11 GMT

GET
H2 200 social-icon-instagram.svg
www.macu.com/MACU/Images/ 2 KB
2 KB 593ms
592ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-instagram.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684409-10683329 2VNN RT(1644521481479 0) q(0 5 5 1) r(6 6)
cache-control: max-age=81890, public
content-length: 1078
expires: Fri, 11 Feb 2022 18:16:12 GMT

GET
H2 200 social-icon-twitter.svg
www.macu.com/MACU/Images/ 995 B
1 KB 661ms
660ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-twitter.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684413-10684394 2VNN RT(1644521481483 0) q(0 5 5 1) r(7 7)
cache-control: max-age=81890, public
content-length: 613
expires: Fri, 11 Feb 2022 18:16:12 GMT

GET
H2 200 social-icon-linkedin.svg
www.macu.com/MACU/Images/ 796 B
1016 B 662ms
661ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-linkedin.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684415-10683358 2VNN RT(1644521481485 0) q(0 5 5 2) r(7 7)
cache-control: max-age=81890, public
content-length: 511
expires: Fri, 11 Feb 2022 18:16:12 GMT

GET
H2 200 ncua_logo.png
www.macu.com/MACU/Images/ 2 KB
2 KB 661ms
660ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/ncua_logo.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 12-10684417-10684401 2VNN RT(1644521481488 0) q(0 5 5 1) r(7 7)
cache-control: max-age=81890, public
content-length: 1989
expires: Fri, 11 Feb 2022 18:16:12 GMT

GET
H2 200 icon-equal-housing.svg
www.macu.com/MACU/Images/ 640 B
939 B 694ms
693ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/icon-equal-housing.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684418-10684456 2VNN RT(1644521481489 0) q(0 5 5 0) r(7 7)
cache-control: max-age=81891, public
content-length: 409
expires: Fri, 11 Feb 2022 18:16:13 GMT

GET
H2 200 footer_mountains.svg
www.macu.com/MACU/Images/ 2 KB
965 B 732ms
732ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/footer_mountains.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 12-10684419-10683329 2VNN RT(1644521481490 0) q(0 6 6 1) r(7 7)
cache-control: max-age=81891, public
content-length: 489
expires: Fri, 11 Feb 2022 18:16:13 GMT

GET
H2 200 l
use.typekit.net/af/e7065f/00000000000000007735ba3f/30/ 20 KB
20 KB 310ms
98ms Font
application/font-woff2 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e7065f/00000000000000007735ba3f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: nginx /
Resource Hash: 5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
server: nginx
etag: "65381862afa1e35bdce2a257727d8a6c9625f357"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20480

GET
H2 200 2021_MyStyleCampaign_1821x630_AL.jpg
www.macu.com/media/hero-images/ 324 KB
325 KB 864ms
863ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/hero-images/2021_MyStyleCampaign_1821x630_AL.jpg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
last-modified: Tue, 19 Oct 2021 19:59:10 GMT
x-cdn: Imperva
etag: "832218c823c5d71:0"
content-type: image/jpeg
x-iinfo: 12-10684420-10683358 2VNN RT(1644521481492 0) q(0 7 7 0) r(9 9)
cache-control: max-age=69545, public
content-length: 331751
expires: Fri, 11 Feb 2022 14:50:27 GMT

GET
H2 200 mystyle-video-thumbnail-summer-2021-v1cc.jpg
www.macu.com/media/videos/ 72 KB
72 KB 856ms
855ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/videos/mystyle-video-thumbnail-summer-2021-v1cc.jpg
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fdcfb4c57ef0de6a5ceabe5603ecb5d8fee0446e278c50ca3b66ac09bd72edb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
last-modified: Tue, 24 Aug 2021 17:05:33 GMT
x-cdn: Imperva
etag: "f3842740a99d71:0"
content-type: image/jpeg
x-iinfo: 12-10684421-10681943 2VNN RT(1644521481493 0) q(0 7 7 1) r(9 9)
cache-control: max-age=69545, public
content-length: 73505
expires: Fri, 11 Feb 2022 14:50:27 GMT

