urlscan.io logo urlscan.io
SecurityTrails logo

app.sellercontrol.de Open in urlscan Pro
3.67.218.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.sellercontrol.de/
Effective URL: https://app.sellercontrol.de/login
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 3.67.218.207, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is app.sellercontrol.de.
TLS certificate: Issued by R11 on September 21st 2024. Valid for: 3 months.
This is the only time app.sellercontrol.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 3.67.218.207 16509 (AMAZON-02)
6 104.18.70.113 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 216.198.54.1 209242 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
18 6
8    3.67.218.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
app.sellercontrol.de
6    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
intensic.zendesk.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 sellercontrol.de
app.sellercontrol.de
690 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2264
ekr.zdassets.com — Cisco Umbrella Rank: 2605
364 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
72 KB
1 zendesk.com
intensic.zendesk.com
1 KB
18 5
Domain Requested by
8 app.sellercontrol.de 2 redirects app.sellercontrol.de
6 static.zdassets.com app.sellercontrol.de
static.zdassets.com
2 www.facebook.com app.sellercontrol.de
2 connect.facebook.net app.sellercontrol.de
connect.facebook.net
1 intensic.zendesk.com static.zdassets.com
1 ekr.zdassets.com static.zdassets.com
18 6

This site contains no links.

Subject Issuer Validity Valid
app.sellercontrol.de
R11		 2024-09-21 -
2024-12-20		 3 months crt.sh
zdassets.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-30 -
2024-09-28		 3 months crt.sh
intensic.zendesk.com
Cloudflare Inc ECC CA-3		 2024-02-20 -
2024-12-31		 10 months crt.sh

This page contains 2 frames:

Primary Page: https://app.sellercontrol.de/login
Frame ID: A74D5EA8C4813204BA2030B22DCF970E
Requests: 12 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Frame ID: CFDB9EA0EF68157C3294A3D63E838A1F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

seller control - Log in

Page URL History Show full URLs

  1. https://app.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/dashboard HTTP 302
    https://app.sellercontrol.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1128 kB
Transfer

2226 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/dashboard HTTP 302
    https://app.sellercontrol.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.sellercontrol.de/
Redirect Chain
  • https://app.sellercontrol.de/
  • https://app.sellercontrol.de/dashboard
  • https://app.sellercontrol.de/login
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
6d1f4278f5719844a3d7ad466e8b729be392e9c0b30e2ca3e3f62cbe1e208cc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 21 Sep 2024 08:01:37 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 21 Sep 2024 08:01:37 GMT
location
https://app.sellercontrol.de/login
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
all-3a5b47b3b3.css
app.sellercontrol.de/css/ 		390 KB
393 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/css/all-3a5b47b3b3.css
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e7f32ac1b067e954fd9f3456e65098831ef06985e3b530ae2db5a91ed9c74297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/login

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"617d9-61391549c9ec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
399321
date
Sat, 21 Sep 2024 08:01:37 GMT
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
content-type
text/css
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
vendor-d001be75c0.js
app.sellercontrol.de/js/ 		265 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/js/vendor-d001be75c0.js
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
3556c81974a28f6c6090bfb7346c1c3bfef06fcbf5b99c5475571336a648a1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/login

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"42473-61391549c9ec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
271475
date
Sat, 21 Sep 2024 08:01:37 GMT
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
content-type
application/javascript
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id
FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age
11
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAMymmzbUXwZYR1FbBvjTCuOJNgL2L9uUqxFnbqs4Z5YtX65LrZCFRQnVEl01xnwNl1cPd7YDsQHe8SVQNoWp1QEN7nCDbFK7NQ6gsAcYakVWwUTIRd7KspK5XrUtwIBp1x8kio%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Sat, 21 Sep 2024 08:01:37 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 11:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
SRWe0M1Q42B4VYOfo+2r3smcJWGwpKWgLLXbyf5Q204Gu5fyP6cuCymJqq6NLPbgLMy7e6eT6Co=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
PENDING
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PP11KBE4DE84MVGN
cf-ray
8c688740e9e9d243-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
logo3.png
app.sellercontrol.de/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.sellercontrol.de/img/logo3.png
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
fac5a70639e60865fa0c66d9b6ac8033e0d773a3ee60f6f66004574f6f8a2c19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/login

