urlscan.io logo urlscan.io
SecurityTrails logo

crmnew.einstoffen.com Open in urlscan Pro
194.150.248.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.crmnew.einstoffen.com/
Effective URL: https://crmnew.einstoffen.com/de/login
Submission: On August 20 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 30 HTTP transactions. The main IP is 194.150.248.216, located in Switzerland and belongs to NOVATREND-AS, CH. The main domain is crmnew.einstoffen.com.
TLS certificate: Issued by R11 on August 17th 2024. Valid for: 3 months.
This is the only time crmnew.einstoffen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 194.150.248.216 35206 (NOVATREND-AS)
2 2a04:4e42::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 151.101.129.229 54113 (FASTLY)
1 18.66.102.11 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 13.32.27.21 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
30 12
17    194.150.248.216 (Switzerland)

ASN35206 (NOVATREND-AS, CH)
PTR: srv123.tophost.ch
www.crmnew.einstoffen.com
crmnew.einstoffen.com
www.einstoffen.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
2    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 einstoffen.com
www.crmnew.einstoffen.com
crmnew.einstoffen.com
www.einstoffen.com
2 MB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
120 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
73 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
17 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
799 B
30 9
Domain Requested by
10 crmnew.einstoffen.com crmnew.einstoffen.com
6 www.einstoffen.com crmnew.einstoffen.com
3 cdn.jsdelivr.net crmnew.einstoffen.com
2 www.facebook.com crmnew.einstoffen.com
2 connect.facebook.net crmnew.einstoffen.com
connect.facebook.net
2 stats.g.doubleclick.net crmnew.einstoffen.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com crmnew.einstoffen.com
1 cdnjs.cloudflare.com crmnew.einstoffen.com
1 code.jquery.com crmnew.einstoffen.com
1 fonts.googleapis.com crmnew.einstoffen.com
1 www.crmnew.einstoffen.com 1 redirects
30 12

This site contains links to these domains. Also see Links.

Domain
codeigniter.com
Subject Issuer Validity Valid
www.crmnew.einstoffen.com
R11		 2024-08-17 -
2024-11-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-29 -
2024-08-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://crmnew.einstoffen.com/de/login
Frame ID: 0341E4980FE20A27ED7D8E9AFEA5E9BD
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EINSTOFFEN

Page URL History Show full URLs

  1. https://www.crmnew.einstoffen.com/ HTTP 302
    https://crmnew.einstoffen.com/de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • debugbar.*\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

5
Countries

2167 kB
Transfer

3595 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.crmnew.einstoffen.com/ HTTP 302
    https://crmnew.einstoffen.com/de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
crmnew.einstoffen.com/de/
Redirect Chain
  • https://www.crmnew.einstoffen.com/
  • https://crmnew.einstoffen.com/de/login
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
25570e7f13c00173a70fcaa026f7184b591d5f489755b76f30a7b47d8977da1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 08:28:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0 max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 08:28:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://crmnew.einstoffen.com/de/login
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
/
crmnew.einstoffen.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/?debugbar
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
fbe8979ff7dfc7fe0659601fb3ef56c29bc0a28ea6044cce75c650002e14a01d

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
content-length
1203
expires
Tue, 27 Aug 2024 08:28:28 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Aug 2024 08:28:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
1732071
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		616 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons+Outlined
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Aug 2024 08:28:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Aug 2024 08:28:28 GMT
ie10-viewport-bug-workaround.css
www.einstoffen.com/css/ 		433 B
277 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.einstoffen.com/css/ie10-viewport-bug-workaround.css
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Sat, 19 Nov 2016 06:06:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
222
expires
Tue, 27 Aug 2024 08:28:28 GMT
ie-emulation-modes-warning.js
www.einstoffen.com/js/ 		2 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.einstoffen.com/js/ie-emulation-modes-warning.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Sat, 19 Nov 2016 06:08:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
947
expires
Tue, 27 Aug 2024 08:28:28 GMT
app.css
crmnew.einstoffen.com/assets/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/assets/css/app.css?1.1.16
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
b22ba359811c5d1da64e4485c3408ed1a12dfc0ae00bbdfbf4822424627fb94d