GET
H2 200 play_button.png
www.macu.com/MACU/Images/ 559 B
1 KB 863ms
862ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/play_button.png
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 12-10684422-10681940 2VNN RT(1644521481495 0) q(0 7 7 0) r(9 9)
cache-control: max-age=69544, public
content-length: 559
expires: Fri, 11 Feb 2022 14:50:26 GMT

GET
H/1.1 404
Not Found tippy.all.min.js
www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/ 0
0 92ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/tippy.all.min.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found main.bundle.6748b61948611561aebb.js
www.client-helpdeskweb.dns04.com/dist/module/ 0
0 94ms
93ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/dist/module/main.bundle.6748b61948611561aebb.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found skipto.js
www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/ 0
0 92ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/skipto.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/configs/ 4 KB
2 KB 27ms
12ms Fetch
application/json 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0SFEFYgAAAACxZGuzecNPQ4vhgjETPdOnQU1TMDRFREdFMTkxOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFED267BBA
x-azure-ref: 0CWgFYgAAAABN7gtE28mOQ6cS0uMY0vh7RlJBRURHRTEwMTIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f8493743-901e-0015-398b-1d87ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: 2nfjMVZWp4ZgopzWZjwvf0/kB/6fDxnwWqM4DkU4rNo51eOz4MQGc2EJdmQ2LWBfzk4jtwBzBRnyeabZS58gJA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Feb 2022 19:31:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chat.html Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/ Frame 80B6 7 KB
2 KB 9ms
9ms Document
text/html 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/

Response headers

cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
content-type: text/html
content-encoding: br
content-md5: 4svHTbPebj5nFznb41LdVg==
last-modified: Sat, 15 Jan 2022 06:26:48 GMT
etag: 0x8D9D7F0029D3293
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: edd6e665-801e-00ed-5ea2-1ddb13000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0SkcFYgAAAABU3qb7i+EzQaB9fR6+TwCBQU1TMDRFREdFMTgxMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
x-azure-ref: 0CWgFYgAAAACgY9Lo93hsRbOyhT3JFmGERlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
date: Thu, 10 Feb 2022 19:31:21 GMT

GET
H/1.1 404
Not Found actions.js
www.client-helpdeskweb.dns04.com/js/ 0
0 93ms
92ms Script
text/html 40.114.55.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.client-helpdeskweb.dns04.com/js/actions.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.114.55.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ 78 KB
8 KB 11ms
10ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0SkcFYgAAAABc6DmY9xoYRZRzrK4jx4aqQU1TMDRFREdFMTgxMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0CWgFYgAAAAAkJ4MWupb1TI4i3M0d5d1zRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 11717ef9-301e-0051-289f-1e0dd2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame 80B6 78 KB
8 KB 9ms
9ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0SkcFYgAAAABc6DmY9xoYRZRzrK4jx4aqQU1TMDRFREdFMTgxMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0CWgFYgAAAADW2daQ73TBT5TwH1feFtWORlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 11717ef9-301e-0051-289f-1e0dd2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: VLebM6lWEZ1MUviB4ClXCpUJ1O1+BpjBMGWJkDzd8CCUCbFRYv3kYThXYF6QKzBN5LxZyjeYaNMwVq1Ipi89Wg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Feb 2022 19:31:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 837421743000518 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/837421743000518?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b583a9d922d39a3ea30176cbf9734b8281685742c4f3283ad6d858079edc9c4c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 10911
x-xss-protection: 0
pragma: public
x-fb-debug: 7cyubp4CF8NCxnuR1EEC3h6YdJTMFLIMpQr9PaCZN1ONTLsce/ZhIGhr4jBUYvTCnSndoq14vOIifn7K0zZnkg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 10 Feb 2022 19:31:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LiveChatWidgetLibs.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 80B6 412 KB
107 KB 11ms
9ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0BGEFYgAAAAAc4AgCWg4kRKlHGsM8ugEnQU1TMDRFREdFMTgxNQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: AV3A5KYwCd4LKK8Bu2rBWw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0076158E0
x-azure-ref: 0CWgFYgAAAAD0YKMorIsJS6EJBz2WhOkPRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8e2f9db2-401e-005b-4085-1da965000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H3 200 error
connect.facebook.net//log/ 0
0 33ms
33ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.52&e=Error%3A%20An%20invalid%20email%20address%20was%20specified%20for%20%27em%27.%20This%20data%20will%20not%20be%20sent%20with%20any%20events%20for%20this%20Pixel.&s=Error%3A%20An%20invalid%20email%20address%20was%20specified%20for%20%27em%27.%20This%20data%20will%20not%20be%20sent%20with%20any%20events%20for%20this%20Pixel.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A41767)%0A%20%20%20%20at%20r%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fplugins%2Fidentity.js%3Fv%3D2.9.52%3A21%3A58888)%0A%20%20%20%20at%20f.s%20%5Bas%20_piiTranslator%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fplugins%2Fidentity.js%3Fv%3D2.9.52%3A21%3A59227)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A75762)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A75852)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A75508)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A76085)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A75543)%0A%20%20%20%20at%20f.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A74951)%0A%20%20%20%20at%20ra%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9837)&ue=1&rs=stable&rqm=FGET
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=PageView&dl=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1644521481954&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.52&r=stable&ec=0&o=60&fbp=fb.1.1644521481953.1995888372&it=1644521481927&coo=false&rqm=GET

