urlscan.io logo urlscan.io
SecurityTrails logo

downer.e7.site Open in urlscan Pro
54.209.91.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://downer.e7.site/
Submission: On October 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 54.209.91.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is downer.e7.site.
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.
This is the only time downer.e7.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.209.91.188 14618 (AMAZON-AES)
7 65.9.94.114 16509 (AMAZON-02)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 1 65.9.95.102 16509 (AMAZON-02)
3 65.9.95.17 16509 (AMAZON-02)
2 104.16.53.111 13335 (CLOUDFLAR...)
1 34.193.196.196 14618 (AMAZON-AES)
21 6
1    54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com
downer.e7.site
7    65.9.94.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-114.prg50.r.cloudfront.net
d316tq1142cnjb.cloudfront.net
7    104.18.72.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    65.9.95.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-102.prg50.r.cloudfront.net
widget.intercom.io
3    65.9.95.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-17.prg50.r.cloudfront.net
js.intercomcdn.com
2    104.16.53.111 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
envisionapp.zendesk.com
1    34.193.196.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-196-196.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3159
ekr.zdassets.com — Cisco Umbrella Rank: 3703
366 KB
7 cloudfront.net
d316tq1142cnjb.cloudfront.net
631 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 5128
199 KB
2 zendesk.com
envisionapp.zendesk.com
1 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5111
api-iam.intercom.io — Cisco Umbrella Rank: 5007
3 KB
1 e7.site
downer.e7.site
4 KB
21 6
Domain Requested by
7 d316tq1142cnjb.cloudfront.net d316tq1142cnjb.cloudfront.net
6 static.zdassets.com downer.e7.site
static.zdassets.com
3 js.intercomcdn.com widget.intercom.io
2 envisionapp.zendesk.com static.zdassets.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 ekr.zdassets.com static.zdassets.com
1 downer.e7.site
21 8

This site contains no links.

Subject Issuer Validity Valid
downer.e7.site
R3		 2022-09-12 -
2022-12-11		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-08 -
2022-12-15		 6 months crt.sh
envisionapp.zendesk.com
Cloudflare Inc ECC CA-3		 2022-05-13 -
2023-05-13		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://downer.e7.site/
Frame ID: F9CDA93676F65CF7F9117D03C21245DC
Requests: 11 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js
Frame ID: 98AA57E338157BA927E2B8993EC14760
Requests: 7 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7419a177.js
Frame ID: 69CB41D8F1EDAF7CF80E6865F8A73EC8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - SYNCHRO Perform

