urlscan.io logo urlscan.io
SecurityTrails logo

chrisdidntinventdiscord.com Open in urlscan Pro
2607:f1c0:100f:f000::200  Public Scan

Go To Rescan Add Verdict Report
URL: https://chrisdidntinventdiscord.com/
Submission Tags: phishingrod
Submission: On April 04 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2607:f1c0:100f:f000::200, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is chrisdidntinventdiscord.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on April 3rd 2023. Valid for: a year.
This is the only time chrisdidntinventdiscord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Zoom_cm_fo42anktZ9vvrZo4_mT4hROgf+MGUxucw+pLKx2yF52+VmCFIO1MUT@p3lH9y0UxdL0igWg_k3f6484008641f76a_.exe 134 KB application/x-dosexec
MIME: PE32 executable (GUI) Intel 80386, for MS Windows
Size: 134 KB (137600 bytes, 100% done)
Downloaded from: https://us02web.zoom.us/launch/download/ToXa_jRP9y5V3kjqEJlqCeNQ8-Il6Y2dRY1ymbCFtomz4_txv7m0QM1A-qj_Gdtm9EGo2wCiuyZPLY3AdZCsvNV7OUBBoJidQ_dCICBVK4FMp8bWjQLWElQCNzLDMUNnIO7V_y6PYWOx5njN6h0SHI3_tWEWiphr6KjaqRcbfTYIMxIyjiwTIZ9UwBIwwL-S9Yh04QczrwV41vYrs-M5kU5k106KtWCQwYz0CLi_FXBa-55mIPp54IbfF0ZsdsdNxTDy5A2MCZmmKOkmiBTO7FWMIkwJe0Tong6OA6zoBf9FdKUV0bkyAQPmbkE-yYU7Hnq-hE8N19WqG18-ZHTb5xnZBcipKyNG10YjnSiJLqw7Rb5-8fqnGTUyDgZl5p9pfOYkpGy82kEN7Y9LyuDn8H8LrPsvEde3DrZvGr3BegOiCJ8TvB3QIxOK9qrj8TTXchWxc0A4KRqQjv8hFu0pjGhtSFIFKlJVtRJoB1Ke62c_G6stlPDgqeNx6_7IblKiDGPahr2kNRX1GiY6cr-B9OhMgaWP90g2wNSPcWPtGBHePjDcxgEsnunM2HdNhXM5DOvwaikYUMFqRuNE2D_ZfzasbSYzbt03VNzeDBc5vvL7tunnne1NtYhQeZYit0brHAao54uvGxDt_iPN.qZX8q_U63t0bNRYL/meeting/V1cgVqJxDS5AThGYRo7tyrs1lB4_ALOjGDHu.XKAsmth1NuVQoBmY/Zoom_launcher.exe?embed=1

Domain & IP information

IP Address AS Autonomous System
1 2607:f1c0:100... 8560 (IONOS-AS ...)
3 2407:30c0:182... 209242 (CLOUDFLAR...)
4 18.67.17.101 16509 (AMAZON-02)
1 34.98.108.207 396982 (GOOGLE-CL...)
1 13.224.199.249 16509 (AMAZON-02)
1 18.66.130.242 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.235.192.240 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 143.204.215.126 16509 (AMAZON-02)
24 11
1    2607:f1c0:100f:f000::200 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
chrisdidntinventdiscord.com
3    2407:30c0:182::aa72:3403 (Australia)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
us02web.zoom.us
4    18.67.17.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-101.yto50.r.cloudfront.net
static.ada.support
1    34.98.108.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.108.98.34.bc.googleusercontent.com
cdn.solvvy.com
1    13.224.199.249 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-199-249.fra2.r.cloudfront.net
us02st3.zoom.us
1    18.66.130.242 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-242.fra60.r.cloudfront.net
st1.zoom.us
7    2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    54.235.192.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-192-240.compute-1.amazonaws.com
log-gateway.zoom.us
1    2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    143.204.215.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-126.fra53.r.cloudfront.net
rollout.ada.support
Apex Domain
Subdomains		 Transfer
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 433
141 KB
7 zoom.us
us02web.zoom.us — Cisco Umbrella Rank: 5504
us02st3.zoom.us — Cisco Umbrella Rank: 12308
st1.zoom.us — Cisco Umbrella Rank: 3707
log-gateway.zoom.us — Cisco Umbrella Rank: 5413
144 KB
5 ada.support
static.ada.support — Cisco Umbrella Rank: 4521
rollout.ada.support — Cisco Umbrella Rank: 3989
108 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 648
303 B
1 solvvy.com
cdn.solvvy.com — Cisco Umbrella Rank: 4286
8 KB
1 chrisdidntinventdiscord.com
chrisdidntinventdiscord.com
596 B
24 6
Domain Requested by
7 cdn.cookielaw.org st1.zoom.us
cdn.cookielaw.org
4 static.ada.support us02web.zoom.us
static.ada.support
3 us02web.zoom.us chrisdidntinventdiscord.com
us02web.zoom.us
st1.zoom.us
2 log-gateway.zoom.us st1.zoom.us
1 rollout.ada.support static.ada.support
1 geolocation.onetrust.com cdn.cookielaw.org
1 st1.zoom.us us02web.zoom.us
1 us02st3.zoom.us us02web.zoom.us
1 cdn.solvvy.com us02web.zoom.us
1 chrisdidntinventdiscord.com
24 10