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 10 Feb 2022 19:31:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=ViewContent&dl=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1644521481956&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.52&r=stable&ec=1&o=60&fbp=fb.1.1644521481953.1995888372&it=1644521481927&coo=false&rqm=GET

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 10 Feb 2022 19:31:21 GMT

GET
H2 200 LiveChatWidgetScripts.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame 80B6 396 KB
69 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0VVEFYgAAAADx5htK3Y4XQr7llQV2kWH/QU1TMDRFREdFMTgxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: HJIf6V8EGajSQQtpPTfOQQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007E78C00
x-azure-ref: 0CWgFYgAAAAAQobSww1ONTYKBhZ2GsediRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ee78dba-001e-004a-7a3d-1d33d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 69ms
23ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 14 Jan 2022 15:05:19 GMT
Date: Thu, 10 Feb 2022 19:31:22 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "3cc21925589d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 10 Feb 2022 19:31:22 GMT

GET
H2 200 LiveChatWidgetAll.min.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ Frame 80B6 53 KB
9 KB 10ms
10ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetAll.min.css
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0nfAEYgAAAAAptkxxSg3uTJvwMAc/UNQ1QU1TMDRFREdFMTgxMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: WaCWuIabbLjYwdudjji8ZQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BBBA986
x-azure-ref: 0CmgFYgAAAABtKkwVOwI0RJgUysbo6Bi6RlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 61d2bcb6-c01e-00d3-5d7d-1d4c6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 jquery-3.4.1.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 80B6 104 KB
31 KB 9ms
9ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0WPEEYgAAAAAlC/s698ctSod0d/KMqDcNQU1TMDRFREdFMTgxNAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: iPDd3y2YhzkDBroYgeOIwg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00736CCC0
x-azure-ref: 0CmgFYgAAAAAlnesrW6bIRp7RIhk705cMRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b5fb194c-e01e-0042-2563-1d29de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/ Frame 80B6 4 KB
2 KB 12ms
12ms XHR
application/json 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0gfAEYgAAAABS/wdfuS5zRpTZUn+Ls/MNQU1TMDRFREdFMTkxNgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00238B342
x-azure-ref: 0CmgFYgAAAACHlN3QrRJHQ6Nj7rqAbV0LRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: af365f0a-201e-004d-1576-1d5fb2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 appinsights.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 80B6 5 KB
3 KB 10ms
9ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0BWEFYgAAAABEL7DL7ULYTpcaSnLxQ0gMQU1TMDRFREdFMTkyMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: ADbtFKqlrLgA2/6zjT1cnw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F006756E1E
x-azure-ref: 0CmgFYgAAAACEP9US9s1XT5KN/HmxBAVXRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5a9bc82b-701e-013d-6a4e-1d1848000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 webchat-es5.js Show response
cdn.botframework.com/botframework-webchat/4.9.2/ Frame 80B6 3 MB
748 KB 49ms
13ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.botframework.com/botframework-webchat/4.9.2/webchat-es5.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8A) /
Resource Hash: 0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: gzip
content-md5: lAEA5uInanqd0I1LBpYUXA==
age: 2165
x-cache: HIT
content-length: 765604
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jul 2020 18:43:42 GMT
server: ECAcc (frc/8F8A)
etag: 0x8D829B82987C0B5
vary: Accept-Encoding
x-ec-bbr-enable: 1
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d37b8a8b-a01e-00a6-19af-1e90d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 10 Feb 2022 23:31:22 GMT

