urlscan.io logo urlscan.io
SecurityTrails logo

shop.be-esy.de Open in urlscan Pro
185.181.132.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://shop.be-esy.de/
Submission: On July 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 185.181.132.95, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is shop.be-esy.de.
TLS certificate: Issued by R10 on July 16th 2024. Valid for: 3 months.
This is the only time shop.be-esy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 185.181.132.95 15817 (MITTWALD-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.65.21 54113 (FASTLY)
1 151.101.1.21 54113 (FASTLY)
1 151.101.131.1 54113 (FASTLY)
24 6
15    185.181.132.95 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)
shop.be-esy.de
www.dr-heilbronner.de
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
9 dr-heilbronner.de
www.dr-heilbronner.de
757 KB
6 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
130 KB
6 be-esy.de
shop.be-esy.de
1 MB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
988 B
1 gstatic.com
www.gstatic.com
213 KB
24 5
Domain Requested by
9 www.dr-heilbronner.de shop.be-esy.de
6 shop.be-esy.de shop.be-esy.de
5 www.paypal.com shop.be-esy.de
www.paypal.com
2 www.google.com shop.be-esy.de
www.gstatic.com
1 t.paypal.com shop.be-esy.de
1 www.gstatic.com www.google.com
24 6

This site contains links to these domains. Also see Links.

Domain
be-esy.de
policies.google.com
Subject Issuer Validity Valid
shop.be-esy.de
R10		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
www.dr-heilbronner.de
R10		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://shop.be-esy.de/
Frame ID: 59434CE1349EB9018B1E3EDA25ADCB49
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrAN0eAAAAAMfV-3qUvjGseg4cn8UqeJS5BiMt&co=aHR0cHM6Ly9zaG9wLmJlLWVzeS5kZTo0NDM.&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=vs13pyh5gzhl
Frame ID: 704C8375B7154BEDA6A80361EE4E4605
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_omiqwiqzdkedxvfiscicadnssisvro&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsY2FyZC1maWVsZHMsZnVuZGluZy1lbGlnaWJpbGl0eSxhcHBsZXBheSxnb29nbGVwYXkmY2xpZW50LWlkPUFlWWo0dHFpTUNvc0NnQURxS1EzajFqS0VzRWZobmtkY0xMMlFEX0J1cTdURXhtVy1ncElncjRvVS1tb0RlQ3R0b1pRMXU1RFBqdjVBOUtBJmNvbW1pdD10cnVlJmxvY2FsZT1kZV9ERSZjdXJyZW5jeT1FVVImaW50ZW50PWNhcHR1cmUmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIsdmVubW8mbWVyY2hhbnQtaWQ9WlJaN05UWThIQktWUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29taXF3aXF6ZGtlZHh2ZmlzY2ljYWRuc3Npc3ZybyJ9fQ&env=production&scriptUID=uid_omiqwiqzdkedxvfiscicadnssisvro&version=1.64.8&integrationType=SDK
Frame ID: 2A6EEB0F8CB74DB3482D894D780E3CDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

be-esy | Entdecke die Freiheit der Bewegung

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2250 kB
Transfer

2968 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shop.be-esy.de/ 		85 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
34b4c575c6a072933cbd4a510147e71a30cdcf46176654fff07847632686bb6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.paypal.com
age
0
cache-control
no-cache, private
content-encoding
gzip
content-length
13457
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 00:43:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
all.css
shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/css/ 		423 KB
423 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/css/all.css?1721197680
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
ea4842bf74e47f32883e6ef80f5f170c734ac19743434b688b171f849cbbbad8

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Wed, 17 Jul 2024 06:28:00 GMT
server
Apache
etag
"69bf5-61d6b90590f59"
content-type
text/css
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
433141
api.js
www.google.com/recaptcha/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfrAN0eAAAAAMfV-3qUvjGseg4cn8UqeJS5BiMt
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3d1f3bc27a6189e22e062dde029b256b2b29f11babd92e54f56c1935ce5a4a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 27 Jul 2024 00:43:22 GMT
all.js
shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/ 		712 KB
712 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/all.js?1721197680
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
5ce1c1bbc26e1062f3923ba2a3240d8a9c26dfa87f34b1eccffdbcee3b2fa25f

