Submitted URL: https://streetbooster.de/account
Effective URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 22 via api from IT — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2a07:6fc0:1:0:3::244, located in Frankfurt am Main, Germany and belongs to CREOLINE-AS, DE. The main domain is streetbooster.de.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.
This is the only time streetbooster.de was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 9 2a07:6fc0:1:0... 205948 (CREOLINE-AS)
7 148.251.5.29 24940 (HETZNER-AS)
4 5.1.73.72 34549 (MEER-AS m...)
4 13.225.78.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 7
Apex Domain
Subdomains
Transfer
9 streetbooster.de
streetbooster.de
48 KB
7 ccm19.de
cloud.ccm19.de — Cisco Umbrella Rank: 134554
62 KB
4 trustedshops.com
widgets.trustedshops.com — Cisco Umbrella Rank: 29590
60 KB
4 cstatic.io
streetbooster.cstatic.io
638 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
25 6
Domain Requested by
9 streetbooster.de 1 redirects streetbooster.de
streetbooster.cstatic.io
7 cloud.ccm19.de streetbooster.de
cloud.ccm19.de
4 widgets.trustedshops.com streetbooster.de
cloud.ccm19.de
4 streetbooster.cstatic.io streetbooster.de
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com streetbooster.cstatic.io
25 6
Subject Issuer Validity Valid
streetbooster.de
R3
2024-04-18 -
2024-07-17
3 months crt.sh
cloud.ccm19.de
R3
2024-03-12 -
2024-06-10
3 months crt.sh
*.cstatic.io
Sectigo RSA Domain Validation Secure Server CA
2023-07-31 -
2024-08-01
a year crt.sh
widgets.trustedshops.com
Amazon RSA 2048 M02
2023-06-25 -
2024-07-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Frame ID: AA52BA15C73D48D4B49365B116A4ED72
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Registrierung

Page URL History Show full URLs

  1. https://streetbooster.de/account HTTP 302
    https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

841 kB
Transfer

3708 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://streetbooster.de/account HTTP 302
    https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
streetbooster.de/account/
Redirect Chain
  • https://streetbooster.de/account
  • https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
192 KB
22 KB
Document
General
Full URL
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
a7cbc25511e6210bdd493a23a36c36fd5bc9443c10a3216a0279b1ba08b7dc48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, private
content-encoding
gzip
content-length
22436
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 03:26:23 GMT
expires
Mon, 22 Apr 2024 03:26:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny

Redirect headers

cache-control
no-store, private
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 03:26:22 GMT
expires
Mon, 22 Apr 2024 03:26:22 GMT
location
/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
server
nginx
x-frame-options
deny
app.js
cloud.ccm19.de/
124 KB
25 KB
Script
General
Full URL
https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27
Resource Hash
7dab69f4c0c889cf3e7f505de9580d7d034ce0df550183539e1d77cd46491a3a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
server
Apache/2.4.58 (Ubuntu)
age
293
x-powered-by
PHP/8.1.27
etag
"N55T4ob6DQzxxiUVBw/hQkXoNWvl+mF/-br"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, public, stale-if-error=3600, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow
link
<https://cloud.ccm19.de/app.css?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1&v=1713268639>;rel="preload";as="style";nopush
content-length
24950
all.css
streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/css/
2 MB
267 KB
Stylesheet
General
Full URL
https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/css/all.css?1713506020
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.73.72 Frankfurt am Main, Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
fra03.de.eu.pop.cstatic.io
Software
creoline /
Resource Hash
0e3bd4b7a44d81c26485f7ecaf519e6d88c14a3a4bd620c8ac87278e211bd6ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edge-pop
FRANKFURT
x-cache
HIT
x-cache-date
Fri, 19 Apr 2024 05:54:03 GMT
x-creoline-accel-expires
86400
last-modified
Fri, 19 Apr 2024 05:53:40 GMT
server
creoline
vary
Accept-Encoding
x-cdn-id
7626
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, stale-if-error=3600, stale-while-revalidate=120
link
<https://streetbooster.de/theme/622c7b7212aed9178f9654fa15d29dfb/css/all.css?1713506020>; rel="canonical"
expires
Sat, 19 Apr 2025 05:54:03 GMT
jquery-3.5.1.slim.min.js
streetbooster.de/bundles/netzpnotifications6/
71 KB
24 KB
Script
General
Full URL
https://streetbooster.de/bundles/netzpnotifications6/jquery-3.5.1.slim.min.js?1712296292
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c46dc051ce81c4af2b2096abbf885ae4ba7467ff5db0f0106ceee928cf3658a3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
br
last-modified
Fri, 05 Apr 2024 05:51:32 GMT
server
nginx
etag
W/"660f9164-11abb"
content-type
text/javascript
all.js
streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/
1 MB
362 KB
Script
General
Full URL
https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.73.72 Frankfurt am Main, Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
fra03.de.eu.pop.cstatic.io
Software
creoline /
Resource Hash
a0fe60b9065828ffa0e2d1df0bb1ea5c4a5c9238dd3a9cd26a43ac55b9efbf0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edge-pop
FRANKFURT
x-cache
HIT
x-cache-date
Fri, 19 Apr 2024 05:54:04 GMT
x-creoline-accel-expires
86400
last-modified
Fri, 19 Apr 2024 05:53:40 GMT
server
creoline
vary
Accept-Encoding
x-cdn-id
7626
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, stale-if-error=3600, stale-while-revalidate=120
link
<https://streetbooster.de/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020>; rel="canonical"
expires
Sat, 19 Apr 2025 05:54:04 GMT
Logo%20STREETBOOSTER%20600.webp
streetbooster.cstatic.io/media/5f/a6/11/1710271868/
6 KB
6 KB
Image
General
Full URL
https://streetbooster.cstatic.io/media/5f/a6/11/1710271868/Logo%20STREETBOOSTER%20600.webp
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.73.72 Frankfurt am Main, Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
fra03.de.eu.pop.cstatic.io
Software
creoline /
Resource Hash
66a1f2d0bb1f27667ea05f0c0ac2184e19981c9d5a8c00fd5b5146c09251ffb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
x-content-type-options
nosniff
x-edge-pop
FRANKFURT
x-cache
HIT
x-cache-date
Tue, 16 Apr 2024 20:06:09 GMT
content-length
5898
x-creoline-accel-expires
86400
last-modified
Tue, 12 Mar 2024 19:31:09 GMT
server
creoline
etag
6c25dd014db458922b776385eb34ccd8
x-cdn-id
7626
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public, stale-if-error=3600, stale-while-revalidate=120
link
<https://streetbooster.de/media/5f/a6/11/1710271868/Logo%20STREETBOOSTER%20600.webp>; rel="canonical"
expires
Wed, 16 Apr 2025 20:06:09 GMT
X6BBE58B9928222ACCF4B73A8C562E1BA.js
widgets.trustedshops.com/js/
2 KB
2 KB
Script
General
Full URL
https://widgets.trustedshops.com/js/X6BBE58B9928222ACCF4B73A8C562E1BA.js
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dd801b5fccba30b3fb71013a2f27ebd1359f16fdd3a454f870fe4af6b8ad73e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:12:59 GMT
content-encoding
gzip
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Sun, 21 Apr 2024 05:02:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
805
x-amz-server-side-encryption
AES256
etag
W/"549f5b688124ffc2785b9ed801ad5250"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-id
iaRcAY8LPjkXWNZDF_nW8cE9fEDh_mmkkDvwLRKfem-FSzpwDYDHSQ==
app.css
cloud.ccm19.de/
43 KB
7 KB
Stylesheet
General
Full URL
https://cloud.ccm19.de/app.css?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1&v=1713268639
Requested by
Host: streetbooster.de
URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27, PHP/8.1.27
Resource Hash
48503ebb5c5974d0bea271e692da9f2f190e093f80aa27019909b92314a01e31
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
age
293
x-powered-by
PHP/8.1.27, PHP/8.1.27
content-length
6851
last-modified
Tue, 16 Apr 2024 11:57:19 GMT
server
Apache/2.4.58 (Ubuntu)
etag
"N55T4vgQNcttx3+sAhDeErQyjCWoet+5-br"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
immutable, max-age=31536000, public, immutable, max-age=31536000, public
access-control-allow-credentials
true
access-control-max-age
3600
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
module.js
cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/
8 KB
2 KB
Script
General
Full URL
https://cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/module.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1&lang=de_DE&v=1713268639
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27
Resource Hash
d06f245d75d96fbc7ccbe8bd1c615217156108975f0dc6b4c5c3803617793f29
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
gzip
strict-transport-security
max-age=16000000; includeSubDomains; preload
server
Apache/2.4.58 (Ubuntu)
age
293156
etag
"N55T4lnCjU/jadVZrARXDJBTaFrN71a0-gzip"
x-powered-by
PHP/8.1.27
vary
Accept-Encoding
content-type
application/javascript
cache-control
immutable, max-age=31536000, public
x-robots-tag
noindex
content-length
2249
widget
cloud.ccm19.de/
57 KB
13 KB
XHR
General
Full URL
https://cloud.ccm19.de/widget?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1&lang=de_DE&v=1713268639
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27, PHP/8.1.27
Resource Hash
655d77a707b5a8858711b6bc1b10fa998afe1ec7981442b393a4e14fabf71db3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
age
293
x-powered-by
PHP/8.1.27, PHP/8.1.27
content-length
12370
server
Apache/2.4.58 (Ubuntu)
etag
"N55T4kFVSXCc1yJ3S0HDlFlsSwquuhSM-br"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-language
de-DE
access-control-allow-origin
*
content-type
text/x-html-fragment; charset=utf-8
cache-control
immutable, max-age=2592000, public, immutable, max-age=2592000, public
access-control-allow-credentials
true
access-control-max-age
3600
x-robots-tag
noindex
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,700&display=swap
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/css/all.css?1713506020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d791a7cc33132395f72bb1a5a05e56c87a6c5254050bba73983b542c7653b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.cstatic.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 03:18:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 03:26:23 GMT
truncated
/
183 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2a55fea8291fb7ef57424007d15efa2653f0ea504b05e0b0ac3b34a17d1e404

