urlscan.io logo urlscan.io
SecurityTrails logo

www.mt-lesershop.de Open in urlscan Pro
3.74.209.140  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mt-lesershop.de/wish-list/
Effective URL: https://www.mt-lesershop.de/wish-list/
Submission: On October 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 39 HTTP transactions. The main IP is 3.74.209.140, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.mt-lesershop.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on September 5th 2024. Valid for: 3 months.
This is the only time www.mt-lesershop.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 3.67.203.118 16509 (AMAZON-02)
4 3.74.209.140 16509 (AMAZON-02)
18 18.173.187.41 16509 (AMAZON-02)
2 142.250.186.40 15169 (GOOGLE)
3 151.101.1.21 54113 (FASTLY)
2 108.177.15.92 15169 (GOOGLE)
1 17.253.15.209 6185 (APPLE-AUSTIN)
2 151.101.129.21 54113 (FASTLY)
1 2 34.147.177.40 396982 (GOOGLE-CL...)
1 151.101.1.35 54113 (FASTLY)
1 216.239.32.178 15169 (GOOGLE)
1 192.229.221.25 15133 (EDGECAST)
2 151.101.65.21 54113 (FASTLY)
1 172.217.23.99 15169 (GOOGLE)
39 13
1    3.67.203.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-203-118.eu-central-1.compute.amazonaws.com
mt-lesershop.de
4    3.74.209.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
www.mt-lesershop.de
18    18.173.187.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-41.muc50.r.cloudfront.net
cdn02.plentymarkets.com
2    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
3    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
c.paypal.com
www.paypal.com
2    108.177.15.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f92.1e100.net
pay.google.com
1    17.253.15.209 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)
PTR: defra1-vip-bx-008.a.aaplimg.com
applepay.cdn-apple.com
2    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
c.paypal.com
www.paypal.com
2    34.147.177.40 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com
b.stats.paypal.com
lhr.stats.paypal.com
1    151.101.1.35 (San Francisco, United States)

ASN54113 (FASTLY, US)
c6.paypal.com
1    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
t.paypal.com
2    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 plentymarkets.com
cdn02.plentymarkets.com — Cisco Umbrella Rank: 300723
557 KB
11 paypal.com
c.paypal.com — Cisco Umbrella Rank: 8333
b.stats.paypal.com — Cisco Umbrella Rank: 6677
lhr.stats.paypal.com — Cisco Umbrella Rank: 48786
c6.paypal.com — Cisco Umbrella Rank: 9992
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
182 KB
5 mt-lesershop.de
mt-lesershop.de
www.mt-lesershop.de
67 KB
2 google.com
pay.google.com — Cisco Umbrella Rank: 2991
40 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
175 KB
1 gstatic.com
www.gstatic.com
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
1 cdn-apple.com
applepay.cdn-apple.com — Cisco Umbrella Rank: 13387
48 KB
39 8
Domain Requested by
18 cdn02.plentymarkets.com www.mt-lesershop.de
cdn02.plentymarkets.com
5 www.paypal.com cdn02.plentymarkets.com
www.paypal.com
4 www.mt-lesershop.de cdn02.plentymarkets.com
2 pay.google.com www.mt-lesershop.de
pay.google.com
2 c.paypal.com www.mt-lesershop.de
c.paypal.com
2 www.googletagmanager.com www.mt-lesershop.de
www.googletagmanager.com
1 www.gstatic.com
1 t.paypal.com www.mt-lesershop.de
1 www.google-analytics.com www.googletagmanager.com
1 c6.paypal.com www.mt-lesershop.de
1 lhr.stats.paypal.com www.mt-lesershop.de
1 b.stats.paypal.com 1 redirects
1 applepay.cdn-apple.com www.mt-lesershop.de
1 mt-lesershop.de 1 redirects
39 14

This site contains links to these domains. Also see Links.

Domain
www.ratepay.com
www.paypal.com
Subject Issuer Validity Valid
mt-lesershop.de
Encryption Everywhere DV TLS CA - G2		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.plentymarkets.com
Amazon RSA 2048 M02		 2024-04-09 -
2025-05-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
applepay.cdn-apple.com
Apple Public Server ECC CA 11 - G1		 2024-09-14 -
2024-12-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.mt-lesershop.de/wish-list/
Frame ID: AD0F8E8DB44B4D781076DC9BAB324762
Requests: 34 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A57C47EA5C6CE267F9A5443489A74652
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v2/counter2.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
Frame ID: A94A7FC5150E027BF9835A3C8F3A5EB1
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.mt-lesershop.de&mid=
Frame ID: 9615104663A3F995CA37AF54008A43F0
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_xzzhtnhykkoljrpbfisqilfdvblzpa&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfeHp6aHRuaHlra29sanJwYmZpc3FpbGZkdmJsenBhIn19&env=production&scriptUID=uid_xzzhtnhykkoljrpbfisqilfdvblzpa&version=1.64.12&integrationType=SDK
Frame ID: 6BEE064D038B69DC3F503392D6E39542
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wunschliste | MindenerTageblatt