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Wed, 17 Jul 2024 06:28:00 GMT
server
Apache
etag
"b1ec3-61d6b90591ef9"
content-type
application/javascript
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
728771
be-esy-2024-white.svg
www.dr-heilbronner.de/media/d6/dd/a5/1710246419/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/media/d6/dd/a5/1710246419/be-esy-2024-white.svg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
189f3eb68ceb975dd5b6d64da82de05ec15c1ba3fabb1c01997d08437e9ca353
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Fri, 24 May 2024 10:26:49 GMT
server
Apache
etag
"ce7-619309af82470"
content-type
image/svg+xml
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3303
be-esy-Happy-Sailing-Yachting-modified%20%281%29_1920x1920.jpg
www.dr-heilbronner.de/thumbnail/c7/2e/13/1721370642/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/thumbnail/c7/2e/13/1721370642/be-esy-Happy-Sailing-Yachting-modified%20%281%29_1920x1920.jpg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
fd8e134414f160c4606c9658df9c03cdbff4608a18c272a0bfe211f647f4b6a4

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Fri, 19 Jul 2024 06:30:42 GMT
server
Apache
etag
"28685-61d93d5b1fd8d"
content-type
image/jpeg
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
165509
zahlungsarten_Paypal_Vorauskasse_RZ.png
www.dr-heilbronner.de/media/ac/b7/48/1633515798/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/media/ac/b7/48/1633515798/zahlungsarten_Paypal_Vorauskasse_RZ.png
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
c3a4fb34fa0d01f812961cb2e5d5783a40d95be0ebeaf2045a1d01f19747c419

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Wed, 06 Oct 2021 10:23:18 GMT
server
Apache
etag
"39bf-5cdac88dff180"
content-type
image/png
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
14783
swag_paypal_sepa.svg
www.dr-heilbronner.de/media/ae/49/6c/1650971323/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/media/ae/49/6c/1650971323/swag_paypal_sepa.svg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
797464c1347d77d0d387cf7fb76c966bb93ef9587a777b9df262cdbe4279b5b0
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Tue, 26 Apr 2022 11:08:43 GMT
server
Apache
etag
"dbc-5dd8cb74c29e3"
content-type
image/svg+xml
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3516
swag_paypal_apm_giropay.svg
www.dr-heilbronner.de/media/bd/84/75/1650971324/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/media/bd/84/75/1650971324/swag_paypal_apm_giropay.svg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
2fd72fbdfe0fea8939cd95b9729e55cbda355868be222125345e623b3b3c1c63
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Tue, 26 Apr 2022 11:08:44 GMT
server
Apache
etag
"1b72-5dd8cb74f6607"
content-type
image/svg+xml
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
7026
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 		533 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfrAN0eAAAAAMfV-3qUvjGseg4cn8UqeJS5BiMt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.be-esy.de/
Origin
https://shop.be-esy.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 20:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216982
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Jul 2025 20:58:59 GMT
IMG_9286_800x800.JPG
www.dr-heilbronner.de/thumbnail/1c/9b/28/1721113483/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/thumbnail/1c/9b/28/1721113483/IMG_9286_800x800.JPG
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
ec0895d170feadf69919229fdae587c63ffea8d95ccef9f2cd07af3c713fed64

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Tue, 16 Jul 2024 07:04:44 GMT
server
Apache
etag
"24952-61d57f5d8a339"
content-type
image/jpeg
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
149842
front-view-sunglasses-beach-sand-scaled_800x800.jpg
www.dr-heilbronner.de/thumbnail/bd/9a/b6/1721113216/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/thumbnail/bd/9a/b6/1721113216/front-view-sunglasses-beach-sand-scaled_800x800.jpg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
6d95aedc1cc4d459686b9c262fd7fe97fa5b945435aa18a94d53e82b145149ca