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

1205 kB
Transfer

4758 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://widget.intercom.io/widget/j3uoa270 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
downer.e7.site/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downer.e7.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3a3cb90766153e1fcba2700f5c819186c1f262ed2839014ccdc71a3f1c919ccf
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Oct 2022 22:01:44 GMT
Etag
W/"3a3cb90766153e1fcba2700f5c819186"
Link
<https://d316tq1142cnjb.cloudfront.net/assets/application-d88f894fd7604491a6674feeab2eb9a765c9255a26aec859b774a54fcd50c74d.css>; rel=preload; as=style; nopush,<https://d316tq1142cnjb.cloudfront.net/assets/facebox-1b1a2e27099999f2874297f16e3dcfef88d5ddeccd646bc07076e0b20ddc2c61.css>; rel=preload; as=style; nopush,<https://d316tq1142cnjb.cloudfront.net/assets/print-4709044e3888253c2cffa6c520d9ccf78945d10123c46e57ddf641134fd001e5.css>; rel=preload; as=style; nopush,<https://d316tq1142cnjb.cloudfront.net/packs/js/runtime-2825d33699eea5c9941f.js>; rel=preload; as=script; nopush,<https://d316tq1142cnjb.cloudfront.net/packs/js/templating-85320c0648c678cbb471.js>; rel=preload; as=script; nopush,<https://d316tq1142cnjb.cloudfront.net/assets/application-614874bf1efb67a93de551c26bddd57af25c646099e178a7a7c6a50268764911.js>; rel=preload; as=script; nopush
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
274927a3-7d45-458e-a4ba-a58e0bd066cd
X-Runtime
0.016766
X-Xss-Protection
1; mode=block
application-d88f894fd7604491a6674feeab2eb9a765c9255a26aec859b774a54fcd50c74d.css
d316tq1142cnjb.cloudfront.net/assets/ 		689 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/assets/application-d88f894fd7604491a6674feeab2eb9a765c9255a26aec859b774a54fcd50c74d.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
1e3fb9697be0cdbed9bdf6b2bc7aed5299cdd556ab119bfac8f441ada8273a1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 22:01:45 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 10 Oct 2022 04:06:03 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
90563
X-Amz-Cf-Id
DGqH8pL0s4Qllt6W9Ix8jL6F5_i1EfPKsWR99IiCsGPd_fzNR8KMCQ==
facebox-1b1a2e27099999f2874297f16e3dcfef88d5ddeccd646bc07076e0b20ddc2c61.css
d316tq1142cnjb.cloudfront.net/assets/ 		956 B
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/assets/facebox-1b1a2e27099999f2874297f16e3dcfef88d5ddeccd646bc07076e0b20ddc2c61.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
f1a007867f38c2e55c11432e11427f6bba8d60c04b6b024f73225e96f87ac6bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 04:39:02 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 05 Oct 2022 04:36:29 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Age
580963
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
406
X-Amz-Cf-Id
348PT2OPgI6_DLBspkFNDXrHnHgZuXDya4oKZqdF08-cdvxPQmMMLw==
print-4709044e3888253c2cffa6c520d9ccf78945d10123c46e57ddf641134fd001e5.css
d316tq1142cnjb.cloudfront.net/assets/ 		554 B
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/assets/print-4709044e3888253c2cffa6c520d9ccf78945d10123c46e57ddf641134fd001e5.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
8859faaea4035af4491309097573cdd8b013312f4dedd16c63c7d6977c0ea736
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 04:39:02 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 05 Oct 2022 04:36:29 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Age
580963
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
291
X-Amz-Cf-Id
gxVlE9JHxoWUYgYXMmNm_pxwq2cwKFTDwWhFQlk4hvhn22Xtb7zuCg==
runtime-2825d33699eea5c9941f.js
d316tq1142cnjb.cloudfront.net/packs/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/packs/js/runtime-2825d33699eea5c9941f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
44f677defba992da00aa5ca1391d91402a6d35bd1c927e8743e3e3557cdbfd95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 22:01:45 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 10 Oct 2022 04:06:16 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
752
X-Amz-Cf-Id
Nc4Wdl_7kchzfzh9-iyvIqrAhF87itUl-6adxNRWg51N5yDaU-yN5w==
templating-85320c0648c678cbb471.js
d316tq1142cnjb.cloudfront.net/packs/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/packs/js/templating-85320c0648c678cbb471.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
76898e0b699e65dc1dbfb0e1ac487055e5737e98cbb3eb45fc5c51b0d3aea406
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 05:59:34 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 10 Oct 2022 04:06:16 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Age
57730
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
9928
X-Amz-Cf-Id
VoXaG9JE9Sbbv6T3MZXBwsMbPF0tNR-33EYVNaWYmwwA7oGNu2D-qw==
application-614874bf1efb67a93de551c26bddd57af25c646099e178a7a7c6a50268764911.js
d316tq1142cnjb.cloudfront.net/assets/ 		2 MB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d316tq1142cnjb.cloudfront.net/assets/application-614874bf1efb67a93de551c26bddd57af25c646099e178a7a7c6a50268764911.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
af6e3adf1b72eb5392420d52b8fbbb30e7a371d770d2853c86ff130cd3066a9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 04:39:02 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 05 Oct 2022 04:36:28 GMT
Server
Cowboy
X-Amz-Cf-Pop
PRG50-C1
Age
580962
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
539704
X-Amz-Cf-Id
GOOFOPsHnKMc4rUBxkF2CmyuCMEdMPMgqw6PbfcMhzCwP5O08NyWJw==
snippet.js
static.zdassets.com/ekr/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=9e8b1b4a-1dbd-4faf-8df9-fc2b8a74a6f6
Requested by
Host: downer.e7.site
URL: https://downer.e7.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:45 GMT
x-amz-version-id
TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
72WP5DD5Y1773NJ5
age
31
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
rwZulaRteoqLCk3aNWWgWSW9XY3YyRq84y7jUnc4PSHt3Q1thf5qVm84zN8iPapSHxN+2XZLo4zO78Ncw34trw==
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnO66rFF1Y2dpOgh%2FtlFwGtedayHNRitBOzZVB1Bpc9zNP64xWmLUpRQTqkXpDiys%2BRwWFq4oIcXlpiVpOOnzzslhNMoCcBqH54vwe10fUJYZyhbIzjPjta5w4gsdTwOoSOAc0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
75931daa3a1d5c44-FRA
logo-white-3a171b93412155ed57cf669d3f00f93f1b1380085413851405eb084de215041c.png
d316tq1142cnjb.cloudfront.net/assets/ 		638 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d316tq1142cnjb.cloudfront.net/assets/logo-white-3a171b93412155ed57cf669d3f00f93f1b1380085413851405eb084de215041c.png
Requested by
Host: d316tq1142cnjb.cloudfront.net
URL: https://d316tq1142cnjb.cloudfront.net/assets/application-d88f894fd7604491a6674feeab2eb9a765c9255a26aec859b774a54fcd50c74d.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-114.prg50.r.cloudfront.net
Software
Cowboy /
Resource Hash
aa4acf7e371e704ec1d521e72480bb638ae4082d3f0b5c2939db7da03f2d2e99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d316tq1142cnjb.cloudfront.net/assets/application-d88f894fd7604491a6674feeab2eb9a765c9255a26aec859b774a54fcd50c74d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 22:01:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 05 Oct 2022 04:36:28 GMT
Server
Cowboy
Via
1.1 vegur, 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Cache
Miss from cloudfront
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
T8W0tA92zcbg0sk_Sb8fmzP3862RrYtv9Mz3n1W8J1cV2CSH_67byA==
9e8b1b4a-1dbd-4faf-8df9-fc2b8a74a6f6
ekr.zdassets.com/compose/ 		357 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/9e8b1b4a-1dbd-4faf-8df9-fc2b8a74a6f6
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9e8b1b4a-1dbd-4faf-8df9-fc2b8a74a6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f15809c908336143bdc237d4cc74b733fda25402231ac4cc56f59d177f967f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:46 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
x-xss-protection
1; mode=block
x-request-id
78aa296c9f9ff0dae446db5a91313019, 78aa296c9f9ff0dae446db5a91313019
x-runtime
0.004449
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"55f15809c908336143bdc237d4cc74b7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs9%2BBnG9BHqL%2FWMJeL8RGO3drkf1HMeWzPmF8NgbR3GcA%2FFjsdf42Q3KOgmaya%2FhWXH7nzOgnWB%2FqHAoBp6ShQPwEFJ%2FklCPG0bdlUxyFQU5j6TRv7gUgIiGP8Hx%2FtI67Ho%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
75931db17a249b1b-FRA
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/j3uoa270
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
908d60d964e817e16a767992e9c9e7952cbd9b4a9d42d3578ca8a6285af52e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downer.e7.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:58:06 GMT
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-version-id
bslMhDGX9.DYJqh98nzoGGw8zRf3oUf6
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6165
last-modified
Wed, 12 Oct 2022 16:08:00 GMT
server
AmazonS3
etag
"aeb28f9a362df65a0d049098dfcf7c77"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
uSW6l9RmLeteFhRPp_lIW6sRTBMGq3qs9ug7RLUt8CceNa9D4aIwHw==