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"14ab-61391549c9ec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5291
date
Sat, 21 Sep 2024 08:01:37 GMT
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
content-type
image/png
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 21 Sep 2024 08:01:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4451, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
UV+3/xhgnFG8tMcImTms0TtBFMKwPXAg1Mylh0eXMZPwZedEWYiTQMavLaZs3I4SF76QjQDWh3fQNHlBW696dA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
06e39256-fda8-496d-94b6-098c4280a280
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/06e39256-fda8-496d-94b6-098c4280a280
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec53f0129f636638d86d8a056b8c5e53a607e317ed1a0029ff824a50e7849c3d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

access-control-max-age
7200
x-request-id
8c6802e29f1213dc-SEA, 8c6802e29f1213dc-SEA, 8c6802e29f1213dc-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"ec53f0129f636638d86d8a056b8c5e53"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CckYt2VMwEk0BC3IVGckWSMhRdHJ%2FdPrr9fxl0OSbnNTwVLQ3nui2z7%2FYgmtP1Pt2FZhRs8QaiLWVWA6pqreGCYQvm957EV%2Fw9hOfrTLT3edrNUAFwY4VMu%2F1CTCkXvfoH4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Sat, 21 Sep 2024 08:01:37 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.011866
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8c688741a9f4d2a4-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
glyphicons-halflings-regular.woff2
app.sellercontrol.de/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/css/all-3a5b47b3b3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://app.sellercontrol.de
Referer
https://app.sellercontrol.de/css/all-3a5b47b3b3.css