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Tue, 16 Jul 2024 07:00:20 GMT
server
Apache
etag
"38968-61d57e6231e5c"
content-type
image/jpeg
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
231784
2150760079_800x800.jpg
www.dr-heilbronner.de/thumbnail/c6/cf/30/1721113225/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dr-heilbronner.de/thumbnail/c6/cf/30/1721113225/2150760079_800x800.jpg
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
d00a5062635a9cfe60a9af1ee775a406979c71730ce164b77f2fc5d145b16321

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:43:22 GMT
last-modified
Tue, 16 Jul 2024 07:00:25 GMT
server
Apache
etag
"2f767-61d57e670f0b5"
content-type
image/jpeg
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
194407
anchor
www.google.com/recaptcha/api2/ Frame 704C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrAN0eAAAAAMfV-3qUvjGseg4cn8UqeJS5BiMt&co=aHR0cHM6Ly9zaG9wLmJlLWVzeS5kZTo0NDM.&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=vs13pyh5gzhl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nmntkeuXcINfb12EoNvReQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shop.be-esy.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nmntkeuXcINfb12EoNvReQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jul 2024 00:43:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
info
shop.be-esy.de/widgets/checkout/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/widgets/checkout/info
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/all.js?1721197680
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://shop.be-esy.de/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 27 Jul 2024 00:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
deny
access-control-allow-origin
https://www.paypal.com
cache-control
no-cache, private
access-control-allow-credentials
true
expires
Sat, 27 Jul 2024 00:43:23 GMT
js
www.paypal.com/sdk/ 		446 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,messages,card-fields,funding-eligibility,applepay,googlepay&client-id=AeYj4tqiMCosCgADqKQ3j1jKEsEfhnkdcLL2QD_Buq7TExmW-gpIgr4oU-moDeCttoZQ1u5DPjv5A9KA&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=ZRZ7NTY8HBKVS
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/all.js?1721197680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8adf33b8c89df66da150967aa2d882f747e63dc37e476e7eb1383d512c196ec4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-hU6dQwo0kNtWe4ZGyTD5rwEPq4XVoxlhplHwJDS5+16UkY8x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-hU6dQwo0kNtWe4ZGyTD5rwEPq4XVoxlhplHwJDS5+16UkY8x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-hU6dQwo0kNtWe4ZGyTD5rwEPq4XVoxlhplHwJDS5+16UkY8x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-hU6dQwo0kNtWe4ZGyTD5rwEPq4XVoxlhplHwJDS5+16UkY8x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 27 Jul 2024 00:43:23 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f426262cb7249
server-timing
"traceparent;desc="00-0000000000000000000f426262cb7249-97a4a7f5473d2f85-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
125072
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f426262cb7249-3f9be2470c2d3cfb-01
x-timer
S1722041003.957975,VS0,VE746
etag
W/"1e890-x0LxlMoUJIleHfVvqtAVWv/i5cg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
Navigation;20d3089230ba42a599ab7c0cc27d45d1;1;1
shop.be-esy.de/widgets/cbax/analytics/visitors/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/widgets/cbax/analytics/visitors/Navigation;20d3089230ba42a599ab7c0cc27d45d1;1;1
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/all.js?1721197680
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://shop.be-esy.de/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 27 Jul 2024 00:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
deny
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.paypal.com
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
0
expires
Sat, 27 Jul 2024 00:43:23 GMT
local
www.paypal.com/credit-presentment/experiments/ Frame 2A6E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_omiqwiqzdkedxvfiscicadnssisvro&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsY2FyZC1maWVsZHMsZnVuZGluZy1lbGlnaWJpbGl0eSxhcHBsZXBheSxnb29nbGVwYXkmY2xpZW50LWlkPUFlWWo0dHFpTUNvc0NnQURxS1EzajFqS0VzRWZobmtkY0xMMlFEX0J1cTdURXhtVy1ncElncjRvVS1tb0RlQ3R0b1pRMXU1RFBqdjVBOUtBJmNvbW1pdD10cnVlJmxvY2FsZT1kZV9ERSZjdXJyZW5jeT1FVVImaW50ZW50PWNhcHR1cmUmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIsdmVubW8mbWVyY2hhbnQtaWQ9WlJaN05UWThIQktWUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29taXF3aXF6ZGtlZHh2ZmlzY2ljYWRuc3Npc3ZybyJ9fQ&env=production&scriptUID=uid_omiqwiqzdkedxvfiscicadnssisvro&version=1.64.8&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,card-fields,funding-eligibility,applepay,googlepay&client-id=AeYj4tqiMCosCgADqKQ3j1jKEsEfhnkdcLL2QD_Buq7TExmW-gpIgr4oU-moDeCttoZQ1u5DPjv5A9KA&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=ZRZ7NTY8HBKVS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shop.be-esy.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
76233
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Sat, 27 Jul 2024 00:43:23 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-lalN77KrIeuXuyDJ4OPpzCt8fd0"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f605358d7bb10
