urlscan.io logo urlscan.io
SecurityTrails logo

app.sellercontrol.de Open in urlscan Pro
3.67.218.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sellercontrol.de/
Effective URL: https://app.sellercontrol.de/login
Submission: On July 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 3.67.218.207, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is app.sellercontrol.de.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time app.sellercontrol.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.13.129.82 34788 (NMM-AS D)
2 8 3.67.218.207 16509 (AMAZON-02)
6 104.18.72.113 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.70.113 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 104.16.53.111 13335 (CLOUDFLAR...)
18 6
1    85.13.129.82 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd17224.kasserver.com
www.sellercontrol.de
8    3.67.218.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
app.sellercontrol.de
6    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
intensic.zendesk.com
Apex Domain
Subdomains		 Transfer
9 sellercontrol.de
www.sellercontrol.de
app.sellercontrol.de
689 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2404
ekr.zdassets.com — Cisco Umbrella Rank: 2905
363 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
1 zendesk.com
intensic.zendesk.com
1 KB
18 5
Domain Requested by
8 app.sellercontrol.de 2 redirects app.sellercontrol.de
6 static.zdassets.com app.sellercontrol.de
static.zdassets.com
2 www.facebook.com app.sellercontrol.de
2 connect.facebook.net app.sellercontrol.de
connect.facebook.net
1 intensic.zendesk.com static.zdassets.com
1 ekr.zdassets.com static.zdassets.com
1 www.sellercontrol.de 1 redirects
18 7

This site contains no links.

Subject Issuer Validity Valid
app.sellercontrol.de
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
zdassets.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-12 -
2024-07-11		 3 months crt.sh
intensic.zendesk.com
Cloudflare Inc ECC CA-3		 2024-02-20 -
2024-12-31		 10 months crt.sh

This page contains 2 frames:

Primary Page: https://app.sellercontrol.de/login
Frame ID: F7550E566718327C2148828AF861C94A
Requests: 12 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Frame ID: C4A793270AA34A533B06E22DAE2A6347
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

seller control - Log in

Page URL History Show full URLs

  1. https://www.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/dashboard HTTP 302
    https://app.sellercontrol.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