Redirect headers

date
Thu, 29 Sep 2022 13:18:26 GMT
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1154601
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
content-length
0
x-amz-cf-id
IVgX7WkvFvKnmqOi6fFIOmHwKjHCkJ6zFXWVAknldIjM_CDMHXFMLA==
web-widget-framework-8bd776911afeefa93f7a.js
static.zdassets.com/web_widget/latest/ Frame 98AA 		151 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9e8b1b4a-1dbd-4faf-8df9-fc2b8a74a6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c97397ccc8fe27ea815ec4e25c4efe519986d922630ed0d047b4af790ff25d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:46 GMT
x-amz-version-id
Mvofx3wTqz8ALsJ8d8lsKCM3bSR6VfqY
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
EYM3XX8YYY3HNJ1E
age
62171
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
lAw222gz57s9hK/B7VDcLtJG9ffNrHN5SffqLzu/OJtkfH8Vd8wdr4C0Kg8CsE5l8cOBacbd528=
last-modified
Wed, 12 Oct 2022 04:22:21 GMT
server
cloudflare
etag
W/"1e30c3ac655ff8afe1406becbd37987a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NByQWFX4MA4lIBOZPQd2MK2OxytOkCulm9l2NyFRCAluIRsQiPXuFDe9x9NFXrljPy4u%2B4L15xkH86guzyD4hEfVPidJLmTBRGAvKZiKvGaUR50xg5i%2F8Acqu2zqVIdO8nmHl7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75931db2d8ac5c44-FRA
expires
Thu, 12 Oct 2023 04:22:20 GMT
config
envisionapp.zendesk.com/embeddable/ Frame 98AA 		449 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://envisionapp.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9052f0d62d000b6800d1315edd7c0609356bb39267c0818318a9b69cb61b7420