This site contains no links.

Subject Issuer Validity Valid
*.chrisdidntinventdiscord.com
Encryption Everywhere DV TLS CA - G2		 2023-04-03 -
2024-04-02		 a year crt.sh
*.zoom.us
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-02		 a year crt.sh
*.ada.support
Amazon RSA 2048 M01		 2023-03-01 -
2024-01-29		 a year crt.sh
cdn.solvvy.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-01-09		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh

This page contains 4 frames:

Primary Page: https://chrisdidntinventdiscord.com/
Frame ID: 6AAB82312D79E2819019109CC912B734
Requests: 1 HTTP requests in this frame

Frame: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Frame ID: 92A3505A9D732C6024E9576FDC82D988
Requests: 21 HTTP requests in this frame

Frame: zoommtg://us02web.zoom.us/join?action=join&confno=83701846310&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09&tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&zc=24&confid=dXRpZD1VVElEXzI5Y2JhNWI1MjY0NTQyZDg5MTU2YmRlMDI3NTcwNWNmJnVzcz02NmxVZ3I0TlpfcURrWmw0Rko0eUk0SWNaNVVqX2JwQ0V2Z3laZTdJMGtOMGt0NlhubEdzLWViN281cWJ3aGduNXFic2tkWFk1dVR3Nm5LRlF6R00yMWN3ZkZ2ODdsaFJKcHRGcTJmV1RBSjVWUXo5QmUwT1htOGFNN1NPLk5UOXJrbzd5LWtPb0RHdTYmdGlkPWFiMGZlYmQ0Njc1ZjRkMjc5ZDIwMTlhYmNhY2E5YjJh&browser=chrome
Frame ID: A7817BA6AF890C8C2E4ADCFA1FBD870C
Requests: 1 HTTP requests in this frame

Frame: https://us02web.zoom.us/launch/download/ToXa_jRP9y5V3kjqEJlqCeNQ8-Il6Y2dRY1ymbCFtomz4_txv7m0QM1A-qj_Gdtm9EGo2wCiuyZPLY3AdZCsvNV7OUBBoJidQ_dCICBVK4FMp8bWjQLWElQCNzLDMUNnIO7V_y6PYWOx5njN6h0SHI3_tWEWiphr6KjaqRcbfTYIMxIyjiwTIZ9UwBIwwL-S9Yh04QczrwV41vYrs-M5kU5k106KtWCQwYz0CLi_FXBa-55mIPp54IbfF0ZsdsdNxTDy5A2MCZmmKOkmiBTO7FWMIkwJe0Tong6OA6zoBf9FdKUV0bkyAQPmbkE-yYU7Hnq-hE8N19WqG18-ZHTb5xnZBcipKyNG10YjnSiJLqw7Rb5-8fqnGTUyDgZl5p9pfOYkpGy82kEN7Y9LyuDn8H8LrPsvEde3DrZvGr3BegOiCJ8TvB3QIxOK9qrj8TTXchWxc0A4KRqQjv8hFu0pjGhtSFIFKlJVtRJoB1Ke62c_G6stlPDgqeNx6_7IblKiDGPahr2kNRX1GiY6cr-B9OhMgaWP90g2wNSPcWPtGBHePjDcxgEsnunM2HdNhXM5DOvwaikYUMFqRuNE2D_ZfzasbSYzbt03VNzeDBc5vvL7tunnne1NtYhQeZYit0brHAao54uvGxDt_iPN.qZX8q_U63t0bNRYL/meeting/V1cgVqJxDS5AThGYRo7tyrs1lB4_ALOjGDHu.XKAsmth1NuVQoBmY/Zoom_launcher.exe?embed=1
Frame ID: 5B6F80A9603755B34F76ECC89D40BBEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chris is a fraud