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://streetbooster.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 06:41:12 GMT
x-content-type-options
nosniff
age
506711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 06:41:12 GMT
consent
cloud.ccm19.de/statistics/
0
0
Preflight
General
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://streetbooster.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
access-control-max-age
3600
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date
Mon, 22 Apr 2024 03:26:23 GMT
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server
Apache/2.4.58 (Ubuntu)
strict-transport-security
max-age=16000000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
PHP/8.1.27
details
cloud.ccm19.de/widget/
0
14 KB
Other
General
Full URL
https://cloud.ccm19.de/widget/details?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1&lang=de_DE&v=1713268639
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27, PHP/8.1.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Origin
https://streetbooster.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-encoding
br
strict-transport-security
max-age=16000000; includeSubDomains; preload
age
810
x-powered-by
PHP/8.1.27, PHP/8.1.27
content-length
13342
server
Apache/2.4.58 (Ubuntu)
etag
"N55T4ittaA3fWYvevtd+FYRctzQ6xiUy-br"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-language
de-DE
access-control-allow-origin
*
content-type
text/x-html-fragment; charset=utf-8
cache-control
immutable, max-age=31536000, public, immutable, max-age=31536000, public
access-control-allow-credentials
true
access-control-max-age
3600
x-robots-tag
noindex
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
consent
cloud.ccm19.de/statistics/
16 B
793 B
XHR
General
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&gen=2&theme=65e71a4f2fed6db031001ea1
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.58 (Ubuntu) / PHP/8.1.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-encoding
gzip
x-powered-by
PHP/8.1.27
content-length
36
server
Apache/2.4.58 (Ubuntu)
access-control-max-age
3600
access-control-allow-methods
GET,POST,PUT
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options
sameorigin
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
vary
Accept-Encoding
truncated
/
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
info
streetbooster.de/widgets/checkout/
0
217 B
XHR
General
Full URL
https://streetbooster.de/widgets/checkout/info
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
deny
cache-control
no-cache, private
expires
Mon, 22 Apr 2024 03:26:23 GMT
country-state-data
streetbooster.de/country/
13 B
242 B
XHR
General
Full URL
https://streetbooster.de/country/country-state-data
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d5f1150a51fb16f8f46e3f0da2267fd999ecdf5d66d84e3558b7066de8e452aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
br
server
nginx
x-frame-options
deny
content-type
application/json
cache-control
no-cache, private
customer
streetbooster.de/mm-fp/
2 B
261 B
XHR
General
Full URL
https://streetbooster.de/mm-fp/customer
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
br
server
nginx
x-frame-options
deny
content-type
application/json
cache-control
no-cache, private
expires
Mon, 22 Apr 2024 03:26:23 GMT
notifications
streetbooster.de/netzp/
2 B
261 B
Fetch
General
Full URL
https://streetbooster.de/netzp/notifications?channelid=018cf3a8e8fb7123a8f8de1a012cb56b&channelurl=&url=%2Faccount%2Flogin%3FredirectTo%3Dfrontend.account.home.page%26amp%3BredirectParameters%3D%257B%2522_noStore%2522%3Atrue%257D&route=frontend.account.login.page
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
br
server
nginx
x-frame-options
deny
content-type
application/json
cache-control
no-cache, private
expires
Mon, 22 Apr 2024 03:26:23 GMT
statistics
streetbooster.de/netzp/shopmanager/
0
240 B
XHR
General
Full URL
https://streetbooster.de/netzp/shopmanager/statistics
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
deny
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
content-length
0
expires
Mon, 22 Apr 2024 03:26:23 GMT
trustbadge.js
widgets.trustedshops.com/assets/
194 KB
43 KB
Script
General
Full URL
https://widgets.trustedshops.com/assets/trustbadge.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
506dc14bae662d253f5c6624db22d5eec1abbc2f6fe9ae3ee3146b00bd59767a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 02:30:40 GMT
content-encoding
gzip
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 08:17:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
3344
x-amz-server-side-encryption
AES256
etag
W/"2274cfec1ada2dd266066b6fb26aefe0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
jT-6rfqtczBIF9N_OFYK3Z1Bmkxr2c-sSkqz-1W-Yzeu6LbGMdbWUg==
SB%20Logo%20transparent%20200.webp
streetbooster.cstatic.io/media/19/52/70/1710272008/
3 KB
3 KB
Other
General
Full URL
https://streetbooster.cstatic.io/media/19/52/70/1710272008/SB%20Logo%20transparent%20200.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.73.72 Frankfurt am Main, Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
fra03.de.eu.pop.cstatic.io
Software
creoline /
Resource Hash
a8146387f43459d2c39b2d722179d8103d602407f39680b4f4ca0c0b0ce5ad24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
x-content-type-options
nosniff
x-edge-pop
FRANKFURT
x-cache
HIT
x-cache-date
Tue, 16 Apr 2024 21:05:25 GMT
content-length
3080
x-creoline-accel-expires
86400
last-modified
Tue, 12 Mar 2024 19:33:28 GMT
server
creoline
etag
d680372f4c22af6a80a43941a237a73a
x-cdn-id
7626
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public, stale-if-error=3600, stale-while-revalidate=120
link
<https://streetbooster.de/media/19/52/70/1710272008/SB%20Logo%20transparent%20200.webp>; rel="canonical"
expires
Wed, 16 Apr 2025 21:05:25 GMT
de-DE.b3e6c60bef6a5b8cacee.chunk.js
widgets.trustedshops.com/assets/
11 KB
4 KB
Script
General
Full URL
https://widgets.trustedshops.com/assets/de-DE.b3e6c60bef6a5b8cacee.chunk.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=fdd53e51911899496b108a2cc093cda298d634140d2aec67&domain=65e71a4f2fed6db031001e92&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
032ae942e3849e0bebc135afe34df515786f8b9ad4dd5d1fbca513db88051604