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6b76c9857f-ssvsg
x-cached
MISS
x-request-id
cb0fd2a72488da0009f6523c4d556afb
x-runtime
0.000954
last-modified
Wed, 12 Oct 2022 22:01:47 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNRLALJAIX9HOsj8xpPpVfpECyPsZGTbIoIDmAQfT0iPsnDnoyXDU72Hn%2Fd9%2Badi%2BPUFMiOSLhI6mF6wfEoYQHTTFGx2JuMyYOWNMqIaWsusqI6tA1gfyzWnPyrGee%2F032oEg%2BfzKFId"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
75931db38ae6691b-FRA
frame-modern.7419a177.js
js.intercomcdn.com/ Frame 69CB 		437 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.7419a177.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/j3uoa270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305d9328dbefe0f91c700e30b474bf4cce7194a5a1baac91a095ada422e0d210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
3nUMpXanS_gXlGoNzoWXWeFfErhD4blQ
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
date
Wed, 12 Oct 2022 20:08:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
6823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
122068
last-modified
Wed, 12 Oct 2022 16:06:39 GMT
server
AmazonS3
etag
"ef8a2390b61c73b8d60bd6c203e12c2b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
JHIw6x-4yugOiT1aLzL3iU3IisQSP5VQmqTdfGVKB_A6_tuytyE1BA==
vendor-modern.b0025ac3.js
js.intercomcdn.com/ Frame 69CB 		235 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.b0025ac3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/j3uoa270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cab4d710994afa4f4ec53d49237c5f32125f5fda72ae41f09852de9f774ddb52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QzN4v8hANJ6tUeTqfihSJ0SfOH.q_IyC
content-encoding
gzip
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
date
Wed, 12 Oct 2022 20:08:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
6823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
74032
last-modified
Wed, 12 Oct 2022 16:06:39 GMT
server
AmazonS3
etag
"32d904c4f6a9e259582c42786e15d1c0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Hoe0toIH44eBzcAf8L_6THGy_V5h_d3W_6FT1-JHy8e7upTKRMgYiw==
ping
api-iam.intercom.io/messenger/web/ Frame 69CB 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7419a177.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.196.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-196-196.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b677c629ee111d8821eb91cc6cd6769931f277b22101ea0cce0cc25fe4701c66
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0235565bb13c1b1e4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0007qqncujg4vnf8hu90
x-runtime
0.739527
server
nginx
etag
W/"b677c629ee111d8821eb91cc6cd67699"
x-ratelimit-remaining
13330
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://downer.e7.site
x-intercom-version
8c6129c4cc18fad0b57048c1e068eb878427c4ee
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1665612110
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
web-widget-classic-de934ba.js
static.zdassets.com/web_widget/latest/classic/ Frame 98AA 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc9f804148f8e57555339025bc4d3360bc224f4950ee3f985be094f14ebe182
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
x-amz-version-id
7P.5y1MiLu6pNiVpnxTUczigrAX.JVsq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
EYM3Y1AAFXHAKZ8K
age
62172
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
G6VJfM2o6mSg/Ag34ZV3Q2fiUYb6xjn95nWZXYBlyWMJn1quPVCWUpRpT8zLbN5NpNGFs2vaTeQ=
last-modified
Wed, 12 Oct 2022 04:22:33 GMT
server
cloudflare
etag
W/"b954678001199f8e50b4d9d618350332"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlXS9kuMw%2Bh5LpaXAfkx41CBDl5PJi1sUUprc8ShVYTNhaBaJYjyUl2zm96JtKgVujMLIFIkvk489V72STKuwXBwXN0O3VuXt%2FIeJfiuBp6hJ5iigotRCwA4rVoZ9ahKdQvH9Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75931db5add25c44-FRA
expires
Thu, 12 Oct 2023 04:22:32 GMT
web-widget-8165-de934ba.js
static.zdassets.com/web_widget/latest/classic/ Frame 98AA 		663 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-de934ba.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
x-amz-version-id
hSZFoEqEDVfSEQz6gZ6RVgkyJZ1wVhpo
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
EYM2Y75PR30VVQJN
age
62172
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
1aDEIaJG8aMSnkZROqENV5UBWLGoOkuueKfNKQTMDZeSC53y7ejzCMihbYlZvAAo5/zcorybfZc=
last-modified
Wed, 12 Oct 2022 04:22:33 GMT
server
cloudflare
etag
W/"d519ea27f763cb6ec80aeec5b45213a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6qKdz7sU99PeDkqcT8Ewk05XiS2Q1gCwz0W6e9ZN4%2BgZD4ukaVB1CEFzhGlqky8MtQZSa%2FHOmOm0g95A5pyfRBUnfpsxWvXIn0k2wrAfMXvAdwyxNg%2Bl4QXYYfubU%2BdpIyl6Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75931db5de1b5c44-FRA