Page URL History Show full URLs

  1. http://mt-lesershop.de/wish-list/ HTTP 307
    https://mt-lesershop.de/wish-list/ HTTP 301
    https://www.mt-lesershop.de/wish-list/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

13
IPs

3
Countries

1092 kB
Transfer

3450 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mt-lesershop.de/wish-list/ HTTP 307
    https://mt-lesershop.de/wish-list/ HTTP 301
    https://www.mt-lesershop.de/wish-list/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://b.stats.paypal.com/v2/counter.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page HTTP 302
  • https://lhr.stats.paypal.com/v2/counter2.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mt-lesershop.de/wish-list/
Redirect Chain
  • http://mt-lesershop.de/wish-list/
  • https://mt-lesershop.de/wish-list/
  • https://www.mt-lesershop.de/wish-list/
245 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d616e24a52ff5ca101a8421c193bd7ea4f867de73a6dfd1f0795a68b1422e842
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 02:26:25 GMT
link
<https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/OpenSans-Regular.ttf>; rel=preload; as=font; crossorigin,<https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Logo.png>; rel=preload; as=image
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-last-modified
2024-10-27 02:26:39.707 +0000 UTC
x-plenty-cache
hit
x-plenty-id
9ccc56af6268e0dc36c8b1cce9f0ea143db45110
x-plenty-key
545b7fcfe4eec97bd2ce9153433105eaad4fe52c
x-plenty-shop
Ceres
x-plenty-shop-version
eyJpdiI6IkNjZEZuZ1FhYjAzTlpGUThjVWU0bXc9PSIsInZhbHVlIjoia1B2RkZlMGdHR0FlMzA4ODF3VUFPZz09IiwibWFjIjoiNmI0ZGNkZDQ4ZGEzNmRlNjQ1M2Q4MWZkOTM5N2UxZWVhMzJiNmUyNzE1YzgzNDNjNGYzM2I5NDg2ZjMxYTM2YiIsInRhZyI6IiJ9

Redirect headers

date
Thu, 31 Oct 2024 02:26:25 GMT
location
https://www.mt-lesershop.de/wish-list/
vary
Accept-Encoding
OpenSans-Regular.ttf
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/ 		127 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/stfonts/OpenSans-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://www.mt-lesershop.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
ZJiPJvR3SKygywmODg9wXwgoEBy7KdaQ
etag
W/"22ab03a6b890f2f142a137a38bf1d4ae"
age
154025
access-control-allow-methods
GET, HEAD
expires
Thu, 30 Mar 2023 04:40:34 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
KLixwHVAee2vrC2xxh-vpTOs3gO_VkMCs5SXup364GQDno-slLVnhA==
date
Tue, 29 Oct 2024 07:39:21 GMT
content-type
font/ttf
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 28 Mar 2023 04:40:35 GMT
cache-control
max-age=172800
via
1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
Minden_Logo.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"af752f6de272cf03cebc19345d5458b6"
x-amz-version-id
FS0eMV4PkW8SFjg6uxsoOTx8qLoKCIC9
age
1567
expires
Thu, 21 Jul 2022 11:55:28 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
06zUvqUJGvq4zQNHqGOLqB9S1vMQUXAyY2sniJK0QZ6Uap89Xr_tcQ==
date
Thu, 31 Oct 2024 02:00:19 GMT
content-type
image/png
last-modified
Tue, 19 Jul 2022 11:55:29 GMT
x-amz-meta-height
280
cache-control
max-age=172800
x-amz-meta-width
1500
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17719
x-amz-cf-pop
MUC50-P4
server
AmazonS3
ceres-icons.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ 		66 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
4iA6P8syjJ_szIWWqP8_QyPHGAnlF95n
etag
W/"ccd446e05ec2d3ae81b7aa8db00b8bd7"
age
145886
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TqrhPS5hWqXSRbHyv8G469OuwDIYErroTM-_J3YPOnEfyVQjLuBeuA==
date
Tue, 29 Oct 2024 09:55:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
ceres-checkout.css
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ 		367 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-checkout.css?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cf040745d2b67303787185bee08ac13bf42e28d69db03c7bfeb0a077be0bb53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
qcnA8YhtvuT6n06GMpOEjWRmuJvE1_UF
etag
W/"d131051926a312f7a8ea31cb85464255"
age
4757
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aKN2QzFoYSpZFhoEctaH33_h3aHTEGmCpZW0GyR_WQdHltD8mgo88g==
date
Thu, 31 Oct 2024 01:07:09 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f44e4678e0b3f0b57d601e9fb0694d383eaa31596a17ac9983181340bf0574f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 02:26:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 00:56:53 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80534
x-xss-protection
0
server
Google Tag Manager
mt-lesershop.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/mt-lesershop.png
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef003ac1cc4651dd5c3151579fd63b0443ff9f9d0d9489818c9bb0717fbf653c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"22688b52a7735ac7a1eeb4a8fbb09d79"
x-amz-version-id
IUnXcEWNHcpIhOzRKsVvETcH1Yn11EUn
age
1567
expires
Wed, 16 Oct 2024 09:24:34 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
c-opVKMrOYMhni5f8t23pj8WynPt58PFku1hqnWjCNyc9OBCdVTy4Q==
date
Thu, 31 Oct 2024 02:00:19 GMT
content-type
image/png
last-modified
Mon, 14 Oct 2024 09:24:35 GMT
x-amz-meta-height
468
cache-control
max-age=172800
x-amz-meta-width
1592
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25204
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
dhl-logo.svg
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Logos/dhl-logo.svg
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