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"466c-61391549c9ec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
18028
date
Sat, 21 Sep 2024 08:01:37 GMT
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
327267682031873
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/327267682031873?v=2.9.167&r=stable&domain=app.sellercontrol.de&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
134c6deab64f31a4a04b5097b3795d1e7b9ac8d8447ed20bae10c09379482fea
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 21 Sep 2024 08:01:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=72, mss=1232, tbw=67153, tp=63, tpl=0, uplat=300, ullat=0
pragma
public
x-fb-debug
6/gFb8cebnvJmxRLnsPPUFQiRehMcZ9Q4d6D6/eMHjGiKcyHckX1nnoCkJ4yI0l01F2lJiOkcXlPobRmAzhmaw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
web-widget-main-2be9d42.js
static.zdassets.com/web_widget/classic/latest/ Frame CFDB 		972 KB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
084e3bc81be94272e6621630b34290bf30a953d0b74168fab79580c44d58bb8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"65502ce0287a191b7b78f4caf4d389a3"
x-amz-version-id
L4G.Lrub3HBJ3iThsCOf_czYoFI4m3ad
age
118
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lvrRNn7OzsG%2Fz0Xg0%2B97vFDc6J1p06fn6AX0XsAcv9p4LZkR1YxluiqjmEglpT8ZZ4dnRySgM9%2FTgmf3X3N%2FGFwlwsKTP%2FrhMIh%2F5ihBai%2BzWXpjk1to8gfGH3IG5Upjw24uNA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 16 Sep 2025 18:46:37 GMT
date
Sat, 21 Sep 2024 08:01:37 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Sep 2024 18:46:38 GMT
vary
Accept-Encoding
x-amz-id-2
gpZ6wlWHahHcCoosswbo0HrgLzQX4TwuGAr1JmbBZ0pVHbfb29dhM50xNgeOV/Mzkx6WSxlz+oy4Ii74BWJxpA==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AWAAZM45K6B1S3R9
cf-ray
8c6887432c0ad243-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
en-us-json-2be9d42.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame CFDB 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-2be9d42.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a7307f7dbfdf1f681006d473f1e3e2accf4d974b940c4e771c86d94c46d42c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"a8deaf2f56ef6409b03e72a29588f2bc"
x-amz-version-id
axwNhMvGBLMz0T_JzigCpxP4wI6jelOk
age
169006
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57yslGNH6Pi2w0lmpSDEO6tIdX8IXmkzNBm4LFmtcrKKwOFx6yE2Qo8wQqnpdcQGE1fdT%2BkVQMRkKQXqCN6eH5LZYI85hQZUf%2F9t4y8gIsyvhguohJBzAXEMZFVG%2FKK6O7Mp2O4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 16 Sep 2025 18:46:38 GMT
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Sep 2024 18:46:39 GMT
vary
Accept-Encoding
x-amz-id-2
UuJAj4v/E1IhraXxFLYxdsYxMjWFPonnll1Hm80NHV66CFhuO5wt6Mruu81KbPaqDw31N5uy1kc=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
86WYFYKJ6MQT761P
cf-ray
8c6887448d3fd243-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
config
intensic.zendesk.com/embeddable/ Frame CFDB 		647 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://intensic.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3ed18a92342d9d2292dbda377eccf3fe0b5e06c65c6de21189136f8a38bb1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8c6862662b492bc6-FRA
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-5cd95f6b69-sfc46
cf-cache-status
REVALIDATED
etag
W/"bd3ed18a92342d9d2292dbda377eccf3"
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yE3UgurOV8ocwMWwJ8kVzrhOKq3kLW8cTnZiEvnkrK%2FVLD1TXZHlmD0rkMeqgyhUlmTmUU5Gjg%2FtVLgscE51CmNGG9bsptOj5MM5KITYil6J11YmMid4SIs2U7Qcg42xaOYjm4g"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.019070
strict-transport-security
max-age=31536000;
cache-control
max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8c6887453be1367f-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
MISS
server
cloudflare
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=327267682031873&ev=PageView&dl=https%3A%2F%2Fapp.sellercontrol.de%2Flogin&rl=&if=false&ts=1726905698041&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726905698038.108319251635869961&cs_est=true&ler=empty&cdl=API_unavailable&it=1726905697567&coo=false&rqm=GET
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=327267682031873&ev=PageView&dl=https%3A%2F%2Fapp.sellercontrol.de%2Flogin&rl=&if=false&ts=1726905698041&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726905698038.108319251635869961&cs_est=true&ler=empty&cdl=API_unavailable&it=1726905697567&coo=false&rqm=FGET
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417003496647350449"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc710f8a3456dacd6","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3359362000859838","7830:3359362000859838","10853:3359362000859838","41:3359362000859838","8046:3359362000859838"]},"debug_reporting":true,"debug_key":"1520488407258424041"}
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
OXF0O2+ke0KZQBr9kHtBnI1jYbFiG2kaOYeKzQk86PigxJ+OYoh0Uld4MRTG+xGeBeUvp5QCJO7o40E6iYL3nQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417003496647350449", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=3118, tp=-1, tpl=-1, uplat=227, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
web-widget-chat-sdk-2be9d42.js
static.zdassets.com/web_widget/classic/latest/ Frame CFDB 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-2be9d42.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"bf7f24c006f934261d7ff732b528402b"
x-amz-version-id
3txdcF2FGqX8rZqiny_jARpDZ9DknQo0
age
118
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipcty0j5Hqh6%2BG6pohXzsPUwOPBdfDRE%2FY1ifwZ8rrz2yitF%2BXdzle1fwYVTzoYo507%2Bj%2Fuq0l2IZITFC12rPNfQSnWJ%2Fv%2BvytJCfV7SeV8YRpvubuJXS3Z2HsxTAKdocrXo9nk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 16 Sep 2025 18:46:36 GMT
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Sep 2024 18:46:37 GMT
vary
Accept-Encoding
x-amz-id-2
/IARGaVljnGpm/KR66sP51bjjbCLeewtOpbmtvv428VN+R12s/DbCQWdv6oWNBhKjJkulmFC8Ip2zdbmJMKrhv/yNMDRDqbI
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ENNE1EZSKC6Z657G
cf-ray
8c6887453dd0d243-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
favicon.ico
app.sellercontrol.de/ 		0
88 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://app.sellercontrol.de/login

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"0-61391549c9ec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
0
date
Sat, 21 Sep 2024 08:01:38 GMT
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
content-type
image/vnd.microsoft.icon
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
x-frame-options
DENY
web-widget-chat-incoming-message-notification-2be9d42.js
static.zdassets.com/web_widget/classic/latest/ Frame CFDB 		236 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-2be9d42.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-2be9d42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
x-amz-version-id
Ru.P3DCATooDhN5kzwz2ARISTkSmvs0P
age
169006
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0lZnPqFkQJm5yLy%2FUYb6pQw%2FeQ9YlWI0WFwIHOe2LPWQ9IaRLRnc6IZObasLePHKp5qCNZmBPDy%2B7fYENYwkR1kWWr228WepLmh00cKAPWHda2n3T9Q1fxN%2Fv6XY6wX58ckY4g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 16 Sep 2025 18:46:36 GMT
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Sep 2024 18:46:37 GMT
vary
Accept-Encoding
x-amz-id-2
sRXbrItpelHf6HS9Cej38G5FI2tHzs2EQY//RGPE+EBfLLV+SrgMUetnm5pEsxVdFWc/r7y62DVTLw6yF2tglw==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1TQHAZ6HETD07TY6
cf-ray
8c688748e90ed243-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame CFDB 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-max-age
0
cf-cache-status
HIT
etag
"f11ce9e8f40a392830217253fe75d6de"
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
age
16552898
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3qJNGwwuaGrOMAihS5JoWngqR8x%2FrYqywnRbpJyf%2BQSN7faAuYuGTnptHpxtkgpFQUGuoIhf47TEmVBc67GrlmHimJZ6EEnqLOvB8rRjKc7UxwOqGJMB4n7G%2BExvAqepXZy22g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Thu, 28 Nov 2024 08:06:42 GMT
date
Sat, 21 Sep 2024 08:01:38 GMT
content-type
audio/mpeg; charset=utf-8
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
vary
Accept-Encoding
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-19697/19698
x-amz-request-id
KH5VE2Z70ZGQ75A2
cf-ray
8c688749394dd243-FRA
access-control-allow-origin
*
Content-Length
19698
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| Color function| Chart function| Tether object| Shepherd object| Laravel function| fbq function| _fbq object| zESettings object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