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

24
Requests

92 %
HTTPS

40 %
IPv6

6
Domains

10
Subdomains

11
IPs

2
Countries

402 kB
Transfer

1343 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chrisdidntinventdiscord.com/ 		976 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://chrisdidntinventdiscord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::200 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1959fda222dd0430a481e528338439295cc60fe001aa4e4e6900894dcdf87b66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 04 Apr 2023 12:26:15 GMT
server
Apache
83701846310
us02web.zoom.us/w/ Frame 92A3 		9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Requested by
Host: chrisdidntinventdiscord.com
URL: https://chrisdidntinventdiscord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2407:30c0:182::aa72:3403 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
637ff6f0ab8b70146c6f0a716cae9360c0b84c243f6294ac537b9a6ee8909bd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: blob: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'strict-dynamic' 'nonce-7RBLUM7ATNetAXttyqaahA' 'unsafe-inline' blob: https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chrisdidntinventdiscord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, no-transform
cf-cache-status
DYNAMIC
cf-ray
7b2989e71f012c04-FRA
content-encoding
gzip
content-language
de-DE
content-security-policy
upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: blob: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'strict-dynamic' 'nonce-7RBLUM7ATNetAXttyqaahA' 'unsafe-inline' blob: https:;
content-type
text/html;charset=utf-8
date
Tue, 04 Apr 2023 12:26:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
x-zm-trackingid
v=2.0;clid=us02;rid=WEB_f49978d42ef4d2022d4dfb177312e0fa
x-zm-zoneid
VA2
lres
us02web.zoom.us/ Frame 92A3 		130 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://us02web.zoom.us/lres
Requested by
Host: us02web.zoom.us
URL: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2407:30c0:182::aa72:3403 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcca75dd367ee46d359ce8db5584a2179e8ff742e328882dc54cbd67d1ab73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:26:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-encoding
gzip
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b2989e818382c04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
embed2.js
static.ada.support/ Frame 92A3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed2.js
Requested by
Host: us02web.zoom.us
URL: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-101.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
BsrqbP3U2hb.a17svKLV3bCW0fRkIy.o
content-encoding
gzip
via
1.1 b17b94cbc6db5cb82e8f8d6e55e1e85a.cloudfront.net (CloudFront)
date
Mon, 03 Apr 2023 13:27:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
age
82757
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 04 Jan 2023 22:06:00 GMT
server
AmazonS3
etag
W/"318258ae2fd2aaa16faa799f071935d1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age: 300
vary
Accept-Encoding
x-amz-cf-id
cZxBTB3_j6fPUXBQyx2evokygn_5SKDwnauG-6mYxiZU4PlSjfiUSA==
lazy-solvvy.js
cdn.solvvy.com/deflect/customization/zoom/ Frame 92A3 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.solvvy.com/deflect/customization/zoom/lazy-solvvy.js
Requested by
Host: us02web.zoom.us