cache-control
max-age=172800
content-encoding
gzip
x-amz-version-id
T6nksCOwDf_GvmswKAUxcCSCZItlT_Hm
etag
W/"3fecc9db35d5d2a9e6e71ab4b02d22e5"
age
77005
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
expires
Fri, 31 Jul 2020 08:08:58 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
X4NDouI7BhEWU2EQnxnUUsvBgHhKuRil3CxEkz_ycuU2V60FB7WZZQ==
date
Wed, 30 Oct 2024 05:03:00 GMT
content-type
image/svg+xml
last-modified
Wed, 29 Jul 2020 08:08:59 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
vary
accept-encoding
ceres-client.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ 		901 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f839c5029bf1abae7d185a9c89324d7ca57657b8f4a92d73a3aa1e257673cfa0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
h3SWpQLbQrGY_pORKO0O7BIpx6Mn7qBs
etag
W/"f26a0f7811c8943da8f749b8800ff96d"
age
151303
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kg7qgpuRychVgs-1sGckt83KZYvS3CmBYy1YBEdef0thM7UKub-INQ==
date
Tue, 29 Oct 2024 08:24:43 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:22 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
fb.js
c.paypal.com/da/r/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (dac/9C80) /
Resource Hash
c7733da813db4b07799c13758c39577ea97a23ff7b8df10ff275828563ae422b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

access-control-max-age
86400
paypal-debug-id
d4586c9a17cd4
content-encoding
gzip
etag
W/"6722ccae-11483"
age
6143
x-content-type-options
nosniff
access-control-allow-methods
GET
traceparent
00-0000000000000000000d4586c9a17cd4-5b342924ec34e3db-01
expires
Fri, 01 Nov 2024 02:26:26 GMT
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230051-FRA
x-cache-hits
708
last-modified
Thu, 31 Oct 2024 00:17:50 GMT
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate,max-age=86400
timing-allow-origin
*
x-timer
S1730341586.015564,VS0,VE1
access-control-allow-credentials
false
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
23531
server
ECAcc (dac/9C80)
pay.js
pay.google.com/gp/p/js/ 		137 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f92.1e100.net
Software
ESF /
Resource Hash
86b1eec25aad2467fa28e8d12193de126a401ccf3ccd901b097e614f29544971
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-8fQk5Lmd0ohc1u4XMRC9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 02:26:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjitDikmLw1pBiWFYqxbBkphSDxNeXTBpA7JQ-gzUIiFtvnmOdCsRzA86zhmeeZ036d561CIgNFS6xOgLxr7xLrKo9l1hNgfip8mXWIokrrE1ALMTDcelq9042gQkLvj5jVNJOyi-Mz8wrLknMK0kqrUwrys8rSc1LKU4tKkstijcyMDIxNDA20DMwjC8wAACwCjj8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-8fQk5Lmd0ohc1u4XMRC9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
cache-control
private, max-age=600
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /_/InstantbuyFrontendHttp/cspreport/fine-allowlist
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/v1/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
17.253.15.209 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),
Reverse DNS
defra1-vip-bx-008.a.aaplimg.com
Software
Apple /
Resource Hash
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
gzip
CDNUUID
4a8b35b9-5056-41cb-ace5-db09a84b2766-4909232471
Age
42172
apple-originating-system
wp-content-server-prod1-use1
x-content-type-options
nosniff
X-Cache
hit-fresh, hit-fresh
Date
Wed, 30 Oct 2024 14:43:34 GMT
apple-tk
false
Content-Type
application/javascript
vary
Accept-Encoding
apple-seq
0
strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=86400, stale-while-revalidate=86400, s-maxage=86400
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-credentials
false
x-conversation-id
37dd9c98-f4ef-f8dc-af0f-fea85fe8f484
access-control-allow-origin
*
Content-Length
48790
x-xss-protection
1; mode=block
Server
Apple
fontawesome-webfont.woff2
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/documents/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/documents/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/css/ceres-icons.css

