urlscan.io logo urlscan.io
SecurityTrails logo

www.retourenportal-sinweaver.com Open in urlscan Pro
18.197.242.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://retourenportal-sinweaver.com/
Effective URL: https://www.retourenportal-sinweaver.com/
Submission: On April 08 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main IP is 18.197.242.185, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.retourenportal-sinweaver.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on April 7th 2024. Valid for: 3 months.
This is the only time www.retourenportal-sinweaver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.67.203.118 16509 (AMAZON-02)
3 18.197.242.185 16509 (AMAZON-02)
21 18.173.187.32 16509 (AMAZON-02)
2 18.173.154.65 16509 (AMAZON-02)
1 192.229.221.25 15133 (EDGECAST)
1 151.101.129.21 54113 (FASTLY)
1 2 34.147.177.40 396982 (GOOGLE-CL...)
1 151.101.1.21 54113 (FASTLY)
30 7
1    3.67.203.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-203-118.eu-central-1.compute.amazonaws.com
retourenportal-sinweaver.com
3    18.197.242.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-242-185.eu-central-1.compute.amazonaws.com
www.retourenportal-sinweaver.com
21    18.173.187.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-32.muc50.r.cloudfront.net
cdn02.plentymarkets.com
2    18.173.154.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-65.muc50.r.cloudfront.net
cdn01.plentymarkets.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
c.paypal.com
1    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
c.sandbox.paypal.com
2    34.147.177.40 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com
b.stats.paypal.com
lhr.stats.paypal.com
1    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
c.sandbox.paypal.com
Apex Domain
Subdomains		 Transfer
23 plentymarkets.com
cdn02.plentymarkets.com — Cisco Umbrella Rank: 138328
cdn01.plentymarkets.com
1 MB
5 paypal.com
c.paypal.com — Cisco Umbrella Rank: 8351
c.sandbox.paypal.com
b.stats.paypal.com — Cisco Umbrella Rank: 6028
lhr.stats.paypal.com — Cisco Umbrella Rank: 23665
22 KB
4 retourenportal-sinweaver.com
retourenportal-sinweaver.com
www.retourenportal-sinweaver.com
35 KB
30 3
Domain Requested by
21 cdn02.plentymarkets.com www.retourenportal-sinweaver.com
cdn02.plentymarkets.com
3 www.retourenportal-sinweaver.com cdn02.plentymarkets.com
2 c.sandbox.paypal.com c.paypal.com
www.retourenportal-sinweaver.com
2 cdn01.plentymarkets.com www.retourenportal-sinweaver.com
1 lhr.stats.paypal.com www.retourenportal-sinweaver.com
1 b.stats.paypal.com 1 redirects
1 c.paypal.com www.retourenportal-sinweaver.com
1 retourenportal-sinweaver.com 1 redirects
30 8

This site contains links to these domains. Also see Links.

Domain
marketplace.plentymarkets.com
pay.amazon.com
www.plentymarkets.com
Subject Issuer Validity Valid
retourenportal-sinweaver.com
Encryption Everywhere DV TLS CA - G2		 2024-04-07 -
2024-07-06		 3 months crt.sh
*.plentymarkets.com
Amazon RSA 2048 M01		 2023-05-10 -
2024-06-07		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
www.sandbox.paypal.com
DigiCert EV RSA CA G2		 2024-02-05 -
2025-02-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.retourenportal-sinweaver.com/
Frame ID: 4629465E379A83688BBAFEFF42D490BF
Requests: 28 HTTP requests in this frame

Frame: https://c.sandbox.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 6E1A4BA56904AFC49F0A371725C825F1
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v1/counter2.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
Frame ID: 3CD1FFB1E46D6274E4164EE13C42144F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

plentyShop LTS

Page URL History Show full URLs

  1. http://retourenportal-sinweaver.com/ HTTP 307
    https://retourenportal-sinweaver.com/ HTTP 301
    https://www.retourenportal-sinweaver.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