URL: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.108.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.108.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f37e4c0ef8a2b7c9dd7b94aacb92cff91c1409995a3f481e01686bee3531b7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 11:40:41 GMT
age
2734
x-guploader-uploadid
ADPycds1OjbjHNDcyrg3hoACNjT9lW-AUER1Bc4tM2OLBpAmLzEMJYNzbr230NgnleenBV-YdH5WjisdyC70PtJK5_IM8_O6xhel
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7617
last-modified
Thu, 16 Feb 2023 23:34:22 GMT
server
UploadServer
etag
"3a274ebd9c3b0d5ef58caf6dd74ec7f6"
x-goog-generation
1676590462320165
x-goog-hash
crc32c=K8SmHQ==, md5=OidOvZw7DV71jK9t107H9g==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
7617
accept-ranges
bytes
fingerprintjs-3.3.3.min.js
us02st3.zoom.us/static/6.3.12207/js/lib/ Frame 92A3 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us02st3.zoom.us/static/6.3.12207/js/lib/fingerprintjs-3.3.3.min.js
Requested by
Host: us02web.zoom.us
URL: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.199.249 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-249.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
781331c091b62243ca57852a71db442d0b37e50bb41114407c01e5a535516c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 02:41:52 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains;
age
207864
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 02 Apr 2023 01:37:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:ee6e48b4073d72ae88a31205fbbc3ca7
etag
W/"ee6e48b4073d72ae88a31205fbbc3ca7"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000;
x-amz-cf-id
ISE8zeguLHJlOCwuSkj9KrmBbX3I3F-C9h8ca4PLc60-P4FR-uoQ6g==
meeting.63c5f21c827d535767da.js
st1.zoom.us/fe-static/launch-meeting/ Frame 92A3 		433 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.zoom.us/fe-static/launch-meeting/meeting.63c5f21c827d535767da.js
Requested by
Host: us02web.zoom.us
URL: https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.130.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-130-242.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75365276f06fe70ec3750d91d986bbe0699560844f1a106c3c8ec5b5568d2436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:26:01 GMT
content-encoding
gzip
via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains;
age
1868415
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 06 Mar 2023 05:26:56 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e37c4b788ee938cc63a3e61a3fb0f2b4
etag
W/"e37c4b788ee938cc63a3e61a3fb0f2b4"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000;
x-amz-cf-id
sjjyJSi9y8R1K2cX8z56iU_C4sMOVbddhfXqSHVRvPA9tpFkHoirtg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ Frame 92A3 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/launch-meeting/meeting.63c5f21c827d535767da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+GAQ9uZzuyMATxU6dGRBFA==
age
29848
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6741
x-ms-lease-status
unlocked
last-modified
Mon, 03 Apr 2023 20:08:41 GMT
server
cloudflare
etag
0x8DB347F38216FD1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2a48c0ed-801e-0008-3e72-66c395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989e9fb1068e9-FRA
wjmf
log-gateway.zoom.us/nws/join/logger/ Frame 92A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log-gateway.zoom.us/nws/join/logger/wjmf
Requested by
Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/launch-meeting/meeting.63c5f21c827d535767da.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.192.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-192-240.compute-1.amazonaws.com
Software
zoom /
Resource Hash