18
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1128 kB
Transfer

2213 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/ HTTP 301
    https://app.sellercontrol.de/dashboard HTTP 302
    https://app.sellercontrol.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.sellercontrol.de/
Redirect Chain
  • https://www.sellercontrol.de/
  • https://app.sellercontrol.de/
  • https://app.sellercontrol.de/dashboard
  • https://app.sellercontrol.de/login
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
56ff02449c6bcecd190909a9d811fc0132be2a04399d4f97a36846bb077789aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 21:53:45 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 03 Jul 2024 21:53:45 GMT
location
https://app.sellercontrol.de/login
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
all-3a5b47b3b3.css
app.sellercontrol.de/css/ 		390 KB
393 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/css/all-3a5b47b3b3.css
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e7f32ac1b067e954fd9f3456e65098831ef06985e3b530ae2db5a91ed9c74297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag
"617d9-61391549c9ec0"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
399321
vendor-d001be75c0.js
app.sellercontrol.de/js/ 		265 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/js/vendor-d001be75c0.js
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
3556c81974a28f6c6090bfb7346c1c3bfef06fcbf5b99c5475571336a648a1b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag
"42473-61391549c9ec0"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
271475
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
41
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2To%2F7gIRgJjvDWXAQSS5CaUcU2PFgaEHl%2F0DxIsbRxUm6R6W13lOa6IStnb408uMAYWNg86dJQ%2BPMBFKCtlJPXTqNuubx%2FVLKycSa6Xtl3vb0x7EhW3N7KxK0BnYVNego7vRsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
89da1c324c639006-FRA
access-control-allow-headers
*
logo3.png
app.sellercontrol.de/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.sellercontrol.de/img/logo3.png
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
fac5a70639e60865fa0c66d9b6ac8033e0d773a3ee60f6f66004574f6f8a2c19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag
"14ab-61391549c9ec0"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
5291
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jul 2024 21:53:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
rZAMuXZJGL/XCYDkF187rTLwaz9EnCbD51/UVaj7p4FIq2nYs5Ougp7/9Vn79MV0Q+Soehfjm94zyFQ/Dl778g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
06e39256-fda8-496d-94b6-098c4280a280
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/06e39256-fda8-496d-94b6-098c4280a280
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ad149b26becdb00b424f6fab47a0283ba954ef3afa20c73e9cd17c08018ce7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
89cdfa81cfc584c7-SEA, 89cdfa81cfc584c7-SEA
x-runtime
0.009873
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b4ad149b26becdb00b424f6fab47a028"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFHDOEfORSKqQ9aa8ibCK2HGdcfNF4eUPJGp39CF424W7StJouq2tqUyBX%2FH6onTTzY9sW5UuRz%2FRyY590yxq%2BsRqxsu9KKVdVVaz2DmtcMXzVUL8YI%2FrXeOic7GR1kfESo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
89da1c32e987bbc1-FRA
glyphicons-halflings-regular.woff2
app.sellercontrol.de/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/css/all-3a5b47b3b3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/css/all-3a5b47b3b3.css
Origin
https://app.sellercontrol.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag
"466c-61391549c9ec0"
x-frame-options
DENY
accept-ranges
bytes
content-length
18028
327267682031873
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/327267682031873?v=2.9.160&r=stable&domain=app.sellercontrol.de&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40c214ac462c8065456127094c24e10c225cb20a97d426857961014d44051ed7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jul 2024 21:53:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1328, tbw=63798, tp=-1, tpl=-1, uplat=157, ullat=0
pragma
public
x-fb-debug
QMhiQHHRT9d3sKMAZIu2UQnL7hBrH0DMn1rkuigkUS9z0gDwiQsqTtuZhJsksqQoSaTN7AYaWl/ihlfn6kC6Ow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=327267682031873&ev=PageView&dl=https%3A%2F%2Fapp.sellercontrol.de%2Flogin&rl=&if=false&ts=1720043625600&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720043625598.51996964319864464&cs_est=true&ler=empty&cdl=API_unavailable&it=1720043625421&coo=false&rqm=GET
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Jul 2024 21:53:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=327267682031873&ev=PageView&dl=https%3A%2F%2Fapp.sellercontrol.de%2Flogin&rl=&if=false&ts=1720043625600&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720043625598.51996964319864464&cs_est=true&ler=empty&cdl=API_unavailable&it=1720043625421&coo=false&rqm=FGET
Requested by
Host: app.sellercontrol.de
URL: https://app.sellercontrol.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc710f8a3456dacd6","source_keys":["1","2"]},{"key_piece":"0x3aab42a8f0bab750","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 03 Jul 2024 21:53:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387531117777691982", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3091, tp=-1, tpl=-1, uplat=258, ullat=0
pragma
no-cache
x-fb-debug