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Sun, 18 Aug 2024 15:49:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5944
expires
Tue, 27 Aug 2024 08:28:28 GMT
logo-white.svg
crmnew.einstoffen.com/assets/images/logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crmnew.einstoffen.com/assets/images/logos/logo-white.svg
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
1a6a2e4b5612bf6932063a40f5fb5a31ced5a1e8ebf94b026baea159a0acb265

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:27 GMT
content-encoding
br
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1074
expires
Tue, 27 Aug 2024 08:28:27 GMT
divider.svg
crmnew.einstoffen.com/assets/images/svgs/ 		730 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crmnew.einstoffen.com/assets/images/svgs/divider.svg
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
cc9093efb93be853397f61459104669eeb5fe88398c5567b29fa08766a8736f7

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:27 GMT
content-encoding
br
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
349
expires
Tue, 27 Aug 2024 08:28:28 GMT
logo_small_black.svg
crmnew.einstoffen.com/assets/images/svgs/ 		1 KB
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crmnew.einstoffen.com/assets/images/svgs/logo_small_black.svg
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
25a35e185c7412eca1b850fa656a0cbd3d32675949d48cc2323b9db82997df1d

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
603
expires
Tue, 27 Aug 2024 08:28:28 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://crmnew.einstoffen.com/
Origin
https://crmnew.einstoffen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2160253
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230061-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724142508.117376,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
8, 15519
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
389541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMqeKQpZqAKElvdWbGURMPMFDnTwZqk0k5Rc9%2FfTqUEDWrPAgz0aVpA%2BhdM49P1e78%2BCl8K0wKJPTaEgk8syUy5dj2Dw4X%2BZrar0qmcD7WX%2F8wl65R6JbPIPbZv9%2FpMTVli4xuq0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b610293bc45be64-ZRH
expires
Sun, 10 Aug 2025 08:28:28 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
Origin
https://crmnew.einstoffen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Aug 2024 08:28:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
2012835
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22075
x-served-by
cache-fra-etou8220071-FRA
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.ba-throttle-debounce.min.js
www.einstoffen.com/plugins/debounce/ 		731 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.einstoffen.com/plugins/debounce/jquery.ba-throttle-debounce.min.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 07:20:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
408
expires
Tue, 27 Aug 2024 08:28:28 GMT
app.js
crmnew.einstoffen.com/assets/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/assets/js/app.js?1.1.16
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
dbf94086cfd544bbce2c2896bb4e4a00979e5f5d2941d3e135769a4466891a79

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3024
expires
Tue, 27 Aug 2024 08:28:28 GMT
select2.min.js
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 		71 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Aug 2024 08:28:28 GMT
x-content-type-options
nosniff
age
1748721
x-jsd-version
4.1.0-rc.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
73163
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
version
etag
W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hotjar-3451728.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3451728.js?sv=6
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
ed9e77a623b24f7b9e94b032cae82613aca169167290cb6782fd4056660c0c4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/6473446accc240b372df964871a4ffee
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
bv-azqo94UjzedoULskjSBqu5FXrBrpIo3jNuDjRfQ6kJW2rfbPZ4Q==
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Aug 2024 06:36:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6721
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
expires
Tue, 20 Aug 2024 08:36:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Aug 2024 08:28:28 GMT
document-policy
force-load-at-top
x-fb-server-load
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58912
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=12, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Pmd8/L91PJzyC1+LYjc31EBnbSejJpae5MHGJGNto98uXm3bK5jcEdw03qTcy2fSWaAN2799CfO0H2+mG8SwaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
crmnew.einstoffen.com/ 		724 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/?debugbar_time=1724142507.954871
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/?debugbar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
e64e6baf6f028b0abd152461121fc2911cf0524da6afbdded10e8513b14428e1

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cd-top-arrow.svg
www.einstoffen.com/pix/template/ 		192 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.einstoffen.com/pix/template/cd-top-arrow.svg
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
448ce055212fc269190b2293888f0014b6f8e5b417610bd69dd59ffb5d2d72e1

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
last-modified
Wed, 06 Feb 2019 07:45:28 GMT
server
LiteSpeed
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
192
expires
Tue, 27 Aug 2024 08:28:28 GMT
SuisseIntlMono-Regular-WebXL.woff2
crmnew.einstoffen.com/assets/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://crmnew.einstoffen.com/assets/fonts/SuisseIntlMono-Regular-WebXL.woff2
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/assets/css/app.css?1.1.16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
5346fbed3e4ca9365ca281fc6f8859e9183ea05ceb33cd624aeb4d86fda0a967

Request headers

Referer
https://crmnew.einstoffen.com/assets/css/app.css?1.1.16
Origin
https://crmnew.einstoffen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17284
expires
Tue, 27 Aug 2024 08:28:28 GMT
background.jpg
crmnew.einstoffen.com/assets/images/backgrounds/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crmnew.einstoffen.com/assets/images/backgrounds/background.jpg?id=34
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
6f246a21c382aada2bd4d74104da5251160ed89516dafe952be956848545f5c7

Request headers

Referer
https://crmnew.einstoffen.com/de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:28 GMT
last-modified
Sun, 18 Aug 2024 11:50:09 GMT
server
LiteSpeed
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1796141
expires
Tue, 27 Aug 2024 08:28:28 GMT
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1195878369&utmhn=crmnew.einstoffen.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-ch&utmje=0&utmfl=-&utmdt=EINSTOFFEN&utmhid=915398612&utmr=-&utmp=%2Fde%2Flogin&utmht=1724142508615&utmac=UA-5085100-3&utmcc=__utma%3D65908476.463875027.1724142509.1724142509.1724142509.1%3B%2B__utmz%3D65908476.1724142509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=19399765&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Aug 2024 08:28:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3451728.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1793122
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
YTOLPF-WiGsnbID2Jp3S5ckf4C29YNxUUg_ZvVDTvlN0zCQhrO7rZA==
734841251511707
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/734841251511707?v=2.9.165&r=stable&domain=crmnew.einstoffen.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfe1f47b64994c824f1a61bceb4d3a2f9fc8a17ba7b2c7c4f4f9b8ca2e0a7028
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Aug 2024 08:28:28 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=65, mss=1297, tbw=64427, tp=-1, tpl=-1, uplat=86, ullat=0
pragma
public
x-fb-debug
e9msgOa4vNO/1yGfz/PGEupGt6kq7H5HjibM/euZ8uytQHBjShig5hCs26N+HHe5JkJqSN1eiPoPXvlKzAonRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		388 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db84f5d3127c61496c32bbe9272fe172b34cdcc619e2cbf5a95fd3198a2a8953

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b68a2bbe1b9ae44046ffcab681627cb204aa97001818b557aee19fb9a7a4e4d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1afe8208866c8a65112f492cfbcc8179e1a7941fc710118a1bec47c59671024

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		329 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f55107657ffd1a5689bbd45fee0832639c3da9401d8de56b62ab4478c23b43f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8ee374ae96dd3b2a9ee7374eaddb5075957a39f7d7c7bb5556aca9794c8cf3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		430 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c814bbf0f13b86c3777afa605c0957add457b8525918b7380275f865212b6be8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		363 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66a98f08f262acee5dbce453a36f8011f32763adc7d7adac8b11f4610d10bae

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		733 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b16d30de762a3dfff4de672f10b8f534408b8271af36375f2735123e27bf537