Request headers

Referer
https://us02web.zoom.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://us02web.zoom.us
Date
Tue, 04 Apr 2023 12:26:16 GMT
Access-Control-Request-Method
POST,GET
Server
zoom
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
b0bfa2ae-4058-4aef-8632-a5281ce4464a.json
cdn.cookielaw.org/consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/ Frame 92A3 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/b0bfa2ae-4058-4aef-8632-a5281ce4464a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8036259b9aa6c753ab0cd61b9e61866032ff02b77f6f0a442209c6a7323a8ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cJ37OSibHDYKVwovBruiWA==
age
29630
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1908
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 20:36:29 GMT
server
cloudflare
etag
0x8DB265E1F65D9E3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ca60e963-901e-00f2-45e1-5a0a72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989ea3e289193-FRA
expires
Wed, 05 Apr 2023 12:26:16 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 92A3 		66 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://us02web.zoom.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:26:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7b2989ea7ea59b67-FRA
access-control-allow-headers
Content-Type
embed-manifest.json
static.ada.support/ Frame 92A3 		136 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed-manifest.json
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-101.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ce13fee22d88147891cbd704159d2f5eabd3ddf92d5b71c08bd0d63b947c83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
31qJCrvSQNG2X3eAKhd9i_YXecna3AE1
date
Mon, 03 Apr 2023 15:08:54 GMT
via
1.1 490c6f54e6cd81b80f07ff6be833267e.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains; preload
age
76644
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
136
last-modified
Wed, 08 Mar 2023 15:56:49 GMT
server
AmazonS3
etag
"98225932ece3540d9fa6ed3ecafc06c1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
WPnzOv9zFnNv2JyFZSotrSXp3ZJ8E57tRLLhXF1D2VUe8G6qUYifmg==
join
us02web.zoom.us/ Frame A781 		0
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.21.0/ Frame 92A3 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pGGMtIN6zlnW55bGN1NE3w==
age
28303
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
75797
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:45 GMT
server
cloudflare
etag
0x8D94D7D67DF8167
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9892d914-401e-0133-7fe1-5ac79e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989eadc1968e9-FRA
en.json
cdn.cookielaw.org/consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/659be430-92fc-4c95-8115-27d8822c44dc/ Frame 92A3 		200 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/659be430-92fc-4c95-8115-27d8822c44dc/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a0564a603caf7851784d4def28412070adff571c31ddf2fca89b1b1f2dbe62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
R1yWXpmYoWwzGe615bllNw==
age
7342
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39015
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 20:36:42 GMT
server
cloudflare
etag
0x8DB265E26DFF526
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8d694621-e01e-0057-24e1-5a316b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989eb1ff49193-FRA
expires
Wed, 05 Apr 2023 12:26:16 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ Frame 92A3 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
lvN/xR45Hpa/zeg9wG6zQw==
age
29649
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2584
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:40 GMT
server
cloudflare
etag
0x8D94D7D64B2D34F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a13ea5f8-001e-0056-25e1-5a3096000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989eb48499193-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/ Frame 92A3 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PUpMkq1SXMqV5yZBdrq2rw==
age
29666
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11523
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:41 GMT
server
cloudflare
etag
0x8D94D7D65056FF9
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d64bdd9e-201e-00eb-38e1-5a261a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b2989eb484b9193-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ Frame 92A3 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Apr 2023 12:26:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
age
29490
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
787e68a2-401e-0138-09e1-5adfea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7b2989eb484c9193-FRA
truncated
/ Frame 92A3 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
embed2.eca8973.js