30
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

8
Subdomains

7
IPs

3
Countries

1428 kB
Transfer

2709 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://retourenportal-sinweaver.com/ HTTP 307
    https://retourenportal-sinweaver.com/ HTTP 301
    https://www.retourenportal-sinweaver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://b.stats.paypal.com/v1/counter.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page HTTP 302
  • https://lhr.stats.paypal.com/v1/counter2.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.retourenportal-sinweaver.com/
Redirect Chain
  • http://retourenportal-sinweaver.com/
  • https://retourenportal-sinweaver.com/
  • https://www.retourenportal-sinweaver.com/
158 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.242.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-242-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fd6136cead68f0c331475d27b2ab8928c3a08c7aebe9a5449158a5d3780a9a89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.plentymarkets-cloud-de.com
content-type
text/html; charset=UTF-8
date
Mon, 08 Apr 2024 20:53:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-last-modified
2024-04-08 14:05:58.806 +0000 UTC
x-plenty-cache
hit
x-plenty-key
56b058078ecf7cc679b5e9242fd167eb30b117b8
x-plenty-shop
Ceres
x-plenty-shop-version
eyJpdiI6IjZQQlZGcERGKzMxd3BrcUExODFqQ0E9PSIsInZhbHVlIjoiSnpWdHJjQWhQTU83bFpKbUZSMEx2QT09IiwibWFjIjoiZGRmY2I1MTdmYmVkMDY1YmY2N2E2NmExODgyOTUwNDQ3Njk0ZmM0MzczZDRlNzE0ODUxOGQwYWNlYTI2M2Y3NSIsInRhZyI6IiJ9

Redirect headers

content-length
162
content-type
text/html
date
Mon, 08 Apr 2024 20:53:46 GMT
location
https://www.retourenportal-sinweaver.com/
server
nginx
ceres-icons.css
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ 		66 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-icons.css
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
wTNN6y0LEJj9g0CjPGqEvMjPAURGSl5U
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:34 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"ccd446e05ec2d3ae81b7aa8db00b8bd7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
oMP7d2qWYXKqzMDLBEfza2D2amFqom0ex4S4FI8er5HHQEkXS6w_jw==
ceres-checkout.css
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ 		368 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-checkout.css?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5227633ce29d12aa96ccadaeb62dc70c882626fb5167852209e9c1fcac46db8c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
5ZNA2c3XwQugrSuSuAunQ20VX5hrHS9.
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:34 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"aa3b35fac1eba70582be1f7ee308f76d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
arKlLU76uxkL-ikDKnPPemlT1dgYK6UfRgraz0qZfrlTU-KlJxHDSQ==
plentyShop-lts-logo.svg
cdn01.plentymarkets.com/avw8j9fg70hi/frontend/plentyShop_LTS/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.plentymarkets.com/avw8j9fg70hi/frontend/plentyShop_LTS/plentyShop-lts-logo.svg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-65.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4265ded54d3466d4b19b46a0643b2d8b7a54582b99ae6290947b5296a3f79d2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 06:08:48 GMT
x-amz-version-id
ZQW35NSLiTYP8vXFY4wcdNfMowDCClgp
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 10:35:39 GMT
server
AmazonS3
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"be0add1ae584d1419fd7ff7cf4f15f07"
age
139498
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=172800
x-amz-cf-id
FKWdjr9L-2MEcUcyfpYX8X0aZpNZd4rvneG65htXLjA3tZF_jdcHMQ==
expires
Fri, 31 Dec 2021 10:35:38 GMT
slider1.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/slider1.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b184638a67e38e8356366f3d30ba34ee115742d2040365f2982431b6a474eb3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
XAuVqSBMnEdC_oWHP3b.2ucvv4Zng5n1
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101459
etag
"a4a069022c385dc5d3a35b6c96cc16ec"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
310627
x-amz-cf-id
1WVgJPWaZx-3duja6dgrrlMIZGkO7L9vlnh3pBauEPQbKViST164tA==
expires
Mon, 01 Aug 2022 10:24:34 GMT
slider_gebrauchtde.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/slider_gebrauchtde.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60b69ffd28ac9527201510f701ace28f414f82ba48c5740bc7aee0d30c1e4283

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
NrM0150OqtcBJDFDFu4d7rCDCE4Vj0Zt
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101460
etag
"be79ad9271ff05cf1ea19252077c641d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
95291
x-amz-cf-id
IZ_D7BbTYYalamQJngxCuN0Z-8rs0UadtrT8i_2xts3bVfAVbWSVLw==
expires
Mon, 01 Aug 2022 10:24:34 GMT
slider_paydirekt.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/slider_paydirekt.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72a66adbe59c9a3fe563d5df9241d8d1fb3db97aeee948a7d673167c3538cb19