GET
H/1.1

200
OK

svrGP
elq.macu.com/visitor/v200/
Redirect Chain

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&firstPartyCookieDomain=elq.macu.com
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&elq1pcGUID=B6F5EE0DABAD4702AC669455394D8B91

49 B
497 B

192ms
192ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&elq1pcGUID=B6F5EE0DABAD4702AC669455394D8B91

Requested by

Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/

Protocol

HTTP/1.1

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 19:31:22 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 19:31:22 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fwww.client-helpdeskweb.dns04.com%2F&ref2=elqNone&tzo=0&ms=72&optin=disabled&elq1pcGUID=B6F5EE0DABAD4702AC669455394D8B91
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 340
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 80B6 119 KB
38 KB 128ms
12ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: db6f184339c08d2b34fa2d2fc6dbb5f74e4b5ad9a2a5c686ced52b943e345396

Request headers

Referer: https://oc-cdn-ocprod.azureedge.net/
Origin: https://oc-cdn-ocprod.azureedge.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0B2UFYgAAAACaw5NWq0cOSKE/gz5wl5UqQU1TMDRFREdFMTkxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5: Qc7ZDjB6lUp3aPNiG7rIUA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.7.3.min.js
last-modified: Thu, 03 Feb 2022 18:08:36 GMT
x-ms-meta-aijssdkver: 2.7.3
etag: 0x8D9E74032DA34AE
x-azure-ref: 0CmgFYgAAAAC3+ru7VMEpR7Qa2dCon+B9RlJBRURHRTEwMTcAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 61609f80-801e-0006-43b1-1edbca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 purify.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 80B6 16 KB
7 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/purify.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:21 GMT
content-encoding: br
x-azure-ref-originshield: 0V1EFYgAAAABRb3acx6dNTo197NAuiJR4QU1TMDRFREdFMTgxOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: 98MT7M8SRWeA4QUys4utxQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0077B45AC
x-azure-ref: 0CmgFYgAAAADC4pAaXeXaQJgQzLoLetHcRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c72771d6-b01e-002d-634e-1d232d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK botframework-webchat-adapter-ic3.production.min.js Show response
webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/ Frame 80B6 115 KB
115 KB 674ms
165ms Script
application/javascript 52.239.236.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/botframework-webchat-adapter-ic3.production.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.236.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 10 Feb 2022 19:31:22 GMT
Last-Modified: Sat, 14 Aug 2021 15:05:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uWzZutPFlN9rzjGW2y8JIQ==
ETag: 0x8D95F3500AFCFD0
Content-Type: application/javascript
x-ms-request-id: aa5b65ee-101e-0096-0db4-1e831f000000
x-ms-version: 2009-09-19
Content-Length: 117440

GET
H2 200 ae.js Show response
ws.audioeye.com/ 1020 B
817 B 30ms
6ms Script
application/javascript 18.66.139.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: www.client-helpdeskweb.dns04.com
URL: https://www.client-helpdeskweb.dns04.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-59.fra60.r.cloudfront.net
Software: /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:09:08 GMT
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
age: 1334
etag: "c5f5d23dbd841fb0868078e4bfbbd713"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: NukuJadxlyqbr798rAjt_H_p00beGjjNdRiyJ6CbpjiR1dAqaj-UHA==

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
12 KB 293ms
238ms Script
application/javascript 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.client-helpdeskweb.dns04.com
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: /
Resource Hash: 29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.client-helpdeskweb.dns04.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:22 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: "bd2f70577e43319f96c693e34b326375"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, private
content-encoding: gzip
x-amz-cf-id: kKcQVuV2RkXUXsobRpDfgSPelZJbBbuQpLkLN2E4cgMCxp0CfvdRtQ==