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f605358d7bb10-5fa8d861f6bc3fb6-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f605358d7bb10-94e0944af07099f6-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
31152, 0
x-served-by
cache-fra-eddf8230106-FRA, cache-fra-eddf8230106-FRA
x-timer
S1722041004.796861,VS0,VE8
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=shop.be-esy.de&t=xo&v=5.0.451&source=payments_sdk&mrid=ZRZ7NTY8HBKVS&client_id=AeYj4tqiMCosCgADqKQ3j1jKEsEfhnkdcLL2QD_Buq7TExmW-gpIgr4oU-moDeCttoZQ1u5DPjv5A9KA&comp=buttons,messages,card-fields,funding-eligibility,applepay,googlepay&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,card-fields,funding-eligibility,applepay,googlepay&client-id=AeYj4tqiMCosCgADqKQ3j1jKEsEfhnkdcLL2QD_Buq7TExmW-gpIgr4oU-moDeCttoZQ1u5DPjv5A9KA&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=ZRZ7NTY8HBKVS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GjZLHy/0pt6bIlHqasFPNeSiXNvWNg0vmcwkY9uB7xIzacUv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GjZLHy/0pt6bIlHqasFPNeSiXNvWNg0vmcwkY9uB7xIzacUv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jul 2024 00:43:24 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
HIT, MISS
paypal-debug-id
f906175b2e261
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4336
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f906175b2e261-5eb71426aa10c654-01
x-timer
S1722041004.783822,VS0,VE224
etag
W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
payment-method-eligibility
shop.be-esy.de/paypal/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.be-esy.de/paypal/payment-method-eligibility
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/theme/33937abb1cbf1e78ecabdafee34eb856/js/all.js?1721197680
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://shop.be-esy.de/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 27 Jul 2024 00:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
deny
access-control-allow-origin
https://www.paypal.com
cache-control
no-cache, private
access-control-allow-credentials
true
expires
Sat, 27 Jul 2024 00:43:23 GMT
ts
t.paypal.com/ 		42 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=be-esy%20%7C%20Entdecke%20die%20Freiheit%20der%20Bewegung&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1722041004015&g=-120&completeurl=https%3A%2F%2Fshop.be-esy.de%2F&ru=https%3A%2F%2Fshop.be-esy.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: shop.be-esy.de
URL: https://shop.be-esy.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 27 Jul 2024 00:43:24 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
6c0096f7455be
server-timing
"traceparent;desc="00-00000000000000000006c0096f7455be-c3987253c9d84213-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230022-FRA
pragma
no-cache
correlation-id
6c0096f7455be
traceparent
00-00000000000000000006c0096f7455be-6f7eab5aa4b8ad63-01
x-timer
S1722041004.109144,VS0,VE143
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 00:43:24 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		979 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,card-fields,funding-eligibility,applepay,googlepay&client-id=AeYj4tqiMCosCgADqKQ3j1jKEsEfhnkdcLL2QD_Buq7TExmW-gpIgr4oU-moDeCttoZQ1u5DPjv5A9KA&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=ZRZ7NTY8HBKVS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf063d8493205b770f5ca81cf2453b686bc4b2a443aee9be85ff08909c2af47d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jul 2024 00:43:24 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f8408940a178f
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230124-FRA, cache-fra-eddf8230124-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f8408940a178f-3b4b0fd9789a08ad-01
x-timer
S1722041005.507251,VS0,VE182
etag
W/"3d3-RhfB0anbY2MYcA8Wtk4FQNNqa+4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shop.be-esy.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shop.be-esy.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://shop.be-esy.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sat, 27 Jul 2024 00:43:24 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f8961034547bd
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8961034547bd-6b49e2d017f12319-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230124-FRA, cache-fra-eddf8230124-FRA
x-timer
S1722041004.329673,VS0,VE169
be-esy-Logo-2024.svg
www.dr-heilbronner.de/media/a3/a4/c2/1710768432/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dr-heilbronner.de/media/a3/a4/c2/1710768432/be-esy-Logo-2024.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.181.132.95 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
5bec2035205e5e70b29fa3459f3f637e509a41a6695ba3dc16ec3e2f1a499478
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://shop.be-esy.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Sat, 27 Jul 2024 00:43:24 GMT
last-modified
Mon, 18 Mar 2024 13:27:12 GMT
server
Apache
etag
"d4e-613ef50b38b78"
content-type
image/svg+xml
access-control-allow-origin
https://www.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3406