Phek67aB5My1BAQN089Fcn4QvEL8z3o0x6wh0YuGss0WztATg3IuJyw1jmmk6aERibRHDIB6V2Fl67H3j9YOOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387531117777691982"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-main-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame C4A7 		972 KB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=06e39256-fda8-496d-94b6-098c4280a280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094810cad57e8631aa472aa9c0a10a8557f0250122413140107ee0c2e0fb0e14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
x-amz-version-id
SCTjl2ckf2U7IDSCZT0gOekjqnpP9.yU
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YN3ZGGQDBH827DBM
age
293
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
fgR+YnZX4Ce2qlkttdxIZM7jNAZ6NJAa2MGKzlz7Hrd/0wUOf1c755G1sTcgr1CG2QLVJforOGY=
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"b3b85d5ef4df5f1e3f8278e1b9281b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPe7r5%2BofzTr9oz6adtIJavQ4T8%2FSVIOK1%2FIdsAPk6rYKZoC3Ml4ibkqjGUg3zQph%2BE35Um6Ke9ieQsd%2BVirraPUjhTaycqjbQJOSA6MEbbPQazfFG9CKGuX59eQvnqDZWA2EHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
89da1c343e0b9006-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
en-us-json-82b779d.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame C4A7 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
x-amz-version-id
Dr7UckWLuA_hHpsnpwYlJtB94RJkxOxH
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5QBFN815VJRMEH40
age
131706
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
0FkuZT0ThuH028fOSxNnCk01CyHbU4Dqz5Ed/rrpOmjkFfYnbT8Wm/iRFcHD0kjqLVzo/hN5l5Y=
last-modified
Wed, 26 Jun 2024 14:31:31 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpnH%2FbkF5uCldSQijDIKBOFSn%2BH5a2irLdTgoUfz0L35KNGPXVqtRE1k7jfPVXj1BmwCZ3%2ByT8CJSX1D89jsU1v%2B4myG%2BnIskQL7QPKgcdjV7cx8YfkmLT0SALQ%2Fjyt6epufho0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
89da1c34ee949006-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:30 GMT
config
intensic.zendesk.com/embeddable/ Frame C4A7 		647 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://intensic.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3ed18a92342d9d2292dbda377eccf3fe0b5e06c65c6de21189136f8a38bb1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-bc4fb9449-jwqsj
x-cached
MISS
x-runtime
0.025133
server
cloudflare
etag
W/"bd3ed18a92342d9d2292dbda377eccf3"
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bpu5Fmmyk6g9q5YBoVdIPKc%2FAlgexdYcdEwT1%2FT9E9%2FLHh%2Ffd2XdSj1bNyy%2BhTrMPPisoBShV7kjcZPJmPkx%2FV%2FTa8QF6WaGUNuhcrzdb6pIqyE%2FI7%2B3IbIqhDCXRJG%2Fo6v08oMT"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
cf-ray
89da1c352e2f2c45-FRA
web-widget-chat-sdk-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame C4A7 		216 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
x-amz-version-id
.p8nX1U4xbyw23vl3u3azk5iCuj0VTgC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
6PEW6ASZHW1G7MKY
age
131707
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
IwuZTqpD0Lf4uOF2NPi6gBCunhc5SGIBf65Z9JLYwcDZaVujapb4WIyiHcTaK1hGfakhuc3S4tVDhT781S3pB8NxBGL/Ov8j
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5IIwIBR9MD5H2oULRT%2F%2BNYrKvnG6e5kpKwVw146XbRfapff03uiIBmC7wsymiDqIm4Jtx1K7%2F2T5XaD4FD3XL8kHaJqtl7DJery9DH5PV3AULlRH60Xk9JJB8B%2FwyFsNpDyH10%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
89da1c351ebf9006-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
favicon.ico
app.sellercontrol.de/ 		0
65 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.sellercontrol.de/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.67.218.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-207.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.sellercontrol.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2024 21:19:31 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag
"0-61391549c9ec0"
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
0
web-widget-chat-incoming-message-notification-82b779d.js
static.zdassets.com/web_widget/classic/latest/ Frame C4A7 		236 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-82b779d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-82b779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:46 GMT
x-amz-version-id
wqFk_CJZiQBBOQ2sMRe7y2sc8oCQAFUy
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7AN43QXF4ZPFGECW
age
131707
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4ne+RR2VoC0DqWEmlTOqyG+pYoaiVFVi0ZoxQz1XPNYu6UNr7aF2cSnRsg7gdGy7ZMpR6IxfG5Q=
last-modified
Wed, 26 Jun 2024 14:31:29 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HP4Wa4ruRW4cVFtkkrXfwLAmt4UYvWtui04ZggMeRaIzybMFLvXhwzKPv4OkT2yJgn05fjr9U0tmWrzky3L6mdzwJUFXTtufjKXA4%2BxEm9GsIdOvX%2BBc94lR2ykZQ17pd9lpwq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
89da1c3839669006-FRA
access-control-allow-headers
*
expires
Thu, 26 Jun 2025 14:31:28 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame C4A7 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 21:53:46 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
9690826
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSiff8s5F%2B8EUi8VyB4klJDe1WnDWW%2By0roPfSFZkXaYpp6yoAABenXD%2BXLN5qRDyhnPz5rPHjE3hpiUbkGo4KKWMOdS8BfvKVd4LufissrV9XDGbd%2FgI1t1Rpu0lF6jcAw%2Fh60%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
89da1c3869889006-FRA
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| Color function| Chart function| Tether object| Shepherd object| Laravel function| fbq function| _fbq object| zESettings object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