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 29 B
424 B 670ms
625ms Script
text/javascript 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=www.client-helpdeskweb.dns04.com&lang=en&cb=3a3e9de
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.client-helpdeskweb.dns04.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

Request headers

Referer: https://www.client-helpdeskweb.dns04.com/
Origin: https://www.client-helpdeskweb.dns04.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:31:23 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
content-length: 49
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id: I9jwaPkzXq1-p80rCZNHQe7gPfDYhpwrQwM6X5z07pYCtJ3ptWlrTw==

GET
H2 200 SDK.min.js Show response
comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/ Frame 80B6 24 KB
5 KB 172ms
10ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:22 GMT
content-encoding: br
last-modified: Sat, 02 Oct 2021 02:07:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WdlsYBmkBlaPY+FFlT//KA==
etag: 0x8D98549567E591B
x-azure-ref: 0C2gFYgAAAAC7/GBV4lPuTafeNcY73r6MRlJBRURHRTEwMDgAMzEzYmNhYWQtNTkyZS00ZDA4LWI1OTEtZjJjZTI1ZDc2ZjU3
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: 2ef6d6d7-f01e-006e-586c-1d06db000000
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0oSoFYgAAAAASFl00vemlSZ+rmBGlxiVXQU1TMDRFREdFMTkxMQAzMTNiY2FhZC01OTJlLTRkMDgtYjU5MS1mMmNlMjVkNzZmNTc=

GET
H2 200 chat-adapter-0.0.35-beta.1.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 80B6 444 KB
99 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/chat-adapter-0.0.35-beta.1.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:23 GMT
content-encoding: br
x-azure-ref-originshield: 0aTIFYgAAAAA9O7h4ofrqRbNl/JnPECN7QU1TMDRFREdFMTkxMAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: O+ExDonOjsci5GCZ/GHiZw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0070E3C1C
x-azure-ref: 0C2gFYgAAAAAFOSoBRjkPS6g4PSDcOqxrRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4c82caee-b01e-0060-0f4b-1decc1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 SDK.min.js Show response
ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/ Frame 80B6 78 KB
17 KB 38ms
9ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:23 GMT
content-encoding: br
x-azure-ref-originshield: 0E2IFYgAAAAC1IQz2kvmoTqRnNR76DMqoQU1TMDRFREdFMTkxMAA5Nzk3MTdhNC1mNDg1LTRjOTUtYWQ2Yi1iOGFiMTViZmIzYTI=
content-md5: wgHqAXXLbwBtAnW5wGiHJg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 31 Aug 2021 20:29:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96CBE17F6BD2B
x-azure-ref: 0C2gFYgAAAADeniSGKS3sQJhYfojIiN/hRlJBRURHRTEwMjIAOTc5NzE3YTQtZjQ4NS00Yzk1LWFkNmItYjhhYjE1YmZiM2Ey
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7dae8321-601e-00bb-5c34-1d00df000000
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK 705610f5-72b1-469e-8935-4af156c9dcbb Show response
217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/ Frame 80B6 12 KB
13 KB 1203ms
329ms XHR
application/json 13.66.240.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/705610f5-72b1-469e-8935-4af156c9dcbb?requestId=2c197ce8-d787-48bb-9161-115670654617&channelId=lcw

Requested by

Host: ocsdk-prod.azureedge.net
URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.66.240.155 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd

Security Headers

Name	Value
Content-Security-Policy	default-src "none"
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://oc-cdn-ocprod.azureedge.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src "none"
X-Content-Type-Options: nosniff
Correlation-Vector: fD5Lx5GATk2CohJGozcveA.19
Date: Thu, 10 Feb 2022 19:31:24 GMT
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Cache-Control: no-store, must-revalidate, no-cache
Transaction-Id: 7c1a75d7-179c-4a60-8cab-af8058faf947
Expires: Thu, 10 Feb 2022 19:31:24 GMT