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
N7rEXh6Sl1uQuICqdPjUqNgbxzmIbT5p
etag
W/"af7ae505a9eed503f8b8e6982036873e"
age
154024
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
pVK4Arn34jCeFjaTVKOQkIjTk0oKqR85j_qCR1HIjHp6YHQk4RN9Dw==
date
Tue, 29 Oct 2024 07:39:21 GMT
content-type
text/plain; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:24 GMT
cache-control
max-age=604800
via
1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
i
c.paypal.com/v1/r/d/ Frame A57C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges
none
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
97be8138ecb58
date
Thu, 31 Oct 2024 02:26:26 GMT
origin-trial
A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id
97be8138ecb58
server-timing
"traceparent;desc="00-000000000000000000097be8138ecb58-5a836cf75e25e766-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000097be8138ecb58-2df147e01df1bdf6-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230069-FRA
x-timer
S1730341586.185099,VS0,VE177
x-xss-protection
1; mode=block
counter2.cgi
lhr.stats.paypal.com/v2/ Frame A94A
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
  • https://lhr.stats.paypal.com/v2/counter2.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lhr.stats.paypal.com/v2/counter2.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
HTTP/1.1
Server
34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.177.147.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

Content-Length
42
Date
Thu, 31 Oct 2024 02:26:26 GMT
Content-Type
image/jpeg
Connection
close
Server
PayPal-B.Stats/1.0

Redirect headers

Location
https://lhr.stats.paypal.com/v2/counter2.cgi?p=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
Content-Length
0
Date
Thu, 31 Oct 2024 02:26:26 GMT
Content-Type
application/octet-stream
Connection
close
Server
PayPal-B.Stats/1.0
p3
c6.paypal.com/v1/r/d/b/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=dda8c5fac49f6c99105068f34b0fd317&s=plentysystems_checkout-page
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

