urlscan.io logo urlscan.io
SecurityTrails logo

portal.ecommerce.sebgroup.com Open in urlscan Pro
2600:9000:2057:1a00:1b:1997:fd00:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.ecommerce.sebgroup.com/users/login
Submission: On June 19 via manual from LT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2600:9000:2057:1a00:1b:1997:fd00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is portal.ecommerce.sebgroup.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 13th 2024. Valid for: a year.
This is the only time portal.ecommerce.sebgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2600:9000:205... 16509 (AMAZON-02)
8 1
Apex Domain
Subdomains		 Transfer
8 sebgroup.com
portal.ecommerce.sebgroup.com
416 KB
8 1
Domain Requested by
8 portal.ecommerce.sebgroup.com portal.ecommerce.sebgroup.com
8 1

This site contains links to these domains. Also see Links.

Domain
mwt-seb-demo.every-pay.com
support.ecommerce.sebgroup.com
Subject Issuer Validity Valid
portal.ecommerce.sebgroup.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-13 -
2025-06-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.ecommerce.sebgroup.com/users/login
Frame ID: 86131F4114B0A91FD560759EA0760EA0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Portal - SEB

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

416 kB
Transfer

1270 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
portal.ecommerce.sebgroup.com/users/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4def364f5873a082a4618b836d5f7078d02f0f56535e2033cc93e4ecc6031f8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://static.pocopay.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.pocopay.com; img-src 'self' https://s3-eu-west-1.amazonaws.com/production-ups-logos/ data:; frame-src 'self' https://pay.every-pay.eu; script-src 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, no-cache, no-store, no-transform
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://static.pocopay.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.pocopay.com; img-src 'self' https://s3-eu-west-1.amazonaws.com/production-ups-logos/ data:; frame-src 'self' https://pay.every-pay.eu; script-src 'self' 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 08:13:50 GMT
etag
W/"4def364f5873a082a4618b836d5f7078"
expires
Wed, 19 Jun 2024 08:13:50 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
jvcgezDpQeCxncgMufZV1DiXrUz0ZDEaDMTPbuoDmmsvcDusTYVYag==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ac8fa3e5-4cc4-42be-9cdd-e5a374a5e2f5
x-xss-protection
1; mode=block
application-511a65d0da659431b8eecdf65c95c807ca88fddcac06cd53c358e91fd35ee15f.css
portal.ecommerce.sebgroup.com/assets/ 		234 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/application-511a65d0da659431b8eecdf65c95c807ca88fddcac06cd53c358e91fd35ee15f.css
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5dde8c0003ed4a57f2d43bcb7abc327d600694a57aae71cd5174c44e534749c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 07:26:59 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"66728843-3a667"
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
IC0CKnJU5SR5BwbRZk2_j1PhTsl1rMrWiHZCMg1bcdItttwi3eJMbQ==
seb2019-8a1a19374f68cacc62807a153443d13411dac5835fb7fd9c34963313b7b214f2.css
portal.ecommerce.sebgroup.com/assets/mwt_eng/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/mwt_eng/seb2019-8a1a19374f68cacc62807a153443d13411dac5835fb7fd9c34963313b7b214f2.css
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eeaa5ec85230529781561bc796122e2112cff287ec50d93ccb28cc0ac4d21f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 07:26:59 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"66728843-e7bd"
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
j7omWsXvwYY5Svlu3NqjuCMHaxszwF0jc0DNegYfW3kJwkO-hudy3g==
jquery3-0d94dae028c472c0706d3f42c280137af9023f6ea9f14760cfd59ac6a0b5650f.js
portal.ecommerce.sebgroup.com/assets/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/jquery3-0d94dae028c472c0706d3f42c280137af9023f6ea9f14760cfd59ac6a0b5650f.js
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f14d37810c87bf6a18d5a168baf55857bfb1437037ffd96a03cafb56c6a662e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 07:26:59 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"66728843-16077"
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
bcNj96wsxb_x9SmE9NCBAJg9IKk5U8HIsTcyCxO7xG1c6QGtYQPEzA==
bootstrap-select-df61e19fd9e23423e0225e83cb2fb8138bbf05e59dc6a879e7c1f60a63abefe0.js
portal.ecommerce.sebgroup.com/assets/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/bootstrap-select-df61e19fd9e23423e0225e83cb2fb8138bbf05e59dc6a879e7c1f60a63abefe0.js
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d08d872aee140e99c5292b42d153c3fbc9590219313989cf3aaf759d158c03fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 07:26:50 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"6672883a-5a57"
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
54pMOpT2pxCAUNRg-7UzWGBuT-R9hDtRcQVT-QvIYMZJGLAEK3hrvw==
application-c1ecc538c65a0ea27cb3c2f859ffd7b47501b6196050335c14ba11a2b43c3065.js
portal.ecommerce.sebgroup.com/assets/ 		806 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/application-c1ecc538c65a0ea27cb3c2f859ffd7b47501b6196050335c14ba11a2b43c3065.js
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/users/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e0a55e24f632c78ac04f459d50aa084a3eeb351eeec9841ad95fc4a0826cfcf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 07:26:50 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"6672883a-c964c"
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
y4GLOKx9z0v0gVD3tMTRWYG1yVerMXUnbZtQfmvsWkrEedzpb_YgFQ==
seb-a4afef39f69e31ce38079c9e03d468997a87da22364d04754da2efc4eae6fddc.jpg
portal.ecommerce.sebgroup.com/assets/branding/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.ecommerce.sebgroup.com/assets/branding/seb-a4afef39f69e31ce38079c9e03d468997a87da22364d04754da2efc4eae6fddc.jpg
Requested by
Host: portal.ecommerce.sebgroup.com
URL: https://portal.ecommerce.sebgroup.com/assets/mwt_eng/seb2019-8a1a19374f68cacc62807a153443d13411dac5835fb7fd9c34963313b7b214f2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f9e3eec6b412072eaa76ecb900d1c0ccf13319ea64fa0973cfcd72bcc90ac62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/assets/mwt_eng/seb2019-8a1a19374f68cacc62807a153443d13411dac5835fb7fd9c34963313b7b214f2.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 07:26:50 GMT
x-amz-cf-pop
FRA6-C1
etag
"6672883a-da63"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
55907
x-amz-cf-id
mZdFpswep7frpujKJU3dBN82eBSsnr21-6R2_zJXT5gweP2vjuhjag==
favicon_seb-2f38bed60bb2a61c555907f27f67effe6f6928aa0314feb86dcfdff651d5f182.ico
portal.ecommerce.sebgroup.com/assets/branding/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.ecommerce.sebgroup.com/assets/branding/favicon_seb-2f38bed60bb2a61c555907f27f67effe6f6928aa0314feb86dcfdff651d5f182.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:1b:1997:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7dc15a8c7db0fc67f72d0aea1746a08ef6feaa8b658b036cae0853442458d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://portal.ecommerce.sebgroup.com/users/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 08:13:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 07:26:59 GMT
x-amz-cf-pop
FRA6-C1
etag
"66728843-10be"
x-cache
Miss from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
4286
x-amz-cf-id
iDgzl4JiKJfmYHaXJgdscB3wyzFhb86-s0vMYdrs7BXjlsCOGwihYQ==

