urlscan.io logo urlscan.io
SecurityTrails logo

zipcart.com.bd Open in urlscan Pro
172.67.194.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zipcart.com.bd/
Effective URL: https://zipcart.com.bd/
Submission Tags: @phish_report
Submission: On July 31 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 172.67.194.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is zipcart.com.bd.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.
This is the only time zipcart.com.bd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.67.194.122 13335 (CLOUDFLAR...)
3 103.180.114.1 200325 (BUNNYCDN)
2 157.240.8.23 32934 (FACEBOOK)
2 157.240.8.35 32934 (FACEBOOK)
12 4
Apex Domain
Subdomains		 Transfer
5 zipcart.com.bd
zipcart.com.bd
25 KB
3 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 15346
25 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
12 4
Domain Requested by
5 zipcart.com.bd zipcart.com.bd
3 fonts.bunny.net zipcart.com.bd
fonts.bunny.net
2 www.facebook.com zipcart.com.bd
2 connect.facebook.net zipcart.com.bd
connect.facebook.net
12 4

This site contains no links.

Subject Issuer Validity Valid
zipcart.com.bd
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
fonts.bunny.net
R11		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-10 -
2024-08-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zipcart.com.bd/
Frame ID: 0FBDCF8C26B1E0B6F1468693E62D2F1B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ZipCart

Page URL History Show full URLs

  1. http://zipcart.com.bd/ HTTP 307
    https://zipcart.com.bd/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

128 kB
Transfer

396 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zipcart.com.bd/ HTTP 307
    https://zipcart.com.bd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zipcart.com.bd/
Redirect Chain
  • http://zipcart.com.bd/
  • https://zipcart.com.bd/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zipcart.com.bd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b884d4412f8e509e18b5f6df6210b4978fb4027cff3780850e8c855760705f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8ac06f15ba8aaafb-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 20:45:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QC0oq2neZOJcgpmYlUMyMm2PuIeH8o8Wb%2Bi8B519t47YCKDcVQ76ffTQQnzv%2BLnz9nIaQQGXf7JD2irSqZpHIMmezCY1fxWc1W7HxtOu7utSBvG1A80fHqP7OJYDmkfvXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://zipcart.com.bd/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.bunny.net/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
3494bbb490c1d6bbb3cc180aaae84ac685380df5b995b6318afc48c232a7da1f

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:46 GMT
content-encoding
br
cdn-edgestorageid
1151
cdn-cachedat
07/08/2024 12:40:13
cdn-pullzone
781720
last-modified
Mon, 08 Jul 2024 12:40:13 GMT
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
d077db4747ca35e517c35bb01e2f809f
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
welcome.css
zipcart.com.bd/assets/css/ 		280 B
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zipcart.com.bd/assets/css/welcome.css
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02caa32ff0bb5e75ea57cdd2148cb9e25f1c9a2b0712525a90df79342dbd54a

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 00:34:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6642b185-118"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9FLUfQYtUIzpjJLSP5onLPYcVzcQHE1f9nKRpYm%2F9tksu9nRn%2F1oHszNrohe755%2BDS4fenMfrrZFOQEXifZu3CLNgVsnEevTN58FZU1GlH9xL3rwpTvtYBXB72tuW%2FC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ac06f1e2871aafb-SYD
alt-svc
h3=":443"; ma=86400
app-40enftrh.css
zipcart.com.bd/build/assets/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zipcart.com.bd/build/assets/app-40enftrh.css
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c435eaa7700b684d5d1f34fe889709202b8a66a1ae3a6f1f29332082070af6f

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 05:44:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665ea9cc-7247"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiwCslS14NwZoJxZz1M4oQTX8LPdRtIwnEx84v698cIb5vxi5yCbi176ApnmhlaBPTP87rQruY7c3af7kS9VBAWY0d2yWkUhMRXqEkmzsARrTkcmr77hvltFxJJh4oxNfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ac06f1e2873aafb-SYD
alt-svc
h3=":443"; ma=86400
app-ecWDpuvf.js
zipcart.com.bd/build/assets/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zipcart.com.bd/build/assets/app-ecWDpuvf.js
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e24339750704c290b6b3f94a47db2e43c84051dabf1cef272b5b2c7c225b67

Request headers

Referer
https://zipcart.com.bd/
Origin
https://zipcart.com.bd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 05:44:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665ea9cc-7359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddNeCm0I%2BJsvAdrb7%2F%2Fz1kmxQ2R5ruHLa8dnPR8erlTWbS%2F%2BGcIGC4%2B4V7cfRJFKafuU2%2BcPuGz61Hgfh8QQ5Pr7FIrgh8RSMLS7mUpdgcCz7B%2BY9WnRaoCwq39zi%2ByDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ac06f1e2875aafb-SYD
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 20:45:48 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1317, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
rVPSNloWa7hK8wiZXsssUTXnAoBPwFPRqIjMX0YGKHjnysQa7lDrZiyVNhx1bQ5BLCvMghhpJld5xa3JuphlAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
figtree-latin-400-normal.woff2
fonts.bunny.net/figtree/files/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/figtree/files/figtree-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
6bb15b2794673fdf34d6cb3967ef43fc455b0cfc45edb8b60c771ad059ebdc8e