paypal-debug-id
662fc5b09aed6
access-control-expose-headers
Server-Timing
correlation-id
662fc5b09aed6
traceparent
00-0000000000000000000662fc5b09aed6-eacc4e600005fd0f-01
server-timing
"traceparent;desc="00-0000000000000000000662fc5b09aed6-757f8d35e004e082-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS
date
Thu, 31 Oct 2024 02:26:26 GMT
x-served-by
cache-fra-eddf8230088-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
x-timer
S1730341587.544461,VS0,VE180
via
1.1 varnish
accept-ranges
bytes
content-length
0
smartPaymentScript.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f1cca3ef586050e7ad0bf5909a8050854ae3e38fdd261d08ba67d2cf229d836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://www.mt-lesershop.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
.Q1t4jpAj7.OtpiY0LrUtE3xwt9DVWb7
etag
W/"ac15a27c3d150589522042d01b814d6b"
age
4758
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
OJbde5xefxhiSHqAHr5285Ii7-7AHYvGBxbqMLLB6ehKmXP3GecPXg==
date
Thu, 31 Oct 2024 01:07:09 GMT
content-type
text/javascript; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
cache-control
max-age=604800
via
1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
googlePayScript.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/googlePayScript.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95590b7461a9b2c3e5979708485d6d0897588f26d29213265f3108154b067d8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
WPukgX3YWS.yBQ7Or1DQfLNziutUfZES
etag
W/"b99d084e4dfab67ae53c67a7ab813708"
age
4758
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-ZMpmkclq3J5fMOC8BraDZ86eOJ64HLECQpmK7sQsjxPwXKLZl1rUw==
date
Thu, 31 Oct 2024 01:07:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
applePayScript.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/applePayScript.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a163c42b0f5f4fdd3401cb7874676264d90347dc7f872cb50a012fa5682902e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
SD2hmS4WDzVy_oFiDGLDDTMlzah8LHkd
etag
W/"5edf90ef5cf9451e30c6fdcadd05f5c3"
age
4758
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Clyqt_J8jBFI7MaTh8O1bgoeERPNdoPJeqJESnSz20VBxDFgv3ox9Q==
date
Thu, 31 Oct 2024 01:07:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
paypal-js.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/paypal-js.min.js
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7351e0bd094f8aeaf9b1269655280239847b3f6401e7c57a57658eab7d66fcb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mt-lesershop.de
Referer
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
OnyUU1lK4Tq.OfmFynegrYs4qHXPWPRa
etag
W/"4be2a2108b7b7081fe9fd25de8bb4cb8"
age
4758
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
HJdxbuD_H4_OZyxvv8qYurvmsNUFk_OBmLe36ow2RTMQrFNIl9ikdg==
date
Thu, 31 Oct 2024 01:07:09 GMT
content-type
text/javascript; charset=utf-8
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Mon, 07 Oct 2024 09:33:21 GMT
cache-control
max-age=604800
via
1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		272 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5HG9WBXM83&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
edf793f5b896dcf6f3aa9d65cf4c2a16bbabecc0d5232806910d1d56ac1b358f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 31 Oct 2024 02:26:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97420
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183341721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
gzip
age
3611
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 03:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 01:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.paypal.com/sdk/ 		539 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/paypal-js.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b65f85e47c4eac0a9262e37bc9df2294db2e6de3410889704358c040b5d1384
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-w4MVQi8WuRGSJ1ljDeAYfnntVmMAz4QM5g6w9R6AI5gt4Aqb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-w4MVQi8WuRGSJ1ljDeAYfnntVmMAz4QM5g6w9R6AI5gt4Aqb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f360874c20bef
content-encoding
gzip
etag
W/"253e9-DDC42/AyPaIDFF9xZM3XdQBaWoE"
age
5100
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f360874c20bef-e1bc447b5c017936-01
server-timing
"traceparent;desc="00-0000000000000000000f360874c20bef-65dc3ab30b32bca5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-w4MVQi8WuRGSJ1ljDeAYfnntVmMAz4QM5g6w9R6AI5gt4Aqb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-w4MVQi8WuRGSJ1ljDeAYfnntVmMAz4QM5g6w9R6AI5gt4Aqb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730341586.460452,VS0,VE5
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
152553
x-xss-protection
1; mode=block
payframe
pay.google.com/gp/p/ui/ Frame 9615 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.mt-lesershop.de&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f92.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-XAlNuzOzGSOwUKmc2J-6bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-XAlNuzOzGSOwUKmc2J-6bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 31 Oct 2024 02:26:27 GMT
expires
Thu, 31 Oct 2024 02:26:27 GMT
origin-trial
AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjitDikmLw1pBiWFYqxbBkphSDxNeXTBpA7JQ-gzUIiFtvnmOdCsRzA86zhmeeZ036d561CIgNFS6xOgLxr7xLrKo9l1hNgfip8mXWIokrrE1ALMTDcflq9042gQNrj61lVNJOyi-Mz8wrLknMK0kqrUwrys8rSc1LKU4tKkstijcyMDIxNDA20DMwjC8wAACo2DjS"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.mt-lesershop.de&t=xo&v=5.0.463&source=payments_sdk&mrid=JECSYYBQJZPNC&client_id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&comp=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-b1e3Nj9oIEBCurWWlVOl6slwjL6uydrpi9O0/lDk780qww85' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

paypal-debug-id
f237965386dd7
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f237965386dd7-5dac9b3b16e3e8ab-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-b1e3Nj9oIEBCurWWlVOl6slwjL6uydrpi9O0/lDk780qww85' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730341587.668196,VS0,VE237
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
/
www.mt-lesershop.de/rest/payment/payPal/smart_payment/handle_founding_sources/ 		2 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/rest/payment/payPal/smart_payment/handle_founding_sources/
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/paypal/js/smartPaymentScript.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.mt-lesershop.de/wish-list/

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-session-expiration
3600
date
Thu, 31 Oct 2024 02:26:26 GMT
content-type
application/json
vary
Accept-Encoding
ceres-client-44.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-44.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d507210da6cc69b0da027e54de9e0766644d4c1989fbd3a48c9a14bfd02f96a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
uCqa6ckhl9Ozi8TjdgoxzeshaT2gieBD
etag
W/"3e5f56a42c66487b64e8a4289aeb5ffd"
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
VlqRRA8HQ4tYLsRG3zCEoBa9Q7vNYGj6CoMpBF3SLtCSQTAg15lCLw==
date
Thu, 31 Oct 2024 02:26:28 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
ceres-client-9.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-9.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
TfXO7Rq4MH02Na1yjK.oGm4lCuKj8df_
etag
W/"599116c1691a0f762086f4a2556a6288"
age
145887
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-6M4rp5uzIAAHcb5VmLROQSeDvpDYyOCGT4VpJ8_A8WVTA79kSwwlA==
date
Tue, 29 Oct 2024 09:55:01 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
ceres-client-3.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		88 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-3.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9081f67a818e50650ea867528dbec60cf2790ba625ab34ae40482ac33332dc98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
5J3a8rNcLUj_Pwk6R6_Z.jAn8Tu22nZE
etag
W/"cb8a2d4e355b5f11e086b9f6c99c08de"
age
145887
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
bQ61BJD18vvd7mX0yNZyRrKI0kip2oOvcWzpifz2mhqpEhLJi7cyfg==
date
Tue, 29 Oct 2024 09:55:01 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
ceres-client-14.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-14.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fcca1165027fc49a43328dbd5ad4ea9ea3af178ee6db5a4495c4c53930fe465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
45yXLkLvnFygyf3_wtovjDjpB6dyv2HZ
etag
W/"3526a1511d2faf7b7abd154783116122"
age
145887
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
suGr40ZWDDkxMwRA-W0eAQrl6dvFNlPvW7829A__jNT0qgHE7c4JlQ==
date
Tue, 29 Oct 2024 09:55:01 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
ceres-client-25.min.js
cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/chunks/ceres-client-25.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