5 Cookies

Domain/Path Name / Value
app.sellercontrol.de/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNLbElnUmhVRzQra1drRzFnSC9EVmc9PSIsInZhbHVlIjoiWjlyWC90NjBIUFg0ZDgzSUNLNityZk9wL3RheFhFZkIrYytRWGJ2Y0FlV0Y0ZlZSWktDVWdQSlgvM0FZdmtiMzdDVjVheTErenZRZm9NbkRpRndEU3dDU0FqTXZjaHBDaFBHK3pDa1FLYkoxRWlWdzBoTkZDTitXMlJ2VDRIMUciLCJtYWMiOiI2MzJhYzY5YzQ1ZGQwNjQ2ZDg5Y2IxYTUxOGJhYjAyNDgyY2I2MjM3ZjVlYmYzZmI1NDQ3N2ZmMGNjYTJjNzg2In0%3D
app.sellercontrol.de/ Name: laravel_session
Value: eyJpdiI6IkRRTHV4S05hUDVBSStRYWRFajZ2SVE9PSIsInZhbHVlIjoiR2F5M0poZmtQYjZhd2dVd3NZUUxIU05WbmZYTUswVWVvN1c3UWUxWWd3R2kzeUkzeWJNbVNJajdOUk1GV3MvcjRsUXA5VWZRRnJJT3BST3o1elZlMDRieGF2MldKRC9tTW13bXVZaGRYVnJVUnM0TmFWcUFuYjNJM3JOUnJ2eHAiLCJtYWMiOiJkNGE1MGNhNjYxMDA1NzA3ZmZjYzgzZTIwMzgyM2U5NzZiMjMxNDQwNDhlYTAyNGYxMTU4ZTEyOTYwNmYwYmY0In0%3D
.sellercontrol.de/ Name: _fbp
Value: fb.1.1726905698038.108319251635869961
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: HAVkrf2a4xhYifTFUIyE+huBqOSgzecCsYmdy1vjCbuLg1WEylNwLoHxPBUnEkSfpEq7aoYWDPaIJ9hv92bE28IlORvliK9sI4r7pswNkGz3rFd511+y95UAcze8
.sellercontrol.de/ Name: __zlcmid
Value: 1Nrn2JUGDEgrpBU

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.sellercontrol.de/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.sellercontrol.de
connect.facebook.net
ekr.zdassets.com
intensic.zendesk.com
static.zdassets.com
www.facebook.com
104.18.70.113
104.18.72.113
216.198.54.1
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.67.218.207
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
084e3bc81be94272e6621630b34290bf30a953d0b74168fab79580c44d58bb8f
134c6deab64f31a4a04b5097b3795d1e7b9ac8d8447ed20bae10c09379482fea
3556c81974a28f6c6090bfb7346c1c3bfef06fcbf5b99c5475571336a648a1b2
48a7307f7dbfdf1f681006d473f1e3e2accf4d974b940c4e771c86d94c46d42c
6d1f4278f5719844a3d7ad466e8b729be392e9c0b30e2ca3e3f62cbe1e208cc8
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd3ed18a92342d9d2292dbda377eccf3fe0b5e06c65c6de21189136f8a38bb1e
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f32ac1b067e954fd9f3456e65098831ef06985e3b530ae2db5a91ed9c74297
ec53f0129f636638d86d8a056b8c5e53a607e317ed1a0029ff824a50e7849c3d
fac5a70639e60865fa0c66d9b6ac8033e0d773a3ee60f6f66004574f6f8a2c19