expires
Thu, 12 Oct 2023 04:22:32 GMT
web-widget-5324-de934ba.js
static.zdassets.com/web_widget/latest/classic/ Frame 98AA 		491 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-de934ba.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92aace170c818854396bfa1b4035677918295b17abb4618b7c7b3938a08e312
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
x-amz-version-id
Ta2bAYBAel51YZQz2scu55DxFdOBAiSK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
EYM9Z8V15TX4NBJG
age
62172
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
968rVDapO3qIvXWOMISWRwaoCn5pio4w5QwWzCmVxdWIrVUm6V/XBbygBWBjcHiKRsnMKk1k4Y0=
last-modified
Wed, 12 Oct 2022 04:22:33 GMT
server
cloudflare
etag
W/"42bbde2d6f9114e30197fe178ffb83f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlnH9gdp9TDgSv8u57gWVR6LEs1NCeXpOws8qL7e%2FfMGpxaI0qtmVjwtg2JJ3LmyFFFKYTs0HVLXQaKmwf26OJwZ0sGbkQBP4w3JVK6uzbPyQWkrPXRnezPadsqr9LZRvnsTDgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75931db5de1f5c44-FRA
expires
Thu, 12 Oct 2023 04:22:32 GMT
embeddable_blip
envisionapp.zendesk.com/ Frame 98AA 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://envisionapp.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS45MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiNTFiYzQ1NzhkY2ZjNDhkNjllZjUwNWE2YzlmODc4N2QiLCJzdWlkIjoiMjkzMjQwZmI5ZTQxNDY3MDgxNzZjZmY1ZTNmMjdhMzQiLCJ2ZXJzaW9uIjoiZGU5MzRiYSIsInRpbWVzdGFtcCI6IjIwMjItMTAtMTJUMjI6MDE6NDcuMzM5WiIsInVybCI6Imh0dHBzOi8vZG93bmVyLmU3LnNpdGUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Oct 2022 22:01:47 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsmxSKyBx5zI%2BnqYN1YWb3d7VK6DAx9hUm7E%2B7wCkH2XSiWNOPMhURBIM4uFBpGwh3MRoTfbXXrR10eWH9xy1dNDR4kIS9oIPMqEesQYvl5jRrO8VmdGQAFQi7ufrMkkuxajQ2KQ%2BaCd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
75931db6d8d0691b-FRA
content-length
0
x-request-id
ce2113f9fc6f0deb67b9ac136668d97c
de-de-json-de934ba.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 98AA 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-de934ba.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:01:47 GMT
x-amz-version-id
ZHX.h6mFX.0_0QQLGFdpRSOrZBgmBKhd
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YZWSZX5S2WFQV20J
age
62171
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
3AjjftSBFzGi0/R6PsrbLC7hVAmJo4KtVjkrNvneukCgTiRzhR1xFlzSGq29Ov1CyzIFCdgIGY4=
last-modified
Wed, 12 Oct 2022 04:22:34 GMT
server
cloudflare
etag
W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMCsJ0LBGMqVuUU8CfTVyLhdNd0NNISspyOyS8h3t7Or9rbZgIUW93hdazVEA73Bl12YiUwhXRjaQQs84%2FNE0DSihauiufVI1hvZyQjugXcJic8%2F2JYQNpLcXpDYSMpWSdhz7k8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75931db6efd45c44-FRA
expires
Thu, 12 Oct 2023 04:22:33 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunke7 function| sprocketsImport function| css_browser_selector function| flash function| isiPad function| $ function| jQuery object| $traceurRuntime function| numbro function| moment function| MultiMap function| WalkontableCellCoords function| WalkontableOverlay function| WalkontableBorder function| WalkontableCellRange function| WalkontableSelection function| WalkontableEvent function| WalkontableOverlays function| WalkontableScroll function| WalkontableSettings function| WalkontableColumnFilter function| WalkontableRowFilter function| WalkontableTableRenderer function| WalkontableTable function| WalkontableViewportColumnsCalculator function| WalkontableViewportRowsCalculator function| WalkontableViewport function| WalkontableTopOverlay function| WalkontableLeftOverlay function| WalkontableDebugOverlay function| WalkontableTopLeftCornerOverlay function| Walkontable function| WalkontableBottomOverlay function| WalkontableBottomLeftCornerOverlay function| Handsontable function| DataTable object| Assets function| availableWindowHeight function| containerHeight function| updateBadges string| c function| _ function| sprintf function| vsprintf function| s function| UriTemplate object| Utility function| HAML object| Backbone object| Envision object| JST object| Activity function| uuidv4 function| DataTableGroup function| loadTimelineEntries function| tmpl function| Uri function| initWorkboardButton object| jstz object| resizeDetector function| updateBackgroundStatus function| handleBackgroundStatusTriggerSubmit function| formatRelativeDate function| updateRelativeDates function| FixedWidthColumnPopover function| es function| e object| zEWebpackACJsonp function| zE function| zEmbed object| intercomSettings function| Intercom boolean| zEACLoaded function| __intercomAssignLocation function| $zopim