vary
accept-encoding
cache-control
max-age=604800
content-encoding
gzip
x-amz-version-id
CofTHReRRJivfI6PG3BdkxXq5PXH_u.j
etag
W/"7269c08e1b4f298a5d05a8298fc0527f"
age
145887
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
wxdXQZ8cqObb8QVyZa12sct2M8KHfOWH_nEeNsDsf5p33DXHSpWG7g==
date
Tue, 29 Oct 2024 09:55:01 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 09:33:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
/
www.mt-lesershop.de/rest/io/session/ 		682 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/rest/io/session/?initialRestCall=true&templateType=wish-list&_=1730341585983
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
771d1192c2a92a1778fbdb02a36ce77b136fdc83b33483cdb0c9d20388469397

Request headers

Referer
https://www.mt-lesershop.de/wish-list/
X-Requested-With
XMLHttpRequest
Accept-Language
de
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-session-expiration
3600
date
Thu, 31 Oct 2024 02:26:27 GMT
x-plenty-key
e1153b951cdd1b2c20e58c8c0ab13d2c39b9e21b
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
local
www.paypal.com/credit-presentment/experiments/ Frame 6BEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_xzzhtnhykkoljrpbfisqilfdvblzpa&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZzbFFhbmE0ZjRDUWpIdlJCblVjNnZCSmc1amdKdVpGd00tU2JyVGlHS1VBcUI3TXJ4UXYzUVdGZFE2VTFoN29nTURva1QxRE5CelJ4TXcmbWVyY2hhbnQtaWQ9SkVDU1lZQlFKWlBOQyZjdXJyZW5jeT1FVVImbG9jYWxlPWRlX0RFJmNvbXBvbmVudHM9bWVzc2FnZXMsYnV0dG9ucyxmdW5kaW5nLWVsaWdpYmlsaXR5LGhvc3RlZC1maWVsZHMscGF5bWVudC1maWVsZHMsbWFya3MmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXIiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJwbGVudHlzeXN0ZW1zQUdfQ2FydF9QUENQIiwiZGF0YS11aWQiOiJ1aWRfeHp6aHRuaHlra29sanJwYmZpc3FpbGZkdmJsenBhIn19&env=production&scriptUID=uid_xzzhtnhykkoljrpbfisqilfdvblzpa&version=1.64.12&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mt-lesershop.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
48018
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
f7188880c7f06
date
Thu, 31 Oct 2024 02:26:27 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-MFF1nbfYIB7uJD43+PDDz4ftFgw"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f7188880c7f06
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f7188880c7f06-1a6723f00d7cf40b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f7188880c7f06-e1637f816a71d696-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
18965, 0
x-served-by
cache-fra-eddf8230069-FRA, cache-fra-eddf8230069-FRA
x-timer
S1730341587.209837,VS0,VE6
x-xss-protection
1; mode=block
ts
t.paypal.com/ 		42 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Wunschliste%20%7C%20MindenerTageblatt&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730341587216&g=-60&completeurl=https%3A%2F%2Fwww.mt-lesershop.de%2Fwish-list%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.mt-lesershop.de
URL: https://www.mt-lesershop.de/wish-list/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D7) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
paypal-debug-id
bf1996aa582c1
pragma
no-cache
correlation-id
bf1996aa582c1
expires
Thu, 31 Oct 2024 02:26:27 GMT
server-timing
traceparent;desc="00-0000000000000000000bf1996aa582c1-d730191be080a408-01", content-encoding;desc="", x-cdn;desc="edgecast"
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
traceparent
00-0000000000000000000bf1996aa582c1-44d646dc2ce0f8b2-01
date
Thu, 31 Oct 2024 02:26:27 GMT
content-type
image/gif
vary
Accept-Encoding
server
ECAcc (lhd/35D7)
/
www.mt-lesershop.de/rest/io/itemWishList/ 		75 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mt-lesershop.de/rest/io/itemWishList/?templateType=wish-list
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/tgihtlx3guvt/plugin/432/ceres/js/dist/ceres-client.min.js?v=840d88ff40a5198ba8525ff01528921993c26af6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.74.209.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-209-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ce1db2bb073a94e4b90afc88f4c2825572e4bdbb4e8ecbc6192f5651b3b164b0