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
Pd5cM4Om69UqmA8bd93JvtyiuN1SoSB8
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101459
etag
"29ea14250a90075d40a14083ae99fc82"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
97596
x-amz-cf-id
6rYsoly70FvmtuXPIGqVfHKgQLXt8v95BaOt7ioPpVu2ifX0RweP7g==
expires
Mon, 01 Aug 2022 10:24:34 GMT
slider2.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/slider2.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
607240d8f7f31126889278658216755c987ccad49cee58c27884db324c5144f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
KJC3QALzwQ3xDr3CPF_5FItHBTMWH3p2
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101460
etag
"306a2d6d1133e97f0a81e7238262a139"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
369817
x-amz-cf-id
ptUkagxj9Z_kwVn-jkWCjODy2NtgCTp_y8MdwnP2D0l5s_Ix-avgaw==
expires
Mon, 01 Aug 2022 10:24:34 GMT
icon_plugin_etsy.png
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/icon_plugin_etsy.png
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8177f04299b4edf7ce135bf5f31ea23c60db04e109bb96d103742af3daa9a45

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
7QNZSC2sIa4A9321aEUbb4vv2Z8IzK3Y
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101460
etag
"e58c16f6884090038a25302b5855eb02"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
21256
x-amz-cf-id
f0PWu7HDB-6u626mssOPJhyEvS8XflXxmyqdg5ZjBNRGtNrUZmkRCw==
expires
Mon, 01 Aug 2022 10:24:34 GMT
icon_plugin_amazon_de.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/icon_plugin_amazon_de.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1bb604668b0abacf5a7025ab14965c4047e903a7082a5100b2e405e5abdf1e5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
RKxarC1sxIKBNmqDj1XWCORVnPjqCzF4
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"91d4635931a5cd9e5444772b9ee29b3f"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
14210
x-amz-cf-id
Z-IxLQac-igTeq3BWTFeW6X9AhPBCLt9LKw4G_LLygHZiB_d4jbm8A==
expires
Mon, 01 Aug 2022 10:24:34 GMT
icon_plugin_gebrauchtde.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/icon_plugin_gebrauchtde.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89123c20bf3c83a936f5426aab7f9cd2b6153bee29343fcfd2b6a5d85f4236f4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
8HyrrPbzyyvzTvV90Mf.ApbO8BH8qM3I
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101460
etag
"801acc0ff22e8c0317457d9b1eb4a697"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
20209
x-amz-cf-id
jDgOkKKjP_44oSBBon8c_A1O2DylPpr-F6AS7FPjNFsS9PDQoeTI6Q==
expires
Mon, 01 Aug 2022 10:24:34 GMT
icon_plugin_paydirekt.jpg
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/icon_plugin_paydirekt.jpg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
488250f886fcca7539fcb521c3823c5caa9a621fce9e50d0388cfb3140315898

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:42:47 GMT
x-amz-version-id
WmJggneb2Qt7xu0CrgJ1D9ZxXfB0l8lZ
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
101459
etag
"e94dab777268798061bdd1c187d98579"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
19896
x-amz-cf-id
NnHBIW73zX-wHBnwySrtLA6TBA_kGKXMp9vSIwM6cpMZSRfpkzR_1Q==
expires
Mon, 01 Aug 2022 10:24:34 GMT
icon_plugin_paypal.png
cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/pmsbpnokwu6a/plugin/production/marketingresource/images/homepage/icon_plugin_paypal.png
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
805a40d82b4b4a9ae9c22f3443e39dc64011880fa59d2c490c3f0588d94d1282

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
axoAh9jgdk649spuzTj2UpoIg4NcERVa
date
Mon, 08 Apr 2024 20:53:47 GMT
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:12:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"8128d91499ebb3265b28978777e2ec94"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
15460
x-amz-cf-id
W_wAicJ3Z7j16eCjksiqairtYuCVe_6iwtxqo7xCZMZ60yc7JNvRNQ==
expires
Mon, 01 Aug 2022 10:24:34 GMT
plentymarkets-logo.svg
cdn01.plentymarkets.com/avw8j9fg70hi/frontend/plentyShop_LTS/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.plentymarkets.com/avw8j9fg70hi/frontend/plentyShop_LTS/plentymarkets-logo.svg
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-65.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
599e6b4cb4f564d7690e18c2684d3903802e70b473d319bb45676f016cdb7d3f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
OUfPJh9AL8enM5X.QMzwX5D2T1ryI8Di
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
date
Sun, 07 Apr 2024 19:50:11 GMT
last-modified
Wed, 29 Dec 2021 10:35:38 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
90216
etag
W/"a4c8678d1502a50b18970f7a6a8365b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=172800
x-amz-cf-id
WbmqvqkNed7hFXWQWOyjVlj8rzTSh7ReGl5xdj5obvNgQXofNhTCAg==
expires
Fri, 31 Dec 2021 10:35:37 GMT
ceres-checkout.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ 		903 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e72541d7bba89ce16c512a141521bfa06b027a6f4463d4bb33d9ebc8fb27ee63

