urlscan.io logo urlscan.io
SecurityTrails logo

servicedesk.s2cportal.mercell.com Open in urlscan Pro
3.74.140.57  Public Scan

Go To Rescan Add Verdict Report
URL: https://servicedesk.s2cportal.mercell.com/
Submission: On December 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 3.74.140.57, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is servicedesk.s2cportal.mercell.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 18th 2023. Valid for: a year.
This is the only time servicedesk.s2cportal.mercell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 3.74.140.57 16509 (AMAZON-02)
1 2600:9000:243... 16509 (AMAZON-02)
23 2
Domain Requested by
22 servicedesk.s2cportal.mercell.com servicedesk.s2cportal.mercell.com
1 d2d3lqpyc2qtzz.cloudfront.net servicedesk.s2cportal.mercell.com
23 2

This site contains no links.

Subject Issuer Validity Valid
servicedesk.s2cportal.mercell.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-16		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://servicedesk.s2cportal.mercell.com/
Frame ID: 72B23C21A9FC3947A5743268920F8907
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NXPortal - Admin console

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

261 kB
Transfer

742 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
servicedesk.s2cportal.mercell.com/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03c356237956e23920c06f11f7aa7f7ffd82fafa4f686468426ee574c5549faf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate
charset
utf-8
content-encoding
gzip
content-length
2112
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
content-type
text/html;charset=UTF-8
date
Tue, 19 Dec 2023 00:25:21 GMT
expires
Tue, 19 Dec 2023 00:25:21 GMT
msia
set-cookie
no-cache
set-cookie
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
servicedesk.s2cportal.mercell.com/assets/lib/bootstrap/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"2606e-5f77dcc77e740-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
23238
x-xss-protection
1; mode=block
bootstrap-app-theme.css
servicedesk.s2cportal.mercell.com/assets/css/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/css/bootstrap-app-theme.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4cabc1d6ec9091e987c7f2d3e082e4c94cae36b60c9fc25a558ccb98f198b0db
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"38fe-5f77dcc710588-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
3728
x-xss-protection
1; mode=block
generic.css
servicedesk.s2cportal.mercell.com/assets/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/css/generic.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1c540d43f7ca7cb7c126294f4f9a7bd08149297bbff09abd4459bd487ddec87
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"52bc-5f77dcc713468-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
5013
x-xss-protection
1; mode=block
media-portrait.css
servicedesk.s2cportal.mercell.com/assets/css/ 		838 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/css/media-portrait.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e558aa3046cf02f8e8c39215c374e8198b5d2adee9dc68cd0522c75d73dcf2ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"346-5f77dcc715b78-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
291
x-xss-protection
1; mode=block
font-awesome.min.css
servicedesk.s2cportal.mercell.com/assets/lib/font-awesome/css/ 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/font-awesome/css/font-awesome.min.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:57 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"511e-5f77dcc7946d0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
4696
x-xss-protection
1; mode=block
jquery-3.2.1.min.js
servicedesk.s2cportal.mercell.com/assets/lib/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/jquery/jquery-3.2.1.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:58 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"15283-5f77dcc9732f8-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
30138
x-xss-protection
1; mode=block
bootstrap.min.js
servicedesk.s2cportal.mercell.com/assets/lib/bootstrap/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/bootstrap/js/bootstrap.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"e2d8-5f77dcc782d90-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
15437
x-xss-protection
1; mode=block
jquery.validate.js
servicedesk.s2cportal.mercell.com/assets/lib/validate/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/validate/jquery.validate.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2379363060b818df38089983c12a4508ad8c35944ae59f9519cccdc4f3e80b6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:59 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"a6c8-5f77dcc987348-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
11288
x-xss-protection
1; mode=block
messages_en.js
servicedesk.s2cportal.mercell.com/assets/lib/validate/localization/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/validate/localization/messages_en.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
852a6602e1d6a52c97141f5c1c82b319b98b431d74d289af5473582bcdc573b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:59 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"453-5f77dcc9c47c0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
454
x-xss-protection
1; mode=block
vue.min.js
servicedesk.s2cportal.mercell.com/assets/lib/vue/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/vue/vue.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:59 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"16deb-5f77dcca39ea8-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
34057
x-xss-protection
1; mode=block
vue-resource.min.js
servicedesk.s2cportal.mercell.com/assets/lib/vue/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/vue/vue-resource.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7bd5b12d1e0338fe5728c4f899f957568bd94b89957623240054831c5fbaabcd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:59 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"3ae4-5f77dcca33d00-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