5 Cookies

Domain/Path Name / Value
app.sellercontrol.de/ Name: XSRF-TOKEN
Value: eyJpdiI6ImZlVE1lR2dWcFJ5WCtkSmw2WXFjaXc9PSIsInZhbHVlIjoicmFsd2ZibDczbWdzb3Q3QjVCbU5waE5wQzZnb29Fak5BZ0FNb3dWa3didGRVT2dtVTFOc1ZXZGxBbWh3SWY4bVVtZXZEVjBkRVl5M1VmWm0yRG1GN0JvZHptdDRiSzh6K3VidzZmRTRKL0Y5a242M1NDSVVJbmpRZkFYSGhma1kiLCJtYWMiOiI1MzQ4M2QxYjE2MTFmM2MwMTQ5M2RlMWFiYzEyZTY3ODFkYTlkNjUwNzdlMjhkY2U1MmI4ZTAyMTA3ODc3YzIyIn0%3D
app.sellercontrol.de/ Name: laravel_session
Value: eyJpdiI6Im15RGRHRE5neWw5ckN4K0lMVWxUalE9PSIsInZhbHVlIjoiTlh4b3FtcHBZcXZ3Uk41WlFFS0VWUGg2WTc0RzNmQVNqT1BuWTVYbW5ERG1JVFluWGhxVmhMbjNPMld2SGMra3Q2THcyKzk4RC9lcTFQc2lCUXhOZlZKOW9qQzZSTnFWbmVlSEVpVWdaMDdCRU5CNkRBZVBCbU13WE5Nd0t0eUUiLCJtYWMiOiJhMzJiYjUyYzFlYTlkN2RlYmFiNmYzZDA2NTdlNWQwOThiZmU5ZDk3MDUyNzZjYWVkYmM4MDI0MGQ2YzBhOWE2In0%3D
.sellercontrol.de/ Name: _fbp
Value: fb.1.1720043625598.51996964319864464
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: 0T9eJ1DCu5yk13Ay4pU/nhzYsv6KbPnFFj6+M1YKC3GBsGsOvlJYZjDWTyA9N/hMhRBNf4K7eiMyJUP5CIaBT312qRnwHH2G0trysEK8NcCk0+6t5NmGMEEW2M3F
.sellercontrol.de/ Name: __zlcmid
Value: 1MZmqESeZknCjJQ

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.sellercontrol.de/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.sellercontrol.de
connect.facebook.net
ekr.zdassets.com
intensic.zendesk.com
static.zdassets.com
www.facebook.com
www.sellercontrol.de
104.16.53.111
104.18.70.113
104.18.72.113
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.67.218.207
85.13.129.82
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
094810cad57e8631aa472aa9c0a10a8557f0250122413140107ee0c2e0fb0e14
3556c81974a28f6c6090bfb7346c1c3bfef06fcbf5b99c5475571336a648a1b2
40c214ac462c8065456127094c24e10c225cb20a97d426857961014d44051ed7
56ff02449c6bcecd190909a9d811fc0132be2a04399d4f97a36846bb077789aa
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b4ad149b26becdb00b424f6fab47a0283ba954ef3afa20c73e9cd17c08018ce7
bd3ed18a92342d9d2292dbda377eccf3fe0b5e06c65c6de21189136f8a38bb1e
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f32ac1b067e954fd9f3456e65098831ef06985e3b530ae2db5a91ed9c74297
fac5a70639e60865fa0c66d9b6ac8033e0d773a3ee60f6f66004574f6f8a2c19