Request headers

Referer
https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Origin
https://zipcart.com.bd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:48 GMT
cdn-edgestorageid
1151
cdn-storageserver
SYD-386
cdn-cachedat
07/28/2024 13:08:52
cdn-pullzone
781720
content-length
11488
last-modified
Tue, 09 Jul 2024 15:18:30 GMT
server
BunnyCDN-SYD1-1151
cdn-fileserver
343
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668d54c6-2ce0"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
0a61570e6986cc42c01a5feb12a5b008
accept-ranges
bytes
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
figtree-latin-600-normal.woff2
fonts.bunny.net/figtree/files/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/figtree/files/figtree-latin-600-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
68a672ca99ef4eaa642d689724e3b97b5915353486f863f592761e7f5b005835

Request headers

Referer
https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Origin
https://zipcart.com.bd
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:48 GMT
cdn-edgestorageid
1151
cdn-storageserver
SYD-386
cdn-cachedat
07/12/2024 19:29:39
cdn-pullzone
781720
content-length
11644
last-modified
Tue, 09 Jul 2024 15:18:36 GMT
server
BunnyCDN-SYD1-1151
cdn-fileserver
343
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668d54cc-2d7c"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
c331eaf2f35b8b70e40c1d8b0540ad6b
accept-ranges
bytes
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
471916708593001
connect.facebook.net/signals/config/ 		71 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/471916708593001?v=2.9.162&r=stable&domain=zipcart.com.bd&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
a0a049d5f09472efe23ac48ffe6e01c3d70b0f782a186ae693687f817ed42c71
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 20:45:49 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=64, mss=1317, tbw=64252, tp=-1, tpl=-1, uplat=412, ullat=0
pragma
public
x-fb-debug
QT8M4kEAjIO/BBB0pfLB8hu0hIbRSrYO+qP4ElDe62/UhvIDINWMWEU7rk5tbTwlMZBOL/2ene8N0iEFcll7Pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=471916708593001&ev=PageView&dl=https%3A%2F%2Fzipcart.com.bd%2F&rl=&if=false&ts=1722458749049&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722458749045.951165724912406407&cs_est=true&ler=empty&cdl=API_unavailable&it=1722458748604&coo=false&rqm=GET
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 20:45:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=471916708593001&ev=PageView&dl=https%3A%2F%2Fzipcart.com.bd%2F&rl=&if=false&ts=1722458749049&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722458749045.951165724912406407&cs_est=true&ler=empty&cdl=API_unavailable&it=1722458748604&coo=false&rqm=FGET
Requested by
Host: zipcart.com.bd
URL: https://zipcart.com.bd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 20:45:49 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1317, tbw=3104, tp=-1, tpl=-1, uplat=185, ullat=0
pragma
no-cache
x-fb-debug
wmNoVwNk5lYYhBojKDEq9rFOZ2JFbpH/hx2dKl88EhgYZ/zDBO2k28Fid2W0slJw+4+xWGr5a8Jiqzwii4h6iw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
zipcart.com.bd/images/logo/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zipcart.com.bd/images/logo/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95709427daa0c640797e86098cca20fc259b735cc4a686aad3d2c6add2d55073

Request headers

Referer
https://zipcart.com.bd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 20:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 09:13:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660291c2-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUGrFc3ocAiZgJrauKtak9bfxJiea%2B0iZ65%2FSHQc6w7P9rsFbF8YJObf4W8cfwGZbyJGSB1ZK3lWv5%2FKlsqHqc5CMThbf0G3Auid38rWEfdnHHei%2FYU%2B%2BKis2HVF9HFUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8ac06f315ce4aafb-SYD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| axios

3 Cookies

Domain/Path Name / Value
zipcart.com.bd/ Name: XSRF-TOKEN
Value: eyJpdiI6IjhFQS9JYzhWUjdmZ1ljN3RtWGVEWnc9PSIsInZhbHVlIjoiQ1NLbWdXNG4rZTlCMUYxUGFDUGpVbkllN3o1T3U5TlhsWDFqMVNJeE5jTXhiOEp2cm05NmVWdGRuZmRhUnFYQUhEMDd2a3dBL3hwTW1yTEswZmszNXNDMkYxbzRxMTR5MUZXMHcrQXFIT1NFVlpudXgrZlIwUUt2bjVHT1pKOC8iLCJtYWMiOiI1ZjBmMzM3OTU5YjI2NDU0NDkxOTk0OWYyMzc4ODEwOTNmODcxNjY0YmIwOTQ4NTRkMTRhYzc0NGZjYjg3YWFiIiwidGFnIjoiIn0%3D
zipcart.com.bd/ Name: zipcart_session
Value: eyJpdiI6Ikp0ZHJQa3NNTVJ3elRsTUJSbEJndkE9PSIsInZhbHVlIjoidVRJM0YvUDRmZ3lCUmtLK0F1OXF3dEpvbFJqS1BWaVB2UTcvM1M4YnZzMVpleUFzY0FJb2syckNkNWs5T1lzVitOYytObUFGRW5OcDBBTnlldnBUbk45U0RZVGgvMms3WmlyWGJUTWZGSWZrenBuWU9ONVBWYVh6N1hsTjFkQ20iLCJtYWMiOiJmZWNhZDM5YWMwZmU1YzgyNjgzOGY4NzhiNjhhZGQ2N2MyOTNhNDExMTg4OGQyNTg0MzExMGZmYWRjMjZlYjc2IiwidGFnIjoiIn0%3D
.zipcart.com.bd/ Name: _fbp
Value: fb.2.1722458749045.951165724912406407