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 01:57:00 GMT
content-encoding
gzip
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 08:17:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
5364
etag
W/"b0728b4a6cfeb0dd2aeb65947dd2fcf8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
dzmyOx-nbTqsUPV9NBPPRmsP8zSN3UIQeyD_QgM9BZ0KfYtiZcfvnQ==
sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
widgets.trustedshops.com/assets/images/
48 KB
12 KB
Image
General
Full URL
https://widgets.trustedshops.com/assets/images/sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6af29312056c28d3566230a5a50cb63bafa7d6cdc3b65508439db0d985c10bfe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://streetbooster.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 05:20:15 GMT
content-encoding
gzip
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 08:17:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79569
etag
W/"b4672d465962967c88bab0a32f3f9d66"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-id
atQc0taDmTU2y6DlzrFijuRmMotEzHJcAn8oh8LFHpU335Gzyki56g==
mmfbpcapi
streetbooster.de/
4 B
263 B
XHR
General
Full URL
https://streetbooster.de/mmfbpcapi
Requested by
Host: streetbooster.cstatic.io
URL: https://streetbooster.cstatic.io/theme/622c7b7212aed9178f9654fa15d29dfb/js/all.js?1713506020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a07:6fc0:1:0:3::244 Frankfurt am Main, Germany, ASN205948 (CREOLINE-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 03:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
br
server
nginx
x-frame-options
deny
content-type
application/json
cache-control
no-cache, private
expires
Mon, 22 Apr 2024 03:26:23 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| Ccm19Plugins object| CCM object| features object| google_tag_params function| gtag object| mediameetsFacebookPixelData string| activeNavigationId object| router string| salesChannelId object| breakpoints number| customerLoggedInState number| wishlistEnabled function| $ function| jQuery string| themeAssetsPublicPath boolean| twtCookiePermissionPositioned object| webpackChunk function| clearImmediate function| setImmediate number| uidEvent function| PluginConfigManager function| PluginManager function| PluginBaseClass function| Hammer function| flatpickr object| eventEmitter object| bootstrap function| Feature object| Neti function| linkTo_UnCryptMailto function| Waypoint object| $iziModal object| iziToast object| _klOnsite object| klaviyo object| webpackChunktrustbadge_6_business_logic object| trustbadge function| fbq function| _fbq