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| features function| gtag object| dataLayer boolean| googleReCaptchaV3Active boolean| useDefaultCookieConsent string| activeNavigationId object| router string| salesChannelId object| breakpoints string| themeAssetsPublicPath object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_241175 object| webpackChunk function| clearImmediate function| setImmediate number| uidEvent function| PluginConfigManager function| PluginManager function| PluginBaseClass function| Hammer function| flatpickr object| eventEmitter object| bootstrap function| Feature object| utils object| lgData object| lgModules function| lightGallery object| __post_robot_11_0_0___uid_omiqwiqzdkedxvfiscicadnssisvro object| __zoid_10_3_3___uid_omiqwiqzdkedxvfiscicadnssisvro object| paypalDDL

2 Cookies

Domain/Path Name / Value
shop.be-esy.de/ Name: session-
Value: t3mqqhk5vnk6gftb8d35s4lsb9
shop.be-esy.de/ Name: timezone
Value: Europe/Berlin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

shop.be-esy.de
t.paypal.com
www.dr-heilbronner.de
www.google.com
www.gstatic.com
www.paypal.com
151.101.1.21
151.101.131.1
151.101.65.21
185.181.132.95
2a00:1450:4001:801::2003
2a00:1450:4001:810::2004
189f3eb68ceb975dd5b6d64da82de05ec15c1ba3fabb1c01997d08437e9ca353
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
2fd72fbdfe0fea8939cd95b9729e55cbda355868be222125345e623b3b3c1c63
34b4c575c6a072933cbd4a510147e71a30cdcf46176654fff07847632686bb6b
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
5bec2035205e5e70b29fa3459f3f637e509a41a6695ba3dc16ec3e2f1a499478
5ce1c1bbc26e1062f3923ba2a3240d8a9c26dfa87f34b1eccffdbcee3b2fa25f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d95aedc1cc4d459686b9c262fd7fe97fa5b945435aa18a94d53e82b145149ca
797464c1347d77d0d387cf7fb76c966bb93ef9587a777b9df262cdbe4279b5b0
8adf33b8c89df66da150967aa2d882f747e63dc37e476e7eb1383d512c196ec4
b3d1f3bc27a6189e22e062dde029b256b2b29f11babd92e54f56c1935ce5a4a6
bf063d8493205b770f5ca81cf2453b686bc4b2a443aee9be85ff08909c2af47d
c3a4fb34fa0d01f812961cb2e5d5783a40d95be0ebeaf2045a1d01f19747c419
d00a5062635a9cfe60a9af1ee775a406979c71730ce164b77f2fc5d145b16321
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4842bf74e47f32883e6ef80f5f170c734ac19743434b688b171f849cbbbad8
ec0895d170feadf69919229fdae587c63ffea8d95ccef9f2cd07af3c713fed64
fd8e134414f160c4606c9658df9c03cdbff4608a18c272a0bfe211f647f4b6a4