static.ada.support/ Frame 92A3 		183 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed2.eca8973.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-101.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f025b3e1189bcf2d17292ffd3c1bd2ca0b90ab7f6234c2db46c0bd5c3511a30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
iasmhCmGlkQoxda.VtCkGOyXg.z7xqM3
content-encoding
gzip
via
1.1 b17b94cbc6db5cb82e8f8d6e55e1e85a.cloudfront.net (CloudFront)
date
Mon, 03 Apr 2023 19:42:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
age
60218
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 08 Mar 2023 15:30:02 GMT
server
AmazonS3
etag
W/"1765edb059dbf0a24ad09bf5e2c94b77"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
172800
vary
Accept-Encoding
x-amz-cf-id
NKrhpGOr2B56CfuDysa-GxkNv1I-EpNrq6J2iEwErQ4U6HS36VYbCA==
client.json
rollout.ada.support/zoom/ Frame 92A3 		45 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rollout.ada.support/zoom/client.json?ada_request_origin=embed
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.eca8973.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-126.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e0437284fbbebe2a590567525ea0a83ddbdd364039a6bd18d7da0588c1c2a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:21:54 GMT
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
272
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46463
last-modified
Wed, 04 Jan 2023 17:04:43 GMT
server
AmazonS3
etag
"86de0a881c5b7d67b21b53a6bd64af8f"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
no-cache
vary
Origin
accept-ranges
bytes
x-amz-cf-id
ujwi7fCqFWcFD7Sz5ilQN2ihwu8jL3X9o9LdJNyN2yLJD3n4-MpWxQ==
chat-manifest.json
static.ada.support/ Frame 92A3 		136 B
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat-manifest.json
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.eca8973.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-101.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16d6af4fb67c089f9381dfc2738952613cc7d4d27499701e208e87a52930511c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us02web.zoom.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 17:27:04 GMT
x-amz-version-id
XjaeLBd_R1WOvJy0.TRz2q7ykLSXd.rW
via
1.1 490c6f54e6cd81b80f07ff6be833267e.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains; preload
age
68353
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
136
last-modified
Mon, 03 Apr 2023 17:27:00 GMT
server
AmazonS3
etag
"7afba10ac6c48ff115919a38c91a5aa5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
CYqRoj3e4FLSA55ckTGwAfnLfbj1pC1I37xphTFfGS_OyVDf8IYY7w==
Zoom_launcher.exe
us02web.zoom.us/launch/download/ToXa_jRP9y5V3kjqEJlqCeNQ8-Il6Y2dRY1ymbCFtomz4_txv7m0QM1A-qj_Gdtm9EGo2wCiuyZPLY3AdZCsvNV7OUBBoJidQ_dCICBVK4FMp8bWjQLWElQCNzLDMUNnIO7V_y6PYWOx5njN6h0SHI3_tWEWiphr6Kjaq... Frame 5B6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us02web.zoom.us/launch/download/ToXa_jRP9y5V3kjqEJlqCeNQ8-Il6Y2dRY1ymbCFtomz4_txv7m0QM1A-qj_Gdtm9EGo2wCiuyZPLY3AdZCsvNV7OUBBoJidQ_dCICBVK4FMp8bWjQLWElQCNzLDMUNnIO7V_y6PYWOx5njN6h0SHI3_tWEWiphr6KjaqRcbfTYIMxIyjiwTIZ9UwBIwwL-S9Yh04QczrwV41vYrs-M5kU5k106KtWCQwYz0CLi_FXBa-55mIPp54IbfF0ZsdsdNxTDy5A2MCZmmKOkmiBTO7FWMIkwJe0Tong6OA6zoBf9FdKUV0bkyAQPmbkE-yYU7Hnq-hE8N19WqG18-ZHTb5xnZBcipKyNG10YjnSiJLqw7Rb5-8fqnGTUyDgZl5p9pfOYkpGy82kEN7Y9LyuDn8H8LrPsvEde3DrZvGr3BegOiCJ8TvB3QIxOK9qrj8TTXchWxc0A4KRqQjv8hFu0pjGhtSFIFKlJVtRJoB1Ke62c_G6stlPDgqeNx6_7IblKiDGPahr2kNRX1GiY6cr-B9OhMgaWP90g2wNSPcWPtGBHePjDcxgEsnunM2HdNhXM5DOvwaikYUMFqRuNE2D_ZfzasbSYzbt03VNzeDBc5vvL7tunnne1NtYhQeZYit0brHAao54uvGxDt_iPN.qZX8q_U63t0bNRYL/meeting/V1cgVqJxDS5AThGYRo7tyrs1lB4_ALOjGDHu.XKAsmth1NuVQoBmY/Zoom_launcher.exe?embed=1
Requested by
Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/launch-meeting/meeting.63c5f21c827d535767da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2407:30c0:182::aa72:3403 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: blob: 'self'; object-src 'none'; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us02web.zoom.us/w/83701846310?tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b2989f7df332c04-FRA
content-disposition
attachment;filename=Zoom_cm_fo42anktZ9vvrZo4_mT4hROgf%2BMGUxucw%2BpLKx2yF52%2BVmCFIO1MUT%40p3lH9y0UxdL0igWg_k3f6484008641f76a_.exe
content-length
137600
content-security-policy
upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: data: blob: 'self'; object-src 'none'; base-uri 'none';
content-type
application/x-msdownload;charset=UTF-8
date
Tue, 04 Apr 2023 12:26:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-zm-trackingid
v=2.0;clid=us02;rid=WEB_ca4b83140a8f2ea4327d3f1c60137025
x-zm-zoneid
VA2
wjmf
log-gateway.zoom.us/nws/join/logger/ Frame 92A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log-gateway.zoom.us/nws/join/logger/wjmf
Requested by
Host: st1.zoom.us
URL: https://st1.zoom.us/fe-static/launch-meeting/meeting.63c5f21c827d535767da.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.192.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-192-240.compute-1.amazonaws.com
Software
zoom /
Resource Hash

Request headers

Referer
https://us02web.zoom.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://us02web.zoom.us
Date
Tue, 04 Apr 2023 12:26:18 GMT
Access-Control-Request-Method
POST,GET
Server
zoom
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us02web.zoom.us
URL
zoommtg://us02web.zoom.us/join?action=join&confno=83701846310&pwd=TGROTnJYRUpQN0p0SiswbFJFSUdqUT09&tk=0gdONPW83yTVyuXVztVAREGRiKLStmwB3roNb26MbvQ.DQMAAAATfQTRJhZEd3MzdHFxelFGSzkybVJMdkMxc1pRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&zc=24&confid=dXRpZD1VVElEXzI5Y2JhNWI1MjY0NTQyZDg5MTU2YmRlMDI3NTcwNWNmJnVzcz02NmxVZ3I0TlpfcURrWmw0Rko0eUk0SWNaNVVqX2JwQ0V2Z3laZTdJMGtOMGt0NlhubEdzLWViN281cWJ3aGduNXFic2tkWFk1dVR3Nm5LRlF6R00yMWN3ZkZ2ODdsaFJKcHRGcTJmV1RBSjVWUXo5QmUwT1htOGFNN1NPLk5UOXJrbzd5LWtPb0RHdTYmdGlkPWFiMGZlYmQ0Njc1ZjRkMjc5ZDIwMTlhYmNhY2E5YjJh&browser=chrome

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

3 Cookies

Domain/Path Name / Value
.zoom.us/ Name: _zm_mtk_guid
Value: ab0febd4675f4d279d2019abcaca9b2a
.zoom.us/ Name: _zm_visitor_guid
Value: ab0febd4675f4d279d2019abcaca9b2a
.us02web.zoom.us/ Name: __cf_bm
Value: qY0cdo5ER0QyMjNgU0t3BGgqpsoRgl3IqKyOgwTSD8I-1680611175-0-ARIxVIG7K4LUcPvi5kMXnWOaOTc34njNsR5tNn57XhHV81Lix16llXd4tTiq0ryee3EjDLj5eEd0R26iLF70gq0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cdn.solvvy.com
chrisdidntinventdiscord.com
geolocation.onetrust.com
log-gateway.zoom.us
rollout.ada.support
st1.zoom.us
static.ada.support
us02st3.zoom.us
us02web.zoom.us
us02web.zoom.us
13.224.199.249
143.204.215.126
18.66.130.242
18.67.17.101
2407:30c0:182::aa72:3403
2606:4700:4400::6812:2b9e
2606:4700::6813:bc61
2607:f1c0:100f:f000::200
34.98.108.207
54.235.192.240
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
16d6af4fb67c089f9381dfc2738952613cc7d4d27499701e208e87a52930511c
1959fda222dd0430a481e528338439295cc60fe001aa4e4e6900894dcdf87b66
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
637ff6f0ab8b70146c6f0a716cae9360c0b84c243f6294ac537b9a6ee8909bd7
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
75365276f06fe70ec3750d91d986bbe0699560844f1a106c3c8ec5b5568d2436
781331c091b62243ca57852a71db442d0b37e50bb41114407c01e5a535516c50
8036259b9aa6c753ab0cd61b9e61866032ff02b77f6f0a442209c6a7323a8ae2
8e0437284fbbebe2a590567525ea0a83ddbdd364039a6bd18d7da0588c1c2a61
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b2a0564a603caf7851784d4def28412070adff571c31ddf2fca89b1b1f2dbe62
bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb
c1ce13fee22d88147891cbd704159d2f5eabd3ddf92d5b71c08bd0d63b947c83
cfcca75dd367ee46d359ce8db5584a2179e8ff742e328882dc54cbd67d1ab73e
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
f025b3e1189bcf2d17292ffd3c1bd2ca0b90ab7f6234c2db46c0bd5c3511a30e
f37e4c0ef8a2b7c9dd7b94aacb92cff91c1409995a3f481e01686bee3531b7f1
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b