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 80B6 0
397 B 482ms
187ms XHR
application/json 20.42.65.84
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1644521484078&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.84 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:23 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 329
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 1033.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/ Frame 80B6 13 KB
3 KB 8ms
8ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/1033.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 19:31:24 GMT
content-encoding: br
x-azure-ref-originshield: 0CGYFYgAAAAAfmYv70rj5QLjkdiopZxGsQU1TMDRFREdFMTkyMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: +rNdVFj8oJE5dM/EJCJOQA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F008A0D57F
x-azure-ref: 0DWgFYgAAAACcADfYra0xSZFH+sr/2ilDRlJBRURHRTEwMjIANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5ca0a779-701e-00f9-586b-1e937c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 80B6 0
396 B 93ms
93ms XHR
application/json 20.42.65.84
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1644521487011&time-delta-to-apply-millis=329
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.84 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 19:31:26 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 37
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mountain America Credit Union (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 10:10:17	Name: MUID Value: 2FF0A9BCD7A06FD127ADB8FBD6CB6EB4
.dns04.com/	1970-01-20 02:58:17	Name: _fbp Value: fb.1.1644521481953.1995888372
.facebook.com/	1970-01-20 02:58:17	Name: fr Value: 02vGktPjj5aWH2BiW..BiBWgJ...1.0.BiBWgJ.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/tippy.all.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/dist/module/main.bundle.6748b61948611561aebb.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cloud.typography.com/689828/7556792/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/js/actions.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/tippy.all.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/dist/module/main.bundle.6748b61948611561aebb.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.client-helpdeskweb.dns04.com/js/actions.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com
ajax.aspnetcdn.com
bat.bing.com
browser.pipe.aria.microsoft.com
cdn.botframework.com
cdnjs.cloudflare.com
cloud.typography.com
code.jquery.com
collector.fraudmap.net
comms.omnichannelengagementhub.com
connect.facebook.net
elq.macu.com
img.en25.com
js.monitor.azure.com
oc-cdn-ocprod.azureedge.net
ocsdk-prod.azureedge.net
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
webchatic3.blob.core.windows.net
ws.audioeye.com
wsv3cdn.audioeye.com
www.client-helpdeskweb.dns04.com
www.facebook.com
www.macu.com
104.111.229.66
104.111.232.231
13.66.240.155
142.0.173.134
152.199.19.160
18.66.112.80
18.66.139.59
20.42.65.84
2001:4de0:ac18::1:a:1b
2606:4700::6810:125e
2606:4700::6812:bcf
2620:1ec:46::44
2620:1ec:bdf::44
2620:1ec:c11::200
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
2a03:5f80:a::b212:e7d1
40.114.55.61
45.60.46.50
52.239.236.68
63.128.130.61
023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
03074f175d2e30b0c6a3418ea28c1b9877b135ecf5f36685a71a5a9c949192fd
06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121
0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575
09927329c9a15cdedd77368a5a4f7c984ca673f9714d2f926ac1925ea97dd8a3
0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd
202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b
2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916
3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0
3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47
3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff
470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f
4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3
5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae
5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23
5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5
5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466
60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1
661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6
68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f
6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969
6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f
7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda
7a407fce85806e9065c75c121dc9d2c4f5eb149a69e9ecee4ff61e1f1ca3592e
821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd
90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef
93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db
95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646
a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c
b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6
b583a9d922d39a3ea30176cbf9734b8281685742c4f3283ad6d858079edc9c4c
b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88
c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec
c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c
cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3
ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1
cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002
d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b
d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a
db6f184339c08d2b34fa2d2fc6dbb5f74e4b5ad9a2a5c686ced52b943e345396
dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53
e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb
f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d
f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192
fdcfb4c57ef0de6a5ceabe5603ecb5d8fee0446e278c50ca3b66ac09bd72edb1

www.client-helpdeskweb.dns04.com Open in urlscan Pro 40.114.55.61 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

99 %HTTPS

45 %IPv6

20 Domains

25 Subdomains

22 IPs

4 Countries

2584 kBTransfer

6857 kBSize

3 Cookies

15 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.client-helpdeskweb.dns04.com Open in urlscan Pro
40.114.55.61 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

25
Subdomains

22
IPs

4
Countries

2584 kB
Transfer

6857 kB
Size

3
Cookies

87 HTTP transactions
0 data transactions