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45c16199f7026edf0d84787340f4e9416ab47a4335c86ac39b09b182448d02dc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba895508c353c26d50ecb50ddfaa3a78407994c4f6752a07a242b0aa4117f2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734841251511707&ev=PageView&dl=https%3A%2F%2Fcrmnew.einstoffen.com%2Fde%2Flogin&rl=&if=false&ts=1724142508770&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724142508769.358309279383458529&ler=empty&cdl=API_unavailable&it=1724142508635&coo=false&rqm=GET
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1297, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Aug 2024 08:28:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=734841251511707&ev=PageView&dl=https%3A%2F%2Fcrmnew.einstoffen.com%2Fde%2Flogin&rl=&if=false&ts=1724142508770&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724142508769.358309279383458529&ler=empty&cdl=API_unavailable&it=1724142508635&coo=false&rqm=FGET
Requested by
Host: crmnew.einstoffen.com
URL: https://crmnew.einstoffen.com/de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 20 Aug 2024 08:28:28 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405135687097028382", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1297, tbw=3099, tp=-1, tpl=-1, uplat=148, ullat=0
pragma
no-cache
x-fb-debug
GUioK3wFwBST8+xWkT+cs/7+INIrX8dahP/DkLwW8JrJuEqNN62aY5UDJKkYo/lOdnl7WaWBut4fBgH2DTF0hw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405135687097028382"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
einstoffen.gif
www.einstoffen.com/pix/icon/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.einstoffen.com/pix/icon/einstoffen.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
49e7bbb90788cbfbf821ec9c7b8be7005019e26a6dc322bd4c0b2308b98138dd

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:29 GMT
last-modified
Fri, 17 Jun 2011 20:50:07 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5189
expires
Tue, 27 Aug 2024 08:28:29 GMT
einstoffen.ico
www.einstoffen.com/pix/icon/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.einstoffen.com/pix/icon/einstoffen.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.150.248.216 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS
srv123.tophost.ch
Software
LiteSpeed /
Resource Hash
e85f14f846a8fefffda1b9ca8bd6d5000183eb4475abf672ca47bcf886fe2270

Request headers

Referer
https://crmnew.einstoffen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 08:28:29 GMT
content-encoding
br
last-modified
Tue, 08 Sep 2015 08:28:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3213
expires
Tue, 27 Aug 2024 08:28:29 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| loadDoc function| newXHR function| oldXHR object| kintShared object| kintRich number| kintMicrotimeInitialized function| hj object| _hjSettings string| base_url string| site_url string| lang object| _gaq function| fbq function| _fbq function| $ function| jQuery function| Popper number| uidEvent object| bootstrap function| ajax_location function| openBasket function| closeBasket function| updateQuantity function| printdiv function| select_gender function| select_country function| select_language function| detect_browser function| slick_setup function| init_carousel function| url_title function| getParameterByName function| add_basket_search function| select_distributor function| show_message number| doc_width object| _gat object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled string| ciSiteURL object| ciDebugBar object| historyLoad