4 Cookies

Domain/Path Name / Value
downer.e7.site/ Name: _Envision_session
Value: gmzRPnWAALXv9KbH7uW3wCUhFxmjbKpd8655SuvqQYM48aFUk4bdLW8Ko3AoYvvcOcZB%2B5ACT9hYWZkz2NX91tw1pNJ7q%2BALbPbb%2FSkwU0LCy2y4hDITMCSV5gRGvmtDXLDkFWKNRUsW%2F%2F5jtf4WUH5%2FH5YfEvQE4krXpmK370%2BGWUUBTsjAnt%2BRxqIXhrrwLp7efgm%2BajlQ2pYdzSRSEEggMAVuGYhQNZZlJnT8GI2ZbVpjDEpDWLDLPia4pYp8uAtZf5tM32lK4ukjA3QIUdFlohRmrxNKPlbiL%2Fy3CpVHNBleLhmmNUt%2BNcp24dE%3D--9xEyonAq0lKtn3xX--5Z31t70QBfKiVr%2BpEDt2lA%3D%3D
downer.e7.site/ Name: hidden-nav
Value:
.e7.site/ Name: intercom-id-j3uoa270
Value: 6eb2fe3d-f215-4126-983f-873282330ff8
.e7.site/ Name: intercom-session-j3uoa270
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
d316tq1142cnjb.cloudfront.net
downer.e7.site
ekr.zdassets.com
envisionapp.zendesk.com
js.intercomcdn.com
static.zdassets.com
widget.intercom.io
104.16.53.111
104.18.72.113
34.193.196.196
54.209.91.188
65.9.94.114
65.9.95.102
65.9.95.17
1e3fb9697be0cdbed9bdf6b2bc7aed5299cdd556ab119bfac8f441ada8273a1d
305d9328dbefe0f91c700e30b474bf4cce7194a5a1baac91a095ada422e0d210
3a3cb90766153e1fcba2700f5c819186c1f262ed2839014ccdc71a3f1c919ccf
44f677defba992da00aa5ca1391d91402a6d35bd1c927e8743e3e3557cdbfd95
55f15809c908336143bdc237d4cc74b733fda25402231ac4cc56f59d177f967f
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6dc9f804148f8e57555339025bc4d3360bc224f4950ee3f985be094f14ebe182
76898e0b699e65dc1dbfb0e1ac487055e5737e98cbb3eb45fc5c51b0d3aea406
8859faaea4035af4491309097573cdd8b013312f4dedd16c63c7d6977c0ea736
8c97397ccc8fe27ea815ec4e25c4efe519986d922630ed0d047b4af790ff25d9
9052f0d62d000b6800d1315edd7c0609356bb39267c0818318a9b69cb61b7420
908d60d964e817e16a767992e9c9e7952cbd9b4a9d42d3578ca8a6285af52e5a
aa4acf7e371e704ec1d521e72480bb638ae4082d3f0b5c2939db7da03f2d2e99
af6e3adf1b72eb5392420d52b8fbbb30e7a371d770d2853c86ff130cd3066a9c
b677c629ee111d8821eb91cc6cd6769931f277b22101ea0cce0cc25fe4701c66
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cab4d710994afa4f4ec53d49237c5f32125f5fda72ae41f09852de9f774ddb52
d92aace170c818854396bfa1b4035677918295b17abb4618b7c7b3938a08e312
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1a007867f38c2e55c11432e11427f6bba8d60c04b6b024f73225e96f87ac6bc