Request headers

Referer
https://www.mt-lesershop.de/wish-list/
X-Requested-With
XMLHttpRequest
Accept-Language
de
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-session-expiration
1730345186
date
Thu, 31 Oct 2024 02:26:27 GMT
x-plenty-key
3b6a9255616bafde5a2f745101e884f69a3a43e9
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
Minden_Favicon.png
cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/tgihtlx3guvt/frontend/Mindener_Tageblatt_Shop/Logo/Minden_Favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

etag
"ea09612b79c69de2d9e6356859564a08"
x-amz-version-id
AMW.fpsfFGkTyYpzvA8SOPY8TaKvT7Sj
expires
Sat, 23 Jul 2022 10:34:21 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
GW57BGsYay8TMubL4UqJfHICEJNukrTyaXpsUzhCoUsMUfudg_8iJg==
date
Thu, 31 Oct 2024 02:26:28 GMT
content-type
image/png
last-modified
Thu, 21 Jul 2022 10:34:22 GMT
x-amz-meta-height
192
cache-control
max-age=172800
x-amz-meta-width
192
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10126
x-amz-cf-pop
MUC50-P4
server
AmazonS3
logger
www.paypal.com/xoplatform/logger/api/ 		975 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AfslQana4f4CQjHvRBnUc6vBJg5jgJuZFwM-SbrTiGKUAqB7MrxQv3QWFdQ6U1h7ogMDokT1DNBzRxMw&merchant-id=JECSYYBQJZPNC&currency=EUR&locale=de_DE&components=messages,buttons,funding-eligibility,hosted-fields,payment-fields,marks&enable-funding=paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8903d5e81e15cd9fd9ce0dcd13597899293249d09ab2c45647f9e51359c3beda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mt-lesershop.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f391795aa1b33
content-encoding
br
etag
W/"3cf-pB6ha/YAxR4grfbux2FUVqXPeLA"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f391795aa1b33-303dac36c589dfe1-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Thu, 31 Oct 2024 02:26:28 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230123-FRA, cache-fra-eddf8230123-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730341588.076295,VS0,VE165
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.mt-lesershop.de
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mt-lesershop.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.mt-lesershop.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 31 Oct 2024 02:26:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f391795643522
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f391795643522-e0069c51f8ee4ff5-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230123-FRA, cache-fra-eddf8230123-FRA
x-timer
S1730341588.888881,VS0,VE170
light_square_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/light_square_gpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mt-lesershop.de/

Response headers

content-encoding
br
age
39713
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:24:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:24:36 GMT
last-modified
Fri, 03 Mar 2023 17:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
894
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ConsentManager function| loadCSS function| gtag object| dataLayer object| __INITIAL_STATE__ object| App function| __loadPluginChunk object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| createApp function| Vue object| Vuex object| NotificationService function| ceresTranslate object| vueEventHub object| ceresStore function| loadCashInAdvanceModal object| PAYPAL object| script object| script2 object| script3 function| setupApplePay function| onApplePayLoaded function| showApplePayButton function| hideApplePayButton function| getApplePayTotalAndLineItems function| getGoogleIsReadyToPayRequest function| getGooglePayConfig function| getGooglePaymentDataRequest function| onPaymentAuthorized function| addGooglePayButton function| getGoogleTransactionInfo function| onGooglePaymentButtonClicked function| processPayment function| getGooglePaymentsClient function| renderGooglePayButton function| renderReinitGooglePayButton function| onGooglePayLoaded object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| paypalLoadCustomScript function| paypalLoadScript function| resolveAfterItemAddedToBasket function| renderPayPalButtons function| renderSmartPaymentButton function| renderButton function| showCheckoutButton function| renderReinitSmartButton function| renderReinitButton function| checkFoundingSources function| paypalValidateCheckout function| initCreditCardFields function| confirmCancel function| openLoadingScreen function| closeLoadingScreen object| gaGlobal object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant object| allowlistedMerchantDomainsForBnplDynamicButton object| allowlistedMerchantDomainsForRlmiaDynamicButton string| dynamicGpayButtonVariant object| google object| __post_robot_11_0_0___uid_xzzhtnhykkoljrpbfisqilfdvblzpa object| paypal_plenty_sdk object| __zoid_10_3_3___uid_xzzhtnhykkoljrpbfisqilfdvblzpa function| ApplePayMerchandising function| onGooglePayApplePayLoaded function| checkPaymentMethods function| checkPayUponInvoiceLegalNotice function| changeAdditionalInformationForm object| vueApp object| paypalDDL object| gaplugins object| gaData