5483
x-xss-protection
1; mode=block
bootbox.min.js
servicedesk.s2cportal.mercell.com/assets/lib/bootbox/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/bootbox/bootbox.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"26f4-5f77dcc76e570-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
3718
x-xss-protection
1; mode=block
amplify.min.js
servicedesk.s2cportal.mercell.com/assets/lib/amplify/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/amplify/amplify.min.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
61551cc3eca1a360b5fa5439c27dfda06e81700aab8711e04084900c739d6869
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"2242-5f77dcc7581f8-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
3306
x-xss-protection
1; mode=block
base.js
servicedesk.s2cportal.mercell.com/assets/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/js/base.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5add0cf98234755fb971d1e40ec6386b6ff1c7e737b9685d9f56965652913bb5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"81c2-5f77dcc71bd20-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
8789
x-xss-protection
1; mode=block
dropzone.js
servicedesk.s2cportal.mercell.com/assets/lib/dropzone/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/dropzone/dropzone.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
34b8ade19e7b8f3f27a511e4a298dfafaf21499635c7faee3744fc91febcc6ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"1daae-5f77dcc78c200-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
30748
x-xss-protection
1; mode=block
dropzoneuploader.js
servicedesk.s2cportal.mercell.com/assets/lib/uploader/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/lib/uploader/dropzoneuploader.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60d54e64258e5237790b32140f2b31b878d5cc1e36c8b9e49bc1b19af58eb0d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:59 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"3647-5f77dcc97cb50-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
3741
x-xss-protection
1; mode=block
companylogo-f12.png
d2d3lqpyc2qtzz.cloudfront.net/global/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2d3lqpyc2qtzz.cloudfront.net/global/companylogo-f12.png
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:fc00:14:661b:17c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d70b9ea330d21e9f6afb2cbe46dd308e5f658aea587c395e45cd0b8bf84d9997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:22 GMT
via
1.1 a74cf6cfc1ea8a64e3a2b04b4552c2d2.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 13:54:51 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
etag
"81fc9ca98ed7f37d5072b553c3af2525"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2592
x-amz-cf-id
X3BBzJwMbhiaYAAwwgFsF-lUMMcawrjIyRr5yQxParqBrCtvHhd9qw==
formbase.js
servicedesk.s2cportal.mercell.com/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/js/formbase.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=iso-8859-1
signin.js
servicedesk.s2cportal.mercell.com/assets/js/secure/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/js/secure/signin.js
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2fcf51f0eb0b4e3969927d8e9dd224e934828f04c170614135c8a6e7372a64b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"85a-5f77dcc73d060-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
content-length
842
x-xss-protection
1; mode=block
media-print.css
servicedesk.s2cportal.mercell.com/assets/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/css/media-print.css
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bfd1205dc4a19bcb742f15f21d15e3caf06b804fe063bae5f6325424360adb33
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicedesk.s2cportal.mercell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 22 Mar 2023 14:15:56 GMT
server
nginx
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
etag
"59c-5f77dcc718288-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
688
x-xss-protection
1; mode=block
MuseoSans_300-webfont.woff
servicedesk.s2cportal.mercell.com/assets/webfonts/museosans_300_macroman/ 		23 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/webfonts/museosans_300_macroman/MuseoSans_300-webfont.woff
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/assets/css/generic.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1963df6ccd6b41619a4d497244925ddede5e0e8dd622215fe90454fa8a03d714
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://servicedesk.s2cportal.mercell.com/assets/css/generic.css
Origin
https://servicedesk.s2cportal.mercell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
last-modified
Wed, 22 Mar 2023 14:16:00 GMT
server
nginx
etag
"5d28-5f77dcca72118"
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
23848
x-xss-protection
1; mode=block
MuseoSans_300_Italic-webfont.woff
servicedesk.s2cportal.mercell.com/assets/webfonts/museosans_300italic_macroman/ 		25 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://servicedesk.s2cportal.mercell.com/assets/webfonts/museosans_300italic_macroman/MuseoSans_300_Italic-webfont.woff
Requested by
Host: servicedesk.s2cportal.mercell.com
URL: https://servicedesk.s2cportal.mercell.com/assets/css/generic.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.140.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-140-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d87859afecf6991c598ace3d9f29223762210ceeda5ca6721c46d021d2770fab
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://servicedesk.s2cportal.mercell.com/assets/css/generic.css
Origin
https://servicedesk.s2cportal.mercell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 00:25:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
last-modified
Wed, 22 Mar 2023 14:16:00 GMT
server
nginx
etag
"654c-5f77dcca82ab8"
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
25932
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| bootstrap function| Vue function| VueResource object| bootbox object| amplify undefined| request object| Base function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ function| DropzoneUploader object| Secure number| delay

1 Cookies

Domain/Path Name / Value
servicedesk.s2cportal.mercell.com/ Name: MSIA
Value: B38EAF7F-453E-45EB-873A11A1EDA700E3

2 Console Messages

Source Level URL
Text
network error URL: https://servicedesk.s2cportal.mercell.com/assets/js/formbase.js
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering info URL: https://servicedesk.s2cportal.mercell.com/
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://api.portal.negometrix.com https://api.s2cportal.mercell.com https://*.amazonaws.com https://identity.s2c.mercell.com https://identity.negometrix.com https://www.google-analytics.com; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://maps.gstatic.com https://maps.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://fullcalendar.io 'unsafe-eval' https://ssl.google-analytics.com; img-src 'self' https://*.s2cportal.mercell.com https://*.portal.negometrix.com https://*.amazonaws.com https://*.cloudfront.net https://hubblobs.table.core.windows.net https://hubblobs.blob.core.windows.net https://*.google-analytics.com https://maps.google.com https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com https://www.gravatar.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fullcalendar.io https://*.cloudfront.net; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.linkedin.com https://www.google.com https://identity.s2c.mercell.com https://identity.negometrix.com; object-src 'none'; child-src 'self' https://www.linkedin.com https://www.google.com; frame-ancestors 'self' https://www.linkedin.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2d3lqpyc2qtzz.cloudfront.net
servicedesk.s2cportal.mercell.com
2600:9000:243d:fc00:14:661b:17c0:21
3.74.140.57
03c356237956e23920c06f11f7aa7f7ffd82fafa4f686468426ee574c5549faf
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4
1963df6ccd6b41619a4d497244925ddede5e0e8dd622215fe90454fa8a03d714
2379363060b818df38089983c12a4508ad8c35944ae59f9519cccdc4f3e80b6c
34b8ade19e7b8f3f27a511e4a298dfafaf21499635c7faee3744fc91febcc6ae
4cabc1d6ec9091e987c7f2d3e082e4c94cae36b60c9fc25a558ccb98f198b0db
5add0cf98234755fb971d1e40ec6386b6ff1c7e737b9685d9f56965652913bb5
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60d54e64258e5237790b32140f2b31b878d5cc1e36c8b9e49bc1b19af58eb0d5
61551cc3eca1a360b5fa5439c27dfda06e81700aab8711e04084900c739d6869
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7bd5b12d1e0338fe5728c4f899f957568bd94b89957623240054831c5fbaabcd
852a6602e1d6a52c97141f5c1c82b319b98b431d74d289af5473582bcdc573b8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
b1c540d43f7ca7cb7c126294f4f9a7bd08149297bbff09abd4459bd487ddec87
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
bfd1205dc4a19bcb742f15f21d15e3caf06b804fe063bae5f6325424360adb33
d70b9ea330d21e9f6afb2cbe46dd308e5f658aea587c395e45cd0b8bf84d9997
d87859afecf6991c598ace3d9f29223762210ceeda5ca6721c46d021d2770fab
e2fcf51f0eb0b4e3969927d8e9dd224e934828f04c170614135c8a6e7372a64b
e558aa3046cf02f8e8c39215c374e8198b5d2adee9dc68cd0522c75d73dcf2ec