11 Cookies

Domain/Path Name / Value
www.crmnew.einstoffen.com/ Name: ci_session
Value: c6e17deb8601fc1c1a5923b93415b040c71f29bf
crmnew.einstoffen.com/ Name: ci_session
Value: 706119b1ea50119f67ad6f7e96af96192a0150d8
crmnew.einstoffen.com/ Name: csrf_cookie_name
Value: add734da204c0184dfeafebf07b081cb
.crmnew.einstoffen.com/ Name: __utma
Value: 65908476.463875027.1724142509.1724142509.1724142509.1
.crmnew.einstoffen.com/ Name: __utmc
Value: 65908476
.crmnew.einstoffen.com/ Name: __utmz
Value: 65908476.1724142509.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.crmnew.einstoffen.com/ Name: __utmt
Value: 1
.crmnew.einstoffen.com/ Name: __utmb
Value: 65908476.1.10.1724142509
.einstoffen.com/ Name: _fbp
Value: fb.1.1724142508769.358309279383458529
.einstoffen.com/ Name: _hjSessionUser_3451728
Value: eyJpZCI6IjZkMWE3YTUyLWUwZGQtNTgwMS1hOTJmLTk0NWVkOTlhMGYxZSIsImNyZWF0ZWQiOjE3MjQxNDI1MDg4MDMsImV4aXN0aW5nIjpmYWxzZX0=
.einstoffen.com/ Name: _hjSession_3451728
Value: eyJpZCI6IjBjYjE5MDhlLTdmNWMtNDVmZi05ZDI4LTZlNDI5NGZmMWI2OSIsImMiOjE3MjQxNDI1MDg4MDMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://crmnew.einstoffen.com/de/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://crmnew.einstoffen.com/de/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
crmnew.einstoffen.com
fonts.googleapis.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.crmnew.einstoffen.com
www.einstoffen.com
www.facebook.com
104.17.24.14
13.32.27.21
151.101.129.229
18.66.102.11
194.150.248.216
2a00:1450:4001:812::200a
2a00:1450:400c:c09::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42::485
17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40
1a6a2e4b5612bf6932063a40f5fb5a31ced5a1e8ebf94b026baea159a0acb265
25570e7f13c00173a70fcaa026f7184b591d5f489755b76f30a7b47d8977da1f
25a35e185c7412eca1b850fa656a0cbd3d32675949d48cc2323b9db82997df1d
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
448ce055212fc269190b2293888f0014b6f8e5b417610bd69dd59ffb5d2d72e1
45c16199f7026edf0d84787340f4e9416ab47a4335c86ac39b09b182448d02dc
49e7bbb90788cbfbf821ec9c7b8be7005019e26a6dc322bd4c0b2308b98138dd
5346fbed3e4ca9365ca281fc6f8859e9183ea05ceb33cd624aeb4d86fda0a967
5b16d30de762a3dfff4de672f10b8f534408b8271af36375f2735123e27bf537
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea
6f246a21c382aada2bd4d74104da5251160ed89516dafe952be956848545f5c7
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7b8ee374ae96dd3b2a9ee7374eaddb5075957a39f7d7c7bb5556aca9794c8cf3
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bba895508c353c26d50ecb50ddfaa3a78407994c4f6752a07a242b0aa4117f2
9b68a2bbe1b9ae44046ffcab681627cb204aa97001818b557aee19fb9a7a4e4d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b22ba359811c5d1da64e4485c3408ed1a12dfc0ae00bbdfbf4822424627fb94d
c1afe8208866c8a65112f492cfbcc8179e1a7941fc710118a1bec47c59671024
c66a98f08f262acee5dbce453a36f8011f32763adc7d7adac8b11f4610d10bae
c814bbf0f13b86c3777afa605c0957add457b8525918b7380275f865212b6be8
cc9093efb93be853397f61459104669eeb5fe88398c5567b29fa08766a8736f7
db84f5d3127c61496c32bbe9272fe172b34cdcc619e2cbf5a95fd3198a2a8953
dbf94086cfd544bbce2c2896bb4e4a00979e5f5d2941d3e135769a4466891a79
dfe1f47b64994c824f1a61bceb4d3a2f9fc8a17ba7b2c7c4f4f9b8ca2e0a7028
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e6baf6f028b0abd152461121fc2911cf0524da6afbdded10e8513b14428e1
e85f14f846a8fefffda1b9ca8bd6d5000183eb4475abf672ca47bcf886fe2270
ed9e77a623b24f7b9e94b032cae82613aca169167290cb6782fd4056660c0c4d
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f55107657ffd1a5689bbd45fee0832639c3da9401d8de56b62ab4478c23b43f9
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fbe8979ff7dfc7fe0659601fb3ef56c29bc0a28ea6044cce75c650002e14a01d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e