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| readURL function| setInputRestrictions function| initiateCheckboxes function| checkCheckboxGenerateMerchantId function| initMultiSelect function| initMultiSelectAll function| initMultiFselect function| update_hidden_values function| auto_required function| move_country_to_low_risk_list function| move_country_to_medium_risk_list function| move_country_to_high_risk_list function| sort_country_list function| scroll_to_selectbox_item function| getIndexByKey function| updateAttribute function| removeReferenceNumberField function| addReferenceNumberField function| initLinkPayForm function| isLinkPayLogoValid function| getLinkPayLogoPath function| getLinkPayLogoFile function| validateFileUpload function| removeLogo function| unCheckAll function| checkAll function| countChecked function| activeSubmit function| getPaymentIds function| activeFaudulentForm function| deactiveFaudulentForm function| activeSearchForm function| deactiveSearchForm function| toggleIconSearch function| toggleCheckbox function| toggleForm function| getURLParameter function| sendRequest function| paymentScroll object| mwtEngFunction object| CurrencyFacilityFunction undefined| mixedSeries undefined| series undefined| yAxis undefined| mixedChartOptions undefined| mixedChart undefined| pmStats undefined| pmSums undefined| pmNames undefined| pmTotal undefined| donutChartOptions undefined| donutChart function| selectDropdownSearch object| FraudRuleFunction object| linkPayFunction object| searchPaymentFunction function| AjaxBootstrapSelect function| AjaxBootstrapSelectList function| AjaxBootstrapSelectRequest object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| moment function| daterangepicker function| flatpickr object| fSelect function| init_font function| init_apply_previewer_changes object| ranges boolean| requires_shipment boolean| shipment_location_is_cc_location

3 Cookies

Domain/Path Name / Value
portal.ecommerce.sebgroup.com/ Name: cookie_handshake_key
Value: b748dc5beea5cb8c6fdeef59f5252bbd
portal.ecommerce.sebgroup.com/ Name: locale
Value: de
portal.ecommerce.sebgroup.com/ Name: _mwt_session
Value: 0c32565cd3b3ff71df2457453d4ac08b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://static.pocopay.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.pocopay.com; img-src 'self' https://s3-eu-west-1.amazonaws.com/production-ups-logos/ data:; frame-src 'self' https://pay.every-pay.eu; script-src 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block