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
aHuRa1OuolveYDmTQrpyDA2jjf.mzMMB
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:31 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"61d658b2d9853fa995d0c47cb3707aa6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
Km5w-gNK0Fiz0Xyb5T7abe70g0pa4KoIG115Op95oS2r6I_Ws8iF9Q==
fb.js
c.paypal.com/da/r/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dac/9C7D) /
Resource Hash
65fb230ac186e08d9c2790d41459a04faaffa59c30576127c45efc2f799a7866
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:46 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
ea47f53fdc6f2
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
last-modified
Wed, 28 Feb 2024 01:41:40 GMT
server
ECAcc (dac/9C7D)
traceparent
00-0000000000000000000ea47f53fdc6f2-bc743fb5cab90f55-01
etag
W/"65de8f54-10882"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
x-csrf-token
expires
Tue, 09 Apr 2024 20:53:47 GMT
de.svg
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/images/flags/4x3/ 		286 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/images/flags/4x3/de.svg
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25b2cd9911e66c9ddbf617979df54a9ddaae407337b0348e0e9631e1d6738869

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-icons.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
3cwn.VujgsBqXFclSRJ4irf52EcAzFBC
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Sat, 06 Apr 2024 09:55:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"963c74cf98560bcdd339b8fb72dedb06"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
286
x-amz-cf-id
YyqshQF5GIGwcDlI9fMx43aBzOkSqjao_Kt-44bw5iV-TGrrl0vwqg==
fontawesome-webfont.woff2
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/documents/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/documents/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/css/ceres-icons.css
Origin
https://www.retourenportal-sinweaver.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
x-amz-version-id
D8VA_Mqa.Fy4Kyq8wC8VHPNYOjX7juYM
content-encoding
gzip
via
1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Sat, 06 Apr 2024 09:55:34 GMT
server
AmazonS3
etag
W/"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
V_a1E1BLjz-CnvmB1flgdtWiu7z17I0vxLC5Jn6hLdXmnksMPfbTRw==
i
c.sandbox.paypal.com/v1/r/d/ Frame 6E1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sandbox.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.retourenportal-sinweaver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges
none
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
f8272069796c9
date
Mon, 08 Apr 2024 20:53:47 GMT
origin-trial
A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id
f8272069796c9
server-timing
traceparent;desc="00-0000000000000000000f8272069796c9-e6da205945e96aaf-01"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220095-FRA
x-timer
S1712609627.229831,VS0,VE145
x-xss-protection
1; mode=block
counter2.cgi
lhr.stats.paypal.com/v1/ Frame 3CD1
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
  • https://lhr.stats.paypal.com/v1/counter2.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lhr.stats.paypal.com/v1/counter2.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
HTTP/1.1
Server
34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.177.147.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.retourenportal-sinweaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 08 Apr 2024 20:53:47 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://lhr.stats.paypal.com/v1/counter2.cgi?p=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
Date
Mon, 08 Apr 2024 20:53:47 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
p3
c.sandbox.paypal.com/v1/r/d/b/ 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.sandbox.paypal.com/v1/r/d/b/p3?f=-lRQ26m799vPjBWCVgifVYEBl4awkbo8&s=plentysystems_checkout-page
Requested by
Host: www.retourenportal-sinweaver.com
URL: https://www.retourenportal-sinweaver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220098-FRA
date
Mon, 08 Apr 2024 20:53:47 GMT
via
1.1 varnish
correlation-id
f8272065c609b
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-timer
S1712609627.220234,VS0,VE185
vary
accept-encoding
x-cache
MISS
paypal-debug-id
f8272065c609b
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
traceparent;desc="00-0000000000000000000f8272065c609b-1db5b54bdb7afcc6-01"
accept-ranges
none
x-cache-hits
0
ceres-48.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-48.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eece6a981f98b3a6337e2eeebb34ea3c0863b0fea1bd4d2ed39a00e191b3b667

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
NoBVkRDRCAFrveWP7PGER38ZJg_FY1cP
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:32 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"a68ef562b56b6cd88f342af63eb91667"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
M1V7NmljfqafvGCj6HBVuI0W4wHULqNJGshUjai7Ia6bgMC4OGsYCQ==
ceres-11.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-11.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8eb60a8c27d7a43f1d2e3278e1f1e7ad0b5a0695c2a2f953e00209e64c09e8e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
a8Fz8wwPI3Bt2XXOqn8DBCBYNXa1pBlC
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:31 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"0976ed06644f8f3abe3bf889307c2e2a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
Y2jTmJSDe6WAmtrpk3XCosJTTR_-lzdIq9YNXn-PaPY66e0_ZgwIWw==
ceres-46.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-46.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78fbbecc0cd29913f645784fe5b553aed48ae94ab8765ffdfc3195fc6cec013c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
v9Sm72CWy8CdWS8yC.QOVY2EuP1Hw7zy
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:32 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"bfbf740140c1cbe5e7ae0b6b7630040a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
HugqqMUvRmpV4kWapIgKusQgr5Jxe1MnAtZfOmdwQugXElSEnIKaHQ==
ceres-4.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		89 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-4.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
373d439a11bb79ed107238ab6a37f5d421086c5ea599c6ea72170e437a66b366

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
.a0iGZkfpCweAZS825R_hZGNHlCOAnI1
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:32 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"8e730e3ff4fb95b367143f6dc410028f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
5IuO6cJf3YVZp9FSrCk5lT6njIQPTN4QJvvBt8CQiR1NmX-Wg3Bs4g==
ceres-17.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-17.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
340bb398e1482f7d9a6c61d4375426bc298afab07c84641c8885a3d8606f29ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
rEpuTd7xovnPvwUslYjkehWBir16wzeV
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:31 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"48f5c4f11da32614b72ef1dc5562b3d8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
-ym9Ajg4hsyqBEVLzVUZ6Rx_pY8SuvrXYj7wzx6sUrPFt4pdv1HeNw==
ceres-28.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-28.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
761c7c61d39481437df5b1a2d3c0cbf10fabdefc3c012a610682ca171faf3962

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
SJudY0ewYR95d3rbvQdVdaG0ZT3pOPbV
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 09:55:32 GMT
server
AmazonS3
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"678fb6ae0b7f2c1421b9429fa28f91c7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
x-amz-cf-id
ITxL7haf7GDp59jR0gZKs3lxO1S4Z3Bc726xVqIQK_S2UTdeI492OA==
ceres-45.min.js
cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/chunks/ceres-45.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e3f783db343668ad6164ec9b0777de26a9cc07837e5b57f40a7b9988ed767ce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-amz-version-id
BpNH9nU3KayODemFKezuymNiSWaemmUY
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
last-modified
Sat, 06 Apr 2024 09:55:32 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
"814d7f984d55974601483cafc8082895"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
906
x-amz-cf-id
KQZqFdqCxHVHMxc0LVMoUuyOPqcOT47t5C8Rc_LyUDMwbLhLFfoU9A==
session
www.retourenportal-sinweaver.com/rest/io/ 		680 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.retourenportal-sinweaver.com/rest/io/session?initialRestCall=true&templateType=home&_=1712609626934
Requested by
Host: cdn02.plentymarkets.com
URL: https://cdn02.plentymarkets.com/vo5o779wlwjz/plugin/1/ceres/js/dist/ceres-checkout.min.js?v=288ee19acf9a3ae70ec4f2ed03a07a399fde9df6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.242.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-242-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c46b92352e7f9fc8cf35c28e2381e33c08e4f7a8594c9a1559084acd781e6f12

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.retourenportal-sinweaver.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:48 GMT
x-plenty-key
be596892c26cd620b493fcd98bb75c0bd61b03c2
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-session-expiration
3600
favicon_1.ico
www.retourenportal-sinweaver.com/tpl/ 		548 B
255 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.retourenportal-sinweaver.com/tpl/favicon_1.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.242.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-242-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.retourenportal-sinweaver.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:53:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ConsentManager function| loadCSS object| App function| __loadPluginChunk object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| Vue object| Vuex undefined| ceresEnv function| ceresTranslate object| ceresStore object| PAYPAL function| loadCashInAdvanceModal object| rootElement object| vueEventHub object| vueApp

4 Cookies

Domain/Path Name / Value
.sandbox.paypal.com/ Name: sc_f_qa
Value: _gnUDBajxEM9UGb7qaYJRWqR4tilclh7ryDbYPA34OfY5B1cKgXxd0_zhm1MFkxZEh0rO8qyH-URj9r5p_LYZtf8egaCDUPwxdnv0G
.sandbox.paypal.com/ Name: UGZUWCKM6F_awXE8WyEURJrBYQG
Value: r8J9m1ccjRsiNZyNVEGolsSws8ZlKznFfOCU1A771FQqKRwUGqJN19Ai7sLyemVL4LPKX8c4qRJuEDnh
.paypal.com/ Name: l7_az
Value: dcg18.slc
.retourenportal-sinweaver.com/ Name: plentyID1
Value: eyJpdiI6Im9rMWVWZ0Y1YmFHWnk0bUJiUUd2NFE9PSIsInZhbHVlIjoiRFp1Tm9mRkVyQ3RibVc5Z1RBVzdpdWFXRytlc0RRWFFzU1ZERlRhWU15OU1FSHhhOG12TnErQ2VoUnJtbVFKQyIsIm1hYyI6IjZlNTRiZjk0NmZjYWVlZmNlNjhlZmQxZjhiOGM2NTFjMTI0ZGJlMDRlNDFlNDE0OTFlYTQxZjhhMWViYTZlZTUiLCJ0YWciOiIifQ%3D%3D

5 Console Messages

Source Level URL
Text
network error URL: https://www.retourenportal-sinweaver.com/tpl/favicon_1.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.retourenportal-sinweaver.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.retourenportal-sinweaver.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.retourenportal-sinweaver.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.retourenportal-sinweaver.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.plentymarkets-cloud-de.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c.sandbox.paypal.com
cdn01.plentymarkets.com
cdn02.plentymarkets.com
lhr.stats.paypal.com
retourenportal-sinweaver.com
www.retourenportal-sinweaver.com
151.101.1.21
151.101.129.21
18.173.154.65
18.173.187.32
18.197.242.185
192.229.221.25
3.67.203.118
34.147.177.40
25b2cd9911e66c9ddbf617979df54a9ddaae407337b0348e0e9631e1d6738869
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
340bb398e1482f7d9a6c61d4375426bc298afab07c84641c8885a3d8606f29ac
373d439a11bb79ed107238ab6a37f5d421086c5ea599c6ea72170e437a66b366
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
488250f886fcca7539fcb521c3823c5caa9a621fce9e50d0388cfb3140315898
4e3f783db343668ad6164ec9b0777de26a9cc07837e5b57f40a7b9988ed767ce
5227633ce29d12aa96ccadaeb62dc70c882626fb5167852209e9c1fcac46db8c
599e6b4cb4f564d7690e18c2684d3903802e70b473d319bb45676f016cdb7d3f
607240d8f7f31126889278658216755c987ccad49cee58c27884db324c5144f7
60b69ffd28ac9527201510f701ace28f414f82ba48c5740bc7aee0d30c1e4283
65fb230ac186e08d9c2790d41459a04faaffa59c30576127c45efc2f799a7866
70585734e304f3323fa33ef2dcf4aa503cec1c188803b86f4eb42f8760bba05f
72a66adbe59c9a3fe563d5df9241d8d1fb3db97aeee948a7d673167c3538cb19
761c7c61d39481437df5b1a2d3c0cbf10fabdefc3c012a610682ca171faf3962
78fbbecc0cd29913f645784fe5b553aed48ae94ab8765ffdfc3195fc6cec013c
7b184638a67e38e8356366f3d30ba34ee115742d2040365f2982431b6a474eb3
805a40d82b4b4a9ae9c22f3443e39dc64011880fa59d2c490c3f0588d94d1282
89123c20bf3c83a936f5426aab7f9cd2b6153bee29343fcfd2b6a5d85f4236f4
c1bb604668b0abacf5a7025ab14965c4047e903a7082a5100b2e405e5abdf1e5
c46b92352e7f9fc8cf35c28e2381e33c08e4f7a8594c9a1559084acd781e6f12
d4265ded54d3466d4b19b46a0643b2d8b7a54582b99ae6290947b5296a3f79d2
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d8177f04299b4edf7ce135bf5f31ea23c60db04e109bb96d103742af3daa9a45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72541d7bba89ce16c512a141521bfa06b027a6f4463d4bb33d9ebc8fb27ee63
e8eb60a8c27d7a43f1d2e3278e1f1e7ad0b5a0695c2a2f953e00209e64c09e8e
eece6a981f98b3a6337e2eeebb34ea3c0863b0fea1bd4d2ed39a00e191b3b667
fd6136cead68f0c331475d27b2ab8928c3a08c7aebe9a5449158a5d3780a9a89