2 Cookies

Domain/Path Name / Value
streetbooster.de/ Name: session-
Value: q5h2a7c328b2ajjkjldr8h069g
streetbooster.de/ Name: timezone
Value: Europe/Berlin

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://streetbooster.de/account/login?redirectTo=frontend.account.home.page&redirectParameters=%7B%22_noStore%22:true%7D
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.ccm19.de
fonts.googleapis.com
fonts.gstatic.com
streetbooster.cstatic.io
streetbooster.de
widgets.trustedshops.com
13.225.78.94
148.251.5.29
2a00:1450:4001:806::200a
2a00:1450:4001:830::2003
2a07:6fc0:1:0:3::244
5.1.73.72
032ae942e3849e0bebc135afe34df515786f8b9ad4dd5d1fbca513db88051604
0e3bd4b7a44d81c26485f7ecaf519e6d88c14a3a4bd620c8ac87278e211bd6ed
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48503ebb5c5974d0bea271e692da9f2f190e093f80aa27019909b92314a01e31
4dd801b5fccba30b3fb71013a2f27ebd1359f16fdd3a454f870fe4af6b8ad73e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
506dc14bae662d253f5c6624db22d5eec1abbc2f6fe9ae3ee3146b00bd59767a
655d77a707b5a8858711b6bc1b10fa998afe1ec7981442b393a4e14fabf71db3
66a1f2d0bb1f27667ea05f0c0ac2184e19981c9d5a8c00fd5b5146c09251ffb5
6af29312056c28d3566230a5a50cb63bafa7d6cdc3b65508439db0d985c10bfe
7d791a7cc33132395f72bb1a5a05e56c87a6c5254050bba73983b542c7653b96
7dab69f4c0c889cf3e7f505de9580d7d034ce0df550183539e1d77cd46491a3a
a0fe60b9065828ffa0e2d1df0bb1ea5c4a5c9238dd3a9cd26a43ac55b9efbf0e
a7cbc25511e6210bdd493a23a36c36fd5bc9443c10a3216a0279b1ba08b7dc48
a8146387f43459d2c39b2d722179d8103d602407f39680b4f4ca0c0b0ce5ad24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c46dc051ce81c4af2b2096abbf885ae4ba7467ff5db0f0106ceee928cf3658a3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d06f245d75d96fbc7ccbe8bd1c615217156108975f0dc6b4c5c3803617793f29
d2a55fea8291fb7ef57424007d15efa2653f0ea504b05e0b0ac3b34a17d1e404
d5f1150a51fb16f8f46e3f0da2267fd999ecdf5d66d84e3558b7066de8e452aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855