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 518=wx1AYYqgN9uPs1W4rQf6oo5kJqQuCHrAbItyiltpFrcvg37en68gfvzAcylYjfAsfcPA69P_huYZ5UB5Ud8nkh0fpIxd7uSULi1RhqMQa9JAwNevQKT__VCSHVwV986zXfipe48Wvl8E4ifHvVe8ToqfXA10SV0O4xgqF7XhE-JZl1T9
.paypal.com/ Name: sc_f
Value: RewhMBs4uTRnPXr9Fc4RmlcrAeAdz-ThG6waneWQdal-i6WWCWbdwKsTVs3LnNc8ttX4mqKwXADBu9PzvHpGaN4SN8nAI5s7YqqKhW
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: 8PGBuiOYzPGFmS6-AW9RGHqns1zH7RPHqdnDqfs7cz4XhBQTdHAvbUQGQq4DmvnxgwUkZP045lghkBCQ
.paypal.com/ Name: l7_az
Value: dcg15.slc
.mt-lesershop.de/ Name: plentyID35
Value: eyJpdiI6ImlwSm1rcnFzUXZXQXFlYkZhdTkzR0E9PSIsInZhbHVlIjoiRG4zaG5NM2ZBSVRmQU94TnREeFJSY2tqRWxFeWFGY0E2NWN3M0hjS3YwOEF3eW9jTFlPTWdJd1dHVnUrVE85dyIsIm1hYyI6ImQyZDJmNTZmMDQ5NzkwOGU5Zjk1NDdjNjNhNzI4NGVlNjhkYjYyZmQxZjE5OGZjNzhmODAyZDZkYzU0ODQyNmEiLCJ0YWciOiIifQ%3D%3D

4 Console Messages

Source Level URL
Text
other warning URL: https://www.mt-lesershop.de/wish-list/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.mt-lesershop.de/wish-list/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://www.mt-lesershop.de/wish-list/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.mt-lesershop.de/wish-list/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com *.my.plentysystems.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn02.plentymarkets.com
lhr.stats.paypal.com
mt-lesershop.de
pay.google.com
t.paypal.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.mt-lesershop.de
www.paypal.com
108.177.15.92
142.250.186.40
151.101.1.21
151.101.1.35
151.101.129.21
151.101.65.21
17.253.15.209
172.217.23.99
18.173.187.41
192.229.221.25
216.239.32.178
3.67.203.118
3.74.209.140
34.147.177.40
0d507210da6cc69b0da027e54de9e0766644d4c1989fbd3a48c9a14bfd02f96a
17f90fd9322a06522547fd88c55779f57f26c047997ed4066b95761f41b391ee
1fcca1165027fc49a43328dbd5ad4ea9ea3af178ee6db5a4495c4c53930fe465
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b65f85e47c4eac0a9262e37bc9df2294db2e6de3410889704358c040b5d1384
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
511bd317daa93dc6b838c56de33a112e67c36bb26067f24064213b7b3d1d5bf1
5cf040745d2b67303787185bee08ac13bf42e28d69db03c7bfeb0a077be0bb53
5f1cca3ef586050e7ad0bf5909a8050854ae3e38fdd261d08ba67d2cf229d836
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f
7351e0bd094f8aeaf9b1269655280239847b3f6401e7c57a57658eab7d66fcb4
771d1192c2a92a1778fbdb02a36ce77b136fdc83b33483cdb0c9d20388469397
86b1eec25aad2467fa28e8d12193de126a401ccf3ccd901b097e614f29544971
8903d5e81e15cd9fd9ce0dcd13597899293249d09ab2c45647f9e51359c3beda
9081f67a818e50650ea867528dbec60cf2790ba625ab34ae40482ac33332dc98
95590b7461a9b2c3e5979708485d6d0897588f26d29213265f3108154b067d8f
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a11da30ab951d61d409be021976aba12734de866c5d392db4de97a432a870614
a163c42b0f5f4fdd3401cb7874676264d90347dc7f872cb50a012fa5682902e2
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
c20af9152bec0d63106de7ecb6ad1ae8b13005f894b90537083ea3b29e8e9469
c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5
c7733da813db4b07799c13758c39577ea97a23ff7b8df10ff275828563ae422b
ce1db2bb073a94e4b90afc88f4c2825572e4bdbb4e8ecbc6192f5651b3b164b0
d616e24a52ff5ca101a8421c193bd7ea4f867de73a6dfd1f0795a68b1422e842
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
edf793f5b896dcf6f3aa9d65cf4c2a16bbabecc0d5232806910d1d56ac1b358f
ef003ac1cc4651dd5c3151579fd63b0443ff9f9d0d9489818c9bb0717fbf653c
f44e4678e0b3f0b57d601e9fb0694d383eaa31596a17ac9983181340bf0574f0
f839c5029bf1abae7d185a9c89324d7ca57657b8f4a92d73a3aa1e257673cfa0
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee