urlscan.io logo urlscan.io
SecurityTrails logo

www.mt-lesershop.de Open in urlscan Pro
3.74.209.140  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930
Effective URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Submission: On November 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 51 HTTP transactions. The main IP is 3.74.209.140, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.mt-lesershop.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on September 5th 2024. Valid for: 3 months.
This is the only time www.mt-lesershop.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 3.77.17.165 16509 (AMAZON-02)
1 4 3.74.209.140 16509 (AMAZON-02)
32 18.66.112.36 16509 (AMAZON-02)
2 142.250.184.200 15169 (GOOGLE)
2 142.250.186.100 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
1 142.250.185.78 15169 (GOOGLE)
7 151.101.1.21 54113 (FASTLY)
1 151.101.67.1 54113 (FASTLY)
2 192.229.221.25 15133 (EDGECAST)
51 10
1    3.77.17.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-17-165.eu-central-1.compute.amazonaws.com
mt-lesershop.de
4    3.74.209.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
www.mt-lesershop.de
32    18.66.112.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-36.fra56.r.cloudfront.net
cdn02.plentymarkets.com
2    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net
www.gstatic.com
1    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
7    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.67.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
Apex Domain
Subdomains		 Transfer
32 plentymarkets.com
cdn02.plentymarkets.com — Cisco Umbrella Rank: 300723
688 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
157 KB
5 mt-lesershop.de
mt-lesershop.de
www.mt-lesershop.de
70 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2817
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
174 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
1 gstatic.com
www.gstatic.com
218 KB
51 8
Domain Requested by
32 cdn02.plentymarkets.com www.mt-lesershop.de
cdn02.plentymarkets.com
7 www.paypal.com cdn02.plentymarkets.com
www.paypal.com
4 www.mt-lesershop.de 1 redirects cdn02.plentymarkets.com
2 www.paypalobjects.com www.mt-lesershop.de
2 www.google.com cdn02.plentymarkets.com
www.gstatic.com
2 www.googletagmanager.com www.mt-lesershop.de
www.googletagmanager.com
1 t.paypal.com www.mt-lesershop.de
1 www.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 mt-lesershop.de 1 redirects
51 10

This site contains links to these domains. Also see Links.

Domain
cdn02.plentymarkets.com
Subject Issuer Validity Valid
mt-lesershop.de
Encryption Everywhere DV TLS CA - G2		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.plentymarkets.com
Amazon RSA 2048 M02		 2024-04-09 -
2025-05-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Frame ID: AE2232DB557E244DA8266FC4C51AF148
Requests: 46 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_jvwazryeqchtqkkkmclvmqbpyimehj&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&env=production&scriptUID=uid_jvwazryeqchtqkkkmclvmqbpyimehj&version=1.64.12&integrationType=SDK
Frame ID: 626C499613067623E42F553CEB897B96
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?onShippingChange=true&style.label=buynow&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&fundingSource=card&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_d454c309e7_mda6mjg6mze&buttonSize=large&customerId=&clientID=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&clientMetadataID=uid_71548a09b4_mda6mjg6mza&commit=true&components.0=buttons&components.1=funding-eligibility&components.2=hosted-fields&components.3=marks&components.4=messages&components.5=payment-fields&currency=EUR&debug=false&disableSetCookie=true&enableFunding.0=paylater&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmFyaWFudCI6IkRFIn19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6ZmFsc2UsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=de&locale.country=DE&merchantID.0=JECSYYBQJZPNC&hasShippingCallback=true&platform=desktop&renderedButtons.0=card&sessionID=uid_71548a09b4_mda6mjg6mza&sdkCorrelationID=f357733b28ac8&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&sdkVersion=5.0.463&storageID=uid_fdc84c5d10_mda6mjg6mza&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 2B0A4C6A888C27F802DED1DE1914B214
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?onShippingChange=true&style.label=buynow&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_2f2bd588f0_mda6mjg6mze&buttonSize=large&customerId=&clientID=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&clientMetadataID=uid_71548a09b4_mda6mjg6mza&commit=true&components.0=buttons&components.1=funding-eligibility&components.2=hosted-fields&components.3=marks&components.4=messages&components.5=payment-fields&currency=EUR&debug=false&disableSetCookie=true&enableFunding.0=paylater&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmFyaWFudCI6IkRFIn19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6ZmFsc2UsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=de&locale.country=DE&merchantID.0=JECSYYBQJZPNC&hasShippingCallback=true&platform=desktop&renderedButtons.0=paypal&sessionID=uid_71548a09b4_mda6mjg6mza&sdkCorrelationID=f357733b28ac8&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&sdkVersion=5.0.463&storageID=uid_fdc84c5d10_mda6mjg6mza&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 609C6C6D46C86E99C575DA6D4CB89AA9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg
Frame ID: 3B4A66D8AB713AE339A06A4E481E2CC3
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 66E778A88303D772F1655A4342BCE6E0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgnAImAAAAADWu5FrFKiqqx5akIMzq5fafJ_Dl&co=aHR0cHM6Ly93d3cubXQtbGVzZXJzaG9wLmRlOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=ph1qouw8tdro
Frame ID: 473674B1F9949E52BDF7E5DF364717DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Familienkalender Schüttel den Apfelbaum 2025 | MindenerTageblatt

Page URL History Show full URLs

  1. http://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 307
    https://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 301
    https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 301
    https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1332 kB
Transfer

3801 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 307
    https://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 301
    https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930 HTTP 301
    https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Redirect Chain
  • http://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930
  • https://mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930
  • https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930
  • https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
265 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
65d1f8e78a45668c18f39dec1570bef5950f7b60caf34cf9c1952f334d2b5bfc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
content-type
text/html; charset=UTF-8
date
Wed, 06 Nov 2024 00:28:26 GMT
link
<https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/OpenSans-Regular.ttf>; rel=preload; as=font; crossorigin,<https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Logo.png>; rel=preload; as=image
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-last-modified
2024-11-05 14:11:21.98 +0000 UTC
x-plenty-cache
hit
x-plenty-id
9d03123827aaf45d28b0158a097956498011943c
x-plenty-key
3cda1d7f3d980e260777dff8fc5e34b95ab4328d
x-plenty-shop
Ceres
x-plenty-shop-version
eyJpdiI6InVOMjZuaVVWcGQ3cmx2L0s4VHEyTUE9PSIsInZhbHVlIjoiTFlKZWpsMzQveDM2OEtPdmR6eWtSQT09IiwibWFjIjoiZDBiNzEwYjExZDllMmIwOGU4ZjNkZDMyOTFhMDY4OGQ5YWUxM2E2ODNlZjMyMGYzYzU4MWJlMTc2ZDYxOWZlYiIsInRhZyI6IiJ9

Redirect headers

content-encoding
gzip
content-type
text/html
date
Wed, 06 Nov 2024 00:28:26 GMT
location
https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
vary
Accept-Encoding
OpenSans-Regular.ttf
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/ 		127 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/OpenSans-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://www.mt-lesershop.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
ZJiPJvR3SKygywmODg9wXwgoEBy7KdaQ
etag
W/"22ab03a6b890f2f142a137a38bf1d4ae"
age
109281
access-control-allow-methods
GET, HEAD
expires
Thu, 30 Mar 2023 04:40:34 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
oXtwt0Zpd0H3ZeEHAy2NVHMq5zgcn031oAZC-pBzsMPx6AnPVQuAtA==
date
Mon, 04 Nov 2024 18:07:08 GMT
content-type
font/ttf
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 28 Mar 2023 04:40:35 GMT
cache-control
max-age=172800
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"af752f6de272cf03cebc19345d5458b6"
x-amz-version-id
FS0eMV4PkW8SFjg6uxsoOTx8qLoKCIC9
age
88833
expires
Thu, 21 Jul 2022 11:55:28 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
vUPh-wYEOHHKpXSQoxso_ZKILNKcSEp0BQmBt-BZZQ7oQxD8rX71-Q==
date
Mon, 04 Nov 2024 23:47:56 GMT
content-type
image/png
last-modified
Tue, 19 Jul 2022 11:55:29 GMT
x-amz-meta-height
280
cache-control
max-age=172800
x-amz-meta-width
1500
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17719
x-amz-cf-pop
FRA56-P5
server
AmazonS3
ceres-icons.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ 		66 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
4iA6P8syjJ_szIWWqP8_QyPHGAnlF95n
etag
W/"ccd446e05ec2d3ae81b7aa8db00b8bd7"
age
112296
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
8u2RpdQFqaRpJuQsoqlC7nVkKlm50aM383Uud0FByBi_zSkDP9OUnQ==
date
Mon, 04 Nov 2024 17:16:53 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-base.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ 		345 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6b58d8c1d9af67de8986318fa02a7d162c0181e5f0d7de97f2bc73b47d63e97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
XSN2DcIZnQ2V2c69PWPiO_kRiUGTYG5X
etag
W/"e8b7f3d11397ad47b09b8d88f780f373"
age
31695
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RyP9097vDRlFtTVcsj4uwP6OQBm8t8Mz2PSR3SFRybXGpVNmjC_svA==
date
Tue, 05 Nov 2024 15:40:14 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dab8dcd5022184ca6d9d9c7f8bd31442a7317bcd094221ebc3be84ac8d434a7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 00:28:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 00:28:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80450
x-xss-protection
0
server
Google Tag Manager
mt-lesershop.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/mt-lesershop.png
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef003ac1cc4651dd5c3151579fd63b0443ff9f9d0d9489818c9bb0717fbf653c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"22688b52a7735ac7a1eeb4a8fbb09d79"
x-amz-version-id
IUnXcEWNHcpIhOzRKsVvETcH1Yn11EUn
age
116975
expires
Wed, 16 Oct 2024 09:24:34 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
YwcX6yMx2F-_FzKMgBv6Rm1v1lume3kXWWNxNPulVltQEGvRBteHZw==
date
Mon, 04 Nov 2024 15:58:54 GMT
content-type
image/png
last-modified
Mon, 14 Oct 2024 09:24:35 GMT
x-amz-meta-height
468
cache-control
max-age=172800
x-amz-meta-width
1592
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25204
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
dhl-logo.svg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/dhl-logo.svg
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

cache-control
max-age=172800
content-encoding
gzip
x-amz-version-id
T6nksCOwDf_GvmswKAUxcCSCZItlT_Hm
etag
W/"3fecc9db35d5d2a9e6e71ab4b02d22e5"
age
154655
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
expires
Fri, 31 Jul 2020 08:08:58 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
OKc2j_jhsgBNIKMNikZGBkGMKOejhLDkNzMA6S2ki3E-93cRR6z8kw==
date
Mon, 04 Nov 2024 05:30:54 GMT
content-type
image/svg+xml
last-modified
Wed, 29 Jul 2020 08:08:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
vary
accept-encoding
ceres-client.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ 		901 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f839c5029bf1abae7d185a9c89324d7ca57657b8f4a92d73a3aa1e257673cfa0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
h3SWpQLbQrGY_pORKO0O7BIpx6Mn7qBs
etag
W/"f26a0f7811c8943da8f749b8800ff96d"
age
95687
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
oLOkzfVgR_Ujcmq6drMUIsUsBoMJOMu2y-x8et9ue2zn9yN-oW27Dw==
date
Mon, 04 Nov 2024 21:53:42 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
fontawesome-webfont.woff2
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/documents/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/documents/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
N7rEXh6Sl1uQuICqdPjUqNgbxzmIbT5p
etag
W/"af7ae505a9eed503f8b8e6982036873e"
age
31694
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
_coKT280dniToNuoXhql6w09f4zPBnOwN5ZQA1i3u4ikhnMLVa8fZw==
date
Tue, 05 Nov 2024 15:40:15 GMT
content-type
text/plain; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
cache-control
max-age=604800
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
ceres-client-9.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-9.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
TfXO7Rq4MH02Na1yjK.oGm4lCuKj8df_
etag
W/"599116c1691a0f762086f4a2556a6288"
age
95948
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
yNySMjRcfdtOgN58HyUrF1RH5ZgRsQEWKHDibwgVgSv85oqG8KVQtA==
date
Mon, 04 Nov 2024 21:49:22 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-3.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		88 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-3.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9081f67a818e50650ea867528dbec60cf2790ba625ab34ae40482ac33332dc98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
5J3a8rNcLUj_Pwk6R6_Z.jAn8Tu22nZE
etag
W/"cb8a2d4e355b5f11e086b9f6c99c08de"
age
14911
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
C9BgU7TLjr5SVFca8p5e2fHaU1KjNV7t3IkroNOm5MPOibJQWlsbDw==
date
Tue, 05 Nov 2024 20:19:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-14.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-14.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fcca1165027fc49a43328dbd5ad4ea9ea3af178ee6db5a4495c4c53930fe465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
45yXLkLvnFygyf3_wtovjDjpB6dyv2HZ
etag
W/"3526a1511d2faf7b7abd154783116122"
age
95686
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9OrDMHvdaE8_c6Lftnud9X9HZnjprj0ExjLT5T0cr31yxyUnMYugcA==
date
Mon, 04 Nov 2024 21:53:44 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-25.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-25.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
CofTHReRRJivfI6PG3BdkxXq5PXH_u.j
etag
W/"7269c08e1b4f298a5d05a8298fc0527f"
age
95948
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
X3HWDPoiIbmf1WY44F1ie2-g68VrDM-PhYOpFlJNxoGnjT7nO0H-Og==
date
Mon, 04 Nov 2024 21:49:22 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-29.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-29.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a6a0a952cf01f48f3c35848f10c2a569298a2895ce28d255b547a74095327df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
AAQbDTSOiD8sHuvzeKsapXbknggK4xbY
etag
W/"c6fd4dd2bf0c30f57d7ef8a18eda07d0"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
VUNG7xDm3U_m8pf3Y7RRx7v3NIKHzaAjtxE1AQP0lHAs0fhI0wlZxA==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-33.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-33.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
715a4065bc70d8a3942dfaf516869dad6ea9af4e97f75ca9a8ba61c75eaa981d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
23pxOvF0lCJ7S0SZyS3TcI2xFVmm2VKt
etag
W/"beac1f0c75f18b90e0df69350ba82cbd"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mIbrhvWzXYpTeG_QSjFxxS-H2dNdGCEWn6NTu2tj8tmDCFv7PT18Rw==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-30.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		1 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-30.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97eb2892ffc6f78cc60c6a925e4d95d37293e435d9658083de011cf4eccef73d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
d7N5AiIHVvW86gZyQqCjtJD3jvKxPq3Q
etag
W/"2e84853f4cc77a1bd58a718d10a3a010"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
E5o5xcRRTW3irprCBY3k2OGKj_1VCuUXScFhpBl2jN4utXp8TshKew==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-0.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-0.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d2334faa6734c7aa760866e2b9645dc3c5bfb43b95c3d8185bb2c1b8e507d49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
Zm1sdGxSHIcVubu5aWhTjzOv9IITl4Pk
etag
W/"78d457d0868272a1dbc5b99eccdac22c"
age
109340
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
DI5L92BlrYKeRh4PDxgn1vVgdgtn3i7bV1tpsXPizb6ij9toPkMu2Q==
date
Mon, 04 Nov 2024 18:06:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-28.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-28.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08fad2f6ac28fc8c6b5c0270d4c5788c6f47be7ea96c2df3ffbb078cbd0674cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
2iAPtfzXjZG5DRvBVOz.Ouw0l_1s0Fb_
etag
W/"edf9c6dda2d7cf28b1b6bafc7d2658a9"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
FCwcYYVrGIpsVtZIxq9youW4AeM1kFYu86PuaODVI4iBnRfHC0TDvQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-32.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-32.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e7ccecd38d00a62648104070bdc22f2c678664cd51f158ec91f04bd0094f2c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
uQ_5NyxsRFETjhWXQDpv21aK8MFT_Z7t
etag
W/"65e10c152b29a8cec69ecc6ff3762e79"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
MOTWBpTSBRQJz4UNyqnqvdG9Nb53sjwBvYDZJufcd7g2rbV1_o-U6Q==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-15.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-15.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ff488834427fca391066df8917d7145632ad1bb2ef1efd15bf29e6324769149

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
k3PKZaJ9LPnymmuYauQTFShlFLok0AHk
etag
W/"b97bb6c6c811d930ee6943a54d3d029b"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
OxeYCoOwl1Fo3XEZBygfAl1awhQzQOeotS-3sVkfHq0O43FQ59SQEg==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-5.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-5.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43885df186821ae37f73f89530e214c2676b60346306f428c003c7a5dcbf67a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
XE53vsyKgckjyL26VxNL5QBjwwB3kVWr
etag
W/"b5a8cb6d7717c6b6e7c15839baf40ff1"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3ifn3FUmJ8UYqPsuL-NTsnHaxrTr27umQn0ZpInmlWJQjlAnhAEJTg==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-6.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-6.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e5d90d835eb1838b1996ef177524fed9d25a8a53ff94137fc64444f7af84bd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
sTgLEfkx0xyUvoASGyeeLGGdlvOdnlYM
etag
W/"a1a287fdd400a8b8f1343c76a9ed6aa0"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
CxeyMQ2Nb7b0_H8Q6xbzMQrmu4VHt4_1FpGMFyDVDR1bNitooALzYQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
ceres-client-37.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-37.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
969ff806f42e5d8523f27303c38c984c14984d14042036f6689d1638455ab541

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
vIYiGliXHjcyVkQ3rayJk_kEOoQy0DXk
etag
W/"af0daeb8c6fda22897c8026fa8ce7ad7"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
vbgU9t0qEstXzg1op-H3rLbV9KuIZCkLMexNn9a4YVPYDvs2SHRkHQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdgnAImAAAAADWu5FrFKiqqx5akIMzq5fafJ_Dl
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
c2fe8d95041e69a4a59cd9d868c5d3cb6d6a1bc8c210680e7b29185358c5f09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 00:28:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 06 Nov 2024 00:28:29 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
smartPaymentScript.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f1cca3ef586050e7ad0bf5909a8050854ae3e38fdd261d08ba67d2cf229d836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://www.mt-lesershop.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
.Q1t4jpAj7.OtpiY0LrUtE3xwt9DVWb7
etag
W/"ac15a27c3d150589522042d01b814d6b"
age
15917
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
idPUpnSB30BtXjsWBGMPE8WYEHbW_V-DFzwze2P2mPOSB80iGvpKCg==
date
Tue, 05 Nov 2024 20:03:13 GMT
content-type
text/javascript; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
cache-control
max-age=604800
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.mt-lesershop.de/rest/io/session/ 		682 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/rest/io/session/?lastSeenVariationId=8930&initialRestCall=true&templateType=item&_=1730852908832
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5f2cf70d6851958c7c55e221d583b5460d7e58b6c0f2a6b9e44e025da375ddfa

Request headers

Referer
https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
X-Requested-With
XMLHttpRequest
Accept-Language
de
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-session-expiration
3600
date
Wed, 06 Nov 2024 00:28:29 GMT
x-plenty-key
c250e002c4d4e3d125e9f99560848de44ee94c70
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
lightbox.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/lightbox.min.js
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-32.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c3000fc761e6bb8b60bf559c19ee4c349934d40280d5ba9f6c309f4a95585bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
8KH93CXj4n4baT1zFr2_wiLtA1leycv_
etag
W/"8b3f0cd675aa4d294ebae0315f99cff2"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
5GyEKzfeyMQp9pBWHrdSCP5UqbUxh-FhtaHqxAfeSbq8RDGC7qSW3g==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
truncated
/ 		304 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae69d9b1d3723dd6543c2629bf4cdd2b7e5610614ae6ed1f9ce3d931c854bf68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/avif
paypal-js.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/paypal-js.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7351e0bd094f8aeaf9b1269655280239847b3f6401e7c57a57658eab7d66fcb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
OnyUU1lK4Tq.OfmFynegrYs4qHXPWPRa
etag
W/"4be2a2108b7b7081fe9fd25de8bb4cb8"
age
303
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
nZCviL3H-CnqWo7PccqjJxeo8xWKdufEtLdrr8ku_hgEpBWDA9YXYw==
date
Wed, 06 Nov 2024 00:23:27 GMT
content-type
text/javascript; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
cache-control
max-age=604800
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
71307-Familienkalender-Schuettel-den-Apfelbaum-2025-01.jpg.avif
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047630/full/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047630/full/71307-Familienkalender-Schuettel-den-Apfelbaum-2025-01.jpg.avif
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eb713bdc506bd2f95c201bf7ad0f99194a892a28cab7b5c1b28594c9ca6a86c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

x-amz-version-id
ghxqkhj2emaDCks1NC3YgagpLZZa_SPg
etag
"92772a7db136184bd4c2027aab12df7f"
age
4614271
x-amz-meta-size
96518
x-cache
Hit from cloudfront
x-amz-cf-id
74cwHxQ7nmfgI4bRCSx-9nKfGJlrciRwQJYado0H1XkI61HQIxfZig==
date
Fri, 13 Sep 2024 14:43:59 GMT
content-type
image/avif
last-modified
Fri, 13 Sep 2024 13:27:16 GMT
x-amz-expiration
expiry-date="Sun, 15 Sep 2024 00:00:00 GMT", rule-id="Delete Resized Images (CloudFront)"
x-amz-meta-height
1200
cache-control
max-age=10368000
x-amz-meta-md5hash
92772a7db136184bd4c2027aab12df7f
x-amz-meta-width
1200
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
content-length
96518
x-amz-meta-dirversion
-DIR-VERSION-
x-amz-cf-pop
FRA56-P5
server
AmazonS3
71307-Familienkalender-Schuettel-den-Apfelbaum-2025-01.jpg.avif
cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047630/preview/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/item/images/1047630/preview/71307-Familienkalender-Schuettel-den-Apfelbaum-2025-01.jpg.avif
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
874067ce85b55e49c855c51e87278d78bb7a81f081a7c53e6aee2fafe405f4ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

x-amz-version-id
5Nnu1xgQb4fNikf9Gl4BehN16HaXW7Jz
etag
"8f2e9c591985b4de6a3fbe049e50f0f7"
age
359443
x-amz-meta-size
2494
x-cache
Hit from cloudfront
x-amz-cf-id
HT11LHbgkdmIRoN2izTLqBeBaPaYHDrErhqVKYX8_yagtv_t2pusNw==
date
Fri, 01 Nov 2024 20:37:47 GMT
content-type
image/avif
last-modified
Fri, 01 Nov 2024 15:28:58 GMT
x-amz-expiration
expiry-date="Sun, 03 Nov 2024 00:00:00 GMT", rule-id="Delete Resized Images (CloudFront)"
x-amz-meta-height
150
cache-control
max-age=10368000
x-amz-meta-md5hash
8f2e9c591985b4de6a3fbe049e50f0f7
x-amz-meta-width
150
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
content-length
2494
x-amz-meta-dirversion
-DIR-VERSION-
x-amz-cf-pop
FRA56-P5
server
AmazonS3
prev.png
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/prev.png
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6

Response headers

cache-control
max-age=604800
x-amz-version-id
YTm7_jlfIKLkAK9HDi8oIHij.owtK74K
etag
"84b76dee6b27b795e89e3649078a11c2"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1360
x-amz-cf-id
hzhwsJD19aCUu2x7uINPZdTBNpeQysGb43egzk8RD3Sria-Dr6anMA==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
image/png
last-modified
Mon, 07 Oct 2024 09:33:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
next.png
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/next.png
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6

Response headers

cache-control
max-age=604800
x-amz-version-id
TQqlXccrnVKHoZXv7on9VhzA3tKcoQBf
etag
"31f15875975aab69085470aabbfec802"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1350
x-amz-cf-id
pmZ7nhNZt0FcDXGSDHXCBs4nKrc8xVDJBINZW8JJEeaXac_huaOhsQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
image/png
last-modified
Mon, 07 Oct 2024 09:33:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
loading.gif
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/loading.gif
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6

Response headers

cache-control
max-age=604800
x-amz-version-id
3FZ84wdlzb78lfFaagqi1TMhiNPfW1NE
etag
"2299ad0b3f63413f026dfec20c205b8f"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8476
x-amz-cf-id
3hvZIB4GozA1v3rqYgrVZFlkcHeS4I8IF5XBBRQkIZdVct7ylW5veQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
image/gif
last-modified
Mon, 07 Oct 2024 09:33:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
close.png
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/ 		280 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/images/close.png
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-base.css?v=840d88ff40a5198ba8525ff01528921993c26af6

Response headers

cache-control
max-age=604800
x-amz-version-id
Uld9GDeigOBoGWCJ03penVG6rdPSpnrf
etag
"d9d2d0b1308cb694aa8116915592e2a9"
age
103176
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
280
x-amz-cf-id
yaY9SNn_o5C2bVX6yEUu1HH5R2-hKzaiX1DivLFKJz4nXdu1ZzNPbQ==
date
Mon, 04 Nov 2024 19:48:54 GMT
content-type
image/png
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		547 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdgnAImAAAAADWu5FrFKiqqx5akIMzq5fafJ_Dl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
gzip
age
29831
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 16:11:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:11:19 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		272 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5HG9WBXM83&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
34e7afb3885eb132d136629649de50b04541c2afaef9e244790e62ee952b72a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 00:28:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 00:28:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97357
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
gzip
age
3501
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 01:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 23:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.paypal.com/sdk/ 		539 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/paypal-js.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93d898a08b29018d455b397517d4612c42bb18509b528a647aa90f7a9c6f7300
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NkuyT+qGhUUrZMCKZnmKjWVcf16DiMgRaPY4KoHgoYRvJSPa' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NkuyT+qGhUUrZMCKZnmKjWVcf16DiMgRaPY4KoHgoYRvJSPa' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f398786fe075e
content-encoding
gzip
etag
W/"253f0-ciVIPeoJOVsREM95pFoR4xjLp+Y"
age
1953
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f398786fe075e-1c91d2ee4fe6b3c6-01
server-timing
"traceparent;desc="00-0000000000000000000f398786fe075e-ad41342d71f95e56-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Wed, 06 Nov 2024 00:28:30 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NkuyT+qGhUUrZMCKZnmKjWVcf16DiMgRaPY4KoHgoYRvJSPa' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NkuyT+qGhUUrZMCKZnmKjWVcf16DiMgRaPY4KoHgoYRvJSPa' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730852911.575696,VS0,VE4
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
152560
x-xss-protection
1; mode=block
local
www.paypal.com/credit-presentment/experiments/ Frame 626C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_jvwazryeqchtqkkkmclvmqbpyimehj&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&env=production&scriptUID=uid_jvwazryeqchtqkkkmclvmqbpyimehj&version=1.64.12&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
82786
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1524
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
f53690412238c
date
Wed, 06 Nov 2024 00:28:30 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-0+kG1+YP4rIoiUQr0Qj3wyZrsr8"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f53690412238c
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f53690412238c-7113f407e9178619-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f53690412238c-83f0083cea69f957-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
35672, 0
x-served-by
cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
x-timer
S1730852911.971726,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.mt-lesershop.de&t=xo&v=5.0.463&source=payments_sdk&mrid=JECSYYBQJZPNC&client_id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&comp=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-b1e3Nj9oIEBCurWWlVOl6slwjL6uydrpi9O0/lDk780qww85' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

paypal-debug-id
f237965386dd7
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
454
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f237965386dd7-5dac9b3b16e3e8ab-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Wed, 06 Nov 2024 00:28:30 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-eddf8230110-FRA, cache-fra-eddf8230110-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-b1e3Nj9oIEBCurWWlVOl6slwjL6uydrpi9O0/lDk780qww85' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730852911.896377,VS0,VE5
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
/
www.mt-lesershop.de/rest/payment/payPal/smart_payment/handle_founding_sources/ 		2 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/rest/payment/payPal/smart_payment/handle_founding_sources/
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-session-expiration
1730856509
date
Wed, 06 Nov 2024 00:28:31 GMT
content-type
application/json
vary
Accept-Encoding
ts
t.paypal.com/ 		42 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Familienkalender%20Sch%C3%BCttel%20den%20Apfelbaum%202025%20%7C%20MindenerTageblatt&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730852911041&g=-60&completeurl=https%3A%2F%2Fwww.mt-lesershop.de%2Fkalender%2Ffamilienkalender-schuettel-den-apfelbaum-2025_1047630_8930%2F&ru=https%3A%2F%2Fwww.mt-lesershop.de%2Fkalender%2Ffamilienkalender-schuettel-den-apfelbaum-2025_1047630_8930%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
4c3e74d80f246
correlation-id
4c3e74d80f246
expires
Wed, 06 Nov 2024 00:28:31 GMT
traceparent
00-00000000000000000004c3e74d80f246-0e072afd69506a8c-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-00000000000000000004c3e74d80f246-ddcea760a41e7d0c-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Wed, 06 Nov 2024 00:28:31 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230021-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730852912.568703,VS0,VE144
via
1.1 varnish
accept-ranges
bytes
buttons
www.paypal.com/smart/ Frame 2B0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?onShippingChange=true&style.label=buynow&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&fundingSource=card&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_d454c309e7_mda6mjg6mze&buttonSize=large&customerId=&clientID=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&clientMetadataID=uid_71548a09b4_mda6mjg6mza&commit=true&components.0=buttons&components.1=funding-eligibility&components.2=hosted-fields&components.3=marks&components.4=messages&components.5=payment-fields&currency=EUR&debug=false&disableSetCookie=true&enableFunding.0=paylater&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmFyaWFudCI6IkRFIn19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6ZmFsc2UsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=de&locale.country=DE&merchantID.0=JECSYYBQJZPNC&hasShippingCallback=true&platform=desktop&renderedButtons.0=card&sessionID=uid_71548a09b4_mda6mjg6mza&sdkCorrelationID=f357733b28ac8&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&sdkVersion=5.0.463&storageID=uid_fdc84c5d10_mda6mjg6mza&supportedNativeBrowser=false&supportsPopups=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 00:28:31 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"79f94-GGQaE668Rh2BTcbnrmucWCv+5xk"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f8672084bbc5a
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f8672084bbc5a-2bd7f9885b629d8c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8672084bbc5a-8501bfa275e3a94e-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
x-timer
S1730852912.567904,VS0,VE403
x-xss-protection
1; mode=block
buttons
www.paypal.com/smart/ Frame 609C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?onShippingChange=true&style.label=buynow&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&fundingSource=paypal&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_2f2bd588f0_mda6mjg6mze&buttonSize=large&customerId=&clientID=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&clientMetadataID=uid_71548a09b4_mda6mjg6mza&commit=true&components.0=buttons&components.1=funding-eligibility&components.2=hosted-fields&components.3=marks&components.4=messages&components.5=payment-fields&currency=EUR&debug=false&disableSetCookie=true&enableFunding.0=paylater&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmFyaWFudCI6IkRFIn19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6ZmFsc2UsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=de&locale.country=DE&merchantID.0=JECSYYBQJZPNC&hasShippingCallback=true&platform=desktop&renderedButtons.0=paypal&sessionID=uid_71548a09b4_mda6mjg6mza&sdkCorrelationID=f357733b28ac8&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfanZ3YXpyeWVxY2h0cWtra21jbHZtcWJweWltZWhqIn19&sdkVersion=5.0.463&storageID=uid_fdc84c5d10_mda6mjg6mza&supportedNativeBrowser=false&supportsPopups=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 00:28:32 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"7a92d-afeTcXDST8gqcCATAYFOeCSO2Vw"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f86720817060d
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f86720817060d-a22bf1eed5844eb4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f86720817060d-86b81ede231b0a05-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA
x-timer
S1730852912.665097,VS0,VE420
x-xss-protection
1; mode=block
card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 3B4A 		1 KB
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA3) /
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id
9919b84483bcb
content-encoding
br
etag
W/"642c9aab-54e"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 01:28:31 GMT
traceparent
00-00000000000000000009919b84483bcb-5c96c007225a90ba-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 06 Nov 2024 00:28:31 GMT
content-type
image/svg+xml
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
638
server
ECAcc (frc/4CA3)
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 66E7 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/kalender/familienkalender-schuettel-den-apfelbaum-2025_1047630_8930/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id
e0953c7feefe8
content-encoding
br
etag
W/"642c9aab-cc2"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 01:28:31 GMT
traceparent
00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 06 Nov 2024 00:28:31 GMT
content-type
image/svg+xml
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
1246
server
ECAcc (frc/4CBA)
anchor
www.google.com/recaptcha/api2/ Frame 4736 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgnAImAAAAADWu5FrFKiqqx5akIMzq5fafJ_Dl&co=aHR0cHM6Ly93d3cubXQtbGVzZXJzaG9wLmRlOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=ph1qouw8tdro
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6kxUtrAusl-JQSJhRRT9DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6kxUtrAusl-JQSJhRRT9DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 00:28:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
Minden_Favicon.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-36.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"ea09612b79c69de2d9e6356859564a08"
x-amz-version-id
AMW.fpsfFGkTyYpzvA8SOPY8TaKvT7Sj
age
27419
expires
Sat, 23 Jul 2022 10:34:21 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
oEn55udaavblJbXSCOF_DhcWNHipsGMSz0cltWXTJFSi2D6mpKTh5g==
date
Tue, 05 Nov 2024 16:51:35 GMT
content-type
image/png
last-modified
Thu, 21 Jul 2022 10:34:22 GMT
x-amz-meta-height
192
cache-control
max-age=172800
x-amz-meta-width
192
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10126
x-amz-cf-pop
FRA56-P5
server
AmazonS3
logger
www.paypal.com/xoplatform/logger/api/ 		976 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d60d146d1c55abc9c91dac8fc81ef6de28916bd479ed057fd6caca4568aaa1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mt-lesershop.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f939148e57206
content-encoding
br
etag
W/"3d0-wQZNpov0V4VjDxrecVP2HXinGwA"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f939148e57206-835dde2a47e358f9-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Wed, 06 Nov 2024 00:28:34 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730852914.394822,VS0,VE174
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.mt-lesershop.de
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mt-lesershop.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.mt-lesershop.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 06 Nov 2024 00:28:34 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f9391480750af
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f9391480750af-8855cfe1da5ac5ec-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
x-timer
S1730852914.981706,VS0,VE165

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ConsentManager function| loadCSS function| gtag object| dataLayer object| __INITIAL_STATE__ object| App function| __loadPluginChunk object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| createApp function| Vue object| Vuex object| NotificationService function| ceresTranslate object| vueEventHub object| ceresStore function| loadCashInAdvanceModal object| vueApp object| script object| lightbox object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| paypalLoadCustomScript function| paypalLoadScript function| resolveAfterItemAddedToBasket function| renderPayPalButtons function| renderSmartPaymentButton function| renderButton function| showCheckoutButton function| renderReinitSmartButton function| renderReinitButton function| checkFoundingSources function| paypalValidateCheckout function| initCreditCardFields function| confirmCancel function| openLoadingScreen function| closeLoadingScreen object| gaGlobal object| __post_robot_11_0_0___uid_jvwazryeqchtqkkkmclvmqbpyimehj object| paypal_plenty_sdk object| __zoid_10_3_3___uid_jvwazryeqchtqkkkmclvmqbpyimehj object| paypalDDL object| gaplugins object| gaData object| recaptcha object| closure_lm_517543

1 Cookies

Domain/Path Name / Value
.mt-lesershop.de/ Name: plentyID35
Value: eyJpdiI6IkFDWlJHNVFhcmhtQzlvYVY3RTF6R3c9PSIsInZhbHVlIjoiNlhjZVk5dTRQRThhTkduT1JQdzB0QW82SzNIOVN4SFVKYjE3M1FIenB2VTlrUFA5d3RxcXFIOVZqc2YzU09sQyIsIm1hYyI6IjkyYzk4NmVhMzgyZDMyNjkyZmExMjc2ZjNhNmY3NTVkODBiN2VjYTExYWZkYjU3MGRmMGExNTIyNTRjZjJjZjAiLCJ0YWciOiIifQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn02.plentymarkets.com
mt-lesershop.de
t.paypal.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mt-lesershop.de
www.paypal.com
www.paypalobjects.com
142.250.184.200
142.250.185.78
142.250.186.100
151.101.1.21
151.101.67.1
18.66.112.36
192.229.221.25
216.58.206.67
3.74.209.140
3.77.17.165
08fad2f6ac28fc8c6b5c0270d4c5788c6f47be7ea96c2df3ffbb078cbd0674cb
0a6a0a952cf01f48f3c35848f10c2a569298a2895ce28d255b547a74095327df
0eb713bdc506bd2f95c201bf7ad0f99194a892a28cab7b5c1b28594c9ca6a86c
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1e5d90d835eb1838b1996ef177524fed9d25a8a53ff94137fc64444f7af84bd5
1fcca1165027fc49a43328dbd5ad4ea9ea3af178ee6db5a4495c4c53930fe465
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34e7afb3885eb132d136629649de50b04541c2afaef9e244790e62ee952b72a4
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
43885df186821ae37f73f89530e214c2676b60346306f428c003c7a5dcbf67a2
4c3000fc761e6bb8b60bf559c19ee4c349934d40280d5ba9f6c309f4a95585bb
4d60d146d1c55abc9c91dac8fc81ef6de28916bd479ed057fd6caca4568aaa1a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5d2334faa6734c7aa760866e2b9645dc3c5bfb43b95c3d8185bb2c1b8e507d49
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5f1cca3ef586050e7ad0bf5909a8050854ae3e38fdd261d08ba67d2cf229d836
5f2cf70d6851958c7c55e221d583b5460d7e58b6c0f2a6b9e44e025da375ddfa
65d1f8e78a45668c18f39dec1570bef5950f7b60caf34cf9c1952f334d2b5bfc
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ff488834427fca391066df8917d7145632ad1bb2ef1efd15bf29e6324769149
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f
715a4065bc70d8a3942dfaf516869dad6ea9af4e97f75ca9a8ba61c75eaa981d
7351e0bd094f8aeaf9b1269655280239847b3f6401e7c57a57658eab7d66fcb4
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
874067ce85b55e49c855c51e87278d78bb7a81f081a7c53e6aee2fafe405f4ee
9081f67a818e50650ea867528dbec60cf2790ba625ab34ae40482ac33332dc98
93d898a08b29018d455b397517d4612c42bb18509b528a647aa90f7a9c6f7300
969ff806f42e5d8523f27303c38c984c14984d14042036f6689d1638455ab541
97eb2892ffc6f78cc60c6a925e4d95d37293e435d9658083de011cf4eccef73d
9e7ccecd38d00a62648104070bdc22f2c678664cd51f158ec91f04bd0094f2c4
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614
ae69d9b1d3723dd6543c2629bf4cdd2b7e5610614ae6ed1f9ce3d931c854bf68
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469
c2fe8d95041e69a4a59cd9d868c5d3cb6d6a1bc8c210680e7b29185358c5f09c
dab8dcd5022184ca6d9d9c7f8bd31442a7317bcd094221ebc3be84ac8d434a7a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ef003ac1cc4651dd5c3151579fd63b0443ff9f9d0d9489818c9bb0717fbf653c
f6b58d8c1d9af67de8986318fa02a7d162c0181e5f0d7de97f2bc73b47d63e97
f839c5029bf1abae7d185a9c89324d7ca57657b8f4a92d73a3aa1e257673cfa0
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee