www.saturn.de Open in urlscan Pro
2606:4700:90:0:5225:7758:bd6:b326 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitolonel.com/
Effective URL:
https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT...
Submission: On January 27 via api (January 27th 2022, 4:24:24 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:90:0:5225:7758:bd6:b326, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.saturn.de. The Cisco Umbrella rank of the primary domain is 69721.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 28th 2021. Valid for: a year.

This is the only time www.saturn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.237.90 212.32.237.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	104.206.252.90 104.206.252.90	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3036::ac43:872c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	137.74.127.188 137.74.127.188	16276 (OVH) (OVH)
7	2606:4700:90:... 2606:4700:90:0:5225:7758:bd6:b326	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	7

2 212.32.237.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

capitolonel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.206.252.90 (New York, United States) 1 redirects

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US)
PTR: 90-252-206-104.staticrdns.eonix.net

4773.booknower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:872c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utkv6nyu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.127.188 (France) 1 redirects

ASN16276 (OVH, FR)

pvn.saturn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:90:0:5225:7758:bd6:b326 (United States)

ASN13335 (CLOUDFLARENET, US)

www.saturn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 8784 newassets.hcaptcha.com — Cisco Umbrella Rank: 10462	940 KB
8	saturn.de 1 redirects pvn.saturn.de — Cisco Umbrella Rank: 478014 www.saturn.de — Cisco Umbrella Rank: 69721	105 KB
2	lookandfind.me lookandfind.me	1 KB
2	booknower.com 1 redirects 4773.booknower.com	2 KB
2	capitolonel.com 1 redirects capitolonel.com	1 KB
1	utkv6nyu.de 1 redirects utkv6nyu.de — Cisco Umbrella Rank: 776220	862 B
1	clever-redirect.com 1 redirects clever-redirect.com	238 B
27	7

	Domain	Requested by
10	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
7	www.saturn.de	lookandfind.me www.saturn.de
5	hcaptcha.com	www.saturn.de newassets.hcaptcha.com
2	lookandfind.me	capitolonel.com
2	4773.booknower.com	1 redirects capitolonel.com
2	capitolonel.com	1 redirects
1	pvn.saturn.de	1 redirects
1	utkv6nyu.de	1 redirects
1	clever-redirect.com	1 redirects
27	9

This site contains no links.

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
*.saturn.de GlobalSign RSA OV SSL CA 2018	`2021-10-28` - `2022-11-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
Frame ID: 51B6E9A3BFE4F68270056810E5A4EC02
Requests: 14 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
Frame ID: 6683C6EFFD8F7B3556E3C1177A9E3299
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html
Frame ID: EF514ED31E7B4386FF7A0A406F190BC9
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
Frame ID: D6FD68E423066ACC556F54D88DBF583F
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html
Frame ID: A8011077AA643E4F3FD018A4AEA5BF06
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Saturn

Page URL History Show full URLs

http://capitolonel.com/ Page URL
http://capitolonel.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MzI... HTTP 302
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13... Page URL
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13... HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-capitolonel.com HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8b3f0728f5b8db6267ff80821... HTTP 302
https://pvn.saturn.de/trck/eclick/0163480d5eb5b5fad24f26db95f0b13a?subid=at107999_a125254_m12_p134... HTTP 301
https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a12... Page URL

Detected technologies

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

27
Requests

89 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

7
IPs

5
Countries

1047 kB
Transfer

2852 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitolonel.com/ Page URL
http://capitolonel.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MzI2NDY1NywiaWF0IjoxNjQzMjU3NDU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjcwYnNzNXQzMTIxc29zM2MwazhmcWMiLCJuYmYiOjE2NDMyNTc0NTcsInRzIjoxNjQzMjU3NDU3NTE4NTIxfQ.xhWTC3GYYf4RXRoTswD5VnFlg4PmG86UtT1gtB3Ko9k&sid=fdcb0924-7f28-11ec-bf15-1dc042901838 HTTP 302
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed Page URL
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ== HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-capitolonel.com HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8b3f0728f5b8db6267ff808210ea9388%26url%3Dhttps%253A%252F%252Fwww.saturn.de%252F&h=c992821d91181397d0ff2b88e9f38caa Page URL
https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8b3f0728f5b8db6267ff808210ea9388&url=https%3A%2F%2Fwww.saturn.de%2F HTTP 302
https://pvn.saturn.de/trck/eclick/0163480d5eb5b5fad24f26db95f0b13a?subid=at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&url=https%3A%2F%2Fwww.saturn.de%2F%3Frbtc%3Daff%7Ccon%7C%24ref%24%7C%7C%7C%7C HTTP 301
https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$|||| Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://capitolonel.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MzI2NDY1NywiaWF0IjoxNjQzMjU3NDU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjcwYnNzNXQzMTIxc29zM2MwazhmcWMiLCJuYmYiOjE2NDMyNTc0NTcsInRzIjoxNjQzMjU3NDU3NTE4NTIxfQ.xhWTC3GYYf4RXRoTswD5VnFlg4PmG86UtT1gtB3Ko9k&sid=fdcb0924-7f28-11ec-bf15-1dc042901838 HTTP 302
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed

Request Chain 2

http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ== HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-capitolonel.com HTTP 302
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf

27 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
capitolonel.com/ 471 B
830 B 84ms
56ms Document
text/html 212.32.237.90
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolonel.com/
Protocol: HTTP/1.1
Server: 212.32.237.90 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 471
content-type: text/html; charset=utf-8
date: Thu, 27 Jan 2022 04:24:16 GMT
server: nginx

GET
H/1.1

200
OK

feed Show response
4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/
Redirect Chain

http://capitolonel.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MzI2NDY1NywiaWF0IjoxNjQzMjU3NDU3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjcwYnNzNXQzMTIxc29zM2Mwazhmc...
http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed

3 KB
2 KB

238ms
134ms

Document
text/html

104.206.252.90
EONIX-COMMUNICATI...

General

Check archive.org

Show headers Download Go to

Full URL: http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed
Requested by: Host: capitolonel.com
URL: http://capitolonel.com/
Protocol: HTTP/1.1
Server: 104.206.252.90 New York, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS: 90-252-206-104.staticrdns.eonix.net
Software: nginx/1.14.2 /
Resource Hash: 3642cf3f0db97e5d53929975b7e7bf11c071440b96b90c1267dddd2582a43b91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://capitolonel.com/

Response headers

Server: nginx/1.14.2
Date: Thu, 27 Jan 2022 04:24:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 27 Jan 2022 04:24:18 GMT
location: http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed
server: nginx

GET
H2

200

a Show response
lookandfind.me/s/
Redirect Chain

http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==
https://clever-redirect.com/s/r6?s=822615&s3=apix07-capitolonel.com
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf

427 B
791 B

45ms
22ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf
Requested by: Host: capitolonel.com
URL: http://capitolonel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 9f18d50cc6c314592f6b5b82e8cf83710f961e278b922dbe7c8be70e8d710f86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://4773.booknower.com/match-4773/67091/25569535/1643257458/mf_185a7bf1-b8bf-413f-9da4-ba4af7f1cc13/YXBpeDA3LWNhcGl0b2xvbmVsLmNvbQ==/feed

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 427
content-type: text/html; charset=UTF-8
date: Thu, 27 Jan 2022 04:24:19 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 27 Jan 2022 04:24:19 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r Show response
lookandfind.me/s/ 343 B
373 B 14ms
14ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8b3f0728f5b8db6267ff808210ea9388%26url%3Dhttps%253A%252F%252Fwww.saturn.de%252F&h=c992821d91181397d0ff2b88e9f38caa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 9bc302d1f6720eb576de46e567ecf6ec1d9339991b024eac0a7504b397b864e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=saturn.de&s1=822615&s2=&s3=apix07-capitolonel.com&s5=cf

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 343
content-type: text/html; charset=UTF-8
date: Thu, 27 Jan 2022 04:24:19 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H2

403

Primary Request / Show response
www.saturn.de/
Redirect Chain

https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=8b3f0728f5b8db6267ff808210ea9388&url=https%3A%2F%2Fwww.saturn.de%2F
https://pvn.saturn.de/trck/eclick/0163480d5eb5b5fad24f26db95f0b13a?subid=at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&url=https%3A%2F%2Fwww.saturn.de%2F%3Frbtc%3Daff%7Ccon%7C%...
https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e73...

14 KB
9 KB

99ms
31ms

Document
text/html

2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||

Requested by

Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8b3f0728f5b8db6267ff808210ea9388%26url%3Dhttps%253A%252F%252Fwww.saturn.de%252F&h=c992821d91181397d0ff2b88e9f38caa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14f45c6c54a0e8f81fb4b05009242766962eb5d087d7d3e7213a99cef914c1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D8b3f0728f5b8db6267ff808210ea9388%26url%3Dhttps%253A%252F%252Fwww.saturn.de%252F&h=c992821d91181397d0ff2b88e9f38caa

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d3f35f52d743743-MXP
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 27 Jan 2022 04:24:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload
X-IPLB-Request-ID: D9409703:AE28_894A7FBC:01BB_61F21E73_386D5B:29E4C
X-IPLB-Instance: 39761

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e6b0d4a8725be833746db1093417bad02c5c94408d1af8536e40e37b772624e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 transparent.gif
www.saturn.de/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
221 B 20ms
20ms Image
image/gif 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.saturn.de/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=6d3f35f52d743743

Requested by

Host: www.saturn.de
URL: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:58:23 GMT
server: cloudflare
etag: "61e8351f-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6d3f35f57e1d3743-MXP
vary: Accept-Encoding
content-length: 42
expires: Thu, 27 Jan 2022 06:24:20 GMT

GET
H2 200 v1 Show response
www.saturn.de/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 40 KB
15 KB 37ms
36ms Script
text/javascript 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saturn.de/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6d3f35f52d743743

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6976d7a04f3fbcaece583c4e635471293ac570b848d44df7376290260d673b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||&__cf_chl_rt_tk=EeUQNQmj4RAEwKyB9ut.Gsc8bDfr6DzQJh866rRdDNM-1643257460-0-gaNycGzNCH0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
content-encoding: br
server: cloudflare
x-we-are-hiring: We appreciate developers that love to explore what goes on under the hood of software. Apply now at https://careers.mediamarktsaturn.com/MediaMarktSaturn!
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=3600
cf-ray: 6d3f35f58e2d3743-MXP

GET
H2 200 transparent.gif
www.saturn.de/cdn-cgi/images/trace/captcha/js/ 42 B
102 B 25ms
25ms Image
image/gif 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.saturn.de/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=6d3f35f52d743743

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||&__cf_chl_rt_tk=EeUQNQmj4RAEwKyB9ut.Gsc8bDfr6DzQJh866rRdDNM-1643257460-0-gaNycGzNCH0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:58:23 GMT
server: cloudflare
etag: "61e8351f-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6d3f35f58e2e3743-MXP
vary: Accept-Encoding
content-length: 42
expires: Thu, 27 Jan 2022 06:24:20 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ 83 KB
27 KB 43ms
15ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Requested by

Host: www.saturn.de
URL: https://www.saturn.de/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6d3f35f52d743743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88aa3cf929b662819d8d97c645e03bec71afe08c3f03de10ce42cad969736f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: W/"7ca4acc37220306a2f029796dea9c45e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA56-P4
cf-ray: 6d3f35f5eed79085-FRA
x-amz-cf-id: F8IHIGExnhqg-jgkohs8yuVyb0M2HllbgOLRvGuGFrSTQsb2kAL0xg==

POST
H2 200 95540df61cfd813 Show response
www.saturn.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8242842909457988:1643256181:0a7cea0cf17e4561cc31b0301d66908e1d2c03dd1ccce1098a0bb38a7c026ee7/6d3f35f52d743743/ 129 KB
67 KB 87ms
87ms XHR
text/plain 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saturn.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8242842909457988:1643256181:0a7cea0cf17e4561cc31b0301d66908e1d2c03dd1ccce1098a0bb38a7c026ee7/6d3f35f52d743743/95540df61cfd813

Requested by

Host: www.saturn.de
URL: https://www.saturn.de/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6d3f35f52d743743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d707c746cddef8cce131c9b60a27936acea57a7325482c770ddcdb64f8bf435

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
CF-Challenge: 95540df61cfd813
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 04:24:20 GMT
content-encoding: br
server: cloudflare
x-we-are-hiring: We appreciate developers that love to explore what goes on under the hood of software. Apply now at https://careers.mediamarktsaturn.com/MediaMarktSaturn!
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=3600
cf-ray: 6d3f35f5ee8c3743-MXP

GET
BLOB 200
OK 69fc1bd0-b465-4208-b69b-11f4abeafee8
https://www.saturn.de/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.saturn.de/69fc1bd0-b465-4208-b69b-11f4abeafee8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

GET
H2 200 66254ec66296088-1643257460150
www.saturn.de/cdn-cgi/challenge-platform/h/b/img/6d3f35f52d743743/2fab545c/ 8 KB
8 KB 35ms
34ms Image
image/png 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.saturn.de/cdn-cgi/challenge-platform/h/b/img/6d3f35f52d743743/2fab545c/66254ec66296088-1643257460150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013e9a5cdc0931e2672b73f44db829e97ba915e3396f9978a4ea30cdf64bd956

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
server: cloudflare
x-we-are-hiring: We appreciate developers that love to explore what goes on under the hood of software. Apply now at https://careers.mediamarktsaturn.com/MediaMarktSaturn!
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
strict-transport-security: max-age=3600
cf-ray: 6d3f35fd7cfa3743-MXP
content-length: 8496

POST
H2 200 95540df61cfd813 Show response
www.saturn.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8242842909457988:1643256181:0a7cea0cf17e4561cc31b0301d66908e1d2c03dd1ccce1098a0bb38a7c026ee7/6d3f35f52d743743/ 6 KB
4 KB 68ms
68ms XHR
text/plain 2606:4700:90:0:5225:7758:bd6:b326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saturn.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8242842909457988:1643256181:0a7cea0cf17e4561cc31b0301d66908e1d2c03dd1ccce1098a0bb38a7c026ee7/6d3f35f52d743743/95540df61cfd813

Requested by

Host: www.saturn.de
URL: https://www.saturn.de/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=6d3f35f52d743743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:5225:7758:bd6:b326 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a8afc7306c2192dde60e5977ad4555f2511f4442542452206db59b9d18190b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff|con|$ref$||||
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
CF-Challenge: 95540df61cfd813
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: br
server: cloudflare
x-we-are-hiring: We appreciate developers that love to explore what goes on under the hood of software. Apply now at https://careers.mediamarktsaturn.com/MediaMarktSaturn!
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=3600
cf-ray: 6d3f35fe6db03743-MXP

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame 6683 2 KB
1 KB 28ms
18ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d181a8dcdabebd2ba2988085394e6bdd34529802a892c0ab32d4ba73ad0d9703

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 6WBPqYaOserdaF04-D2yBS_adnj6mlyv3pJr59RHxEtyW6MG3ZQvDQ==
age: 49478
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35feecb19085-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame EF51 2 KB
1 KB 32ms
25ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b280a26ac6b47c3fdc078c0c3097499415f7ec8683909a0d6d102f6d6b1c74b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 c9cb74549b807d498500f04e1d4b8c7c.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C2
x-amz-cf-id: evTdJq9Eoi6IedpjMB1EETDKvJx88nb5AdHmAkYaF-yCSkiAFTF7ow==
age: 49478
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35feecb29085-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame D6FD 2 KB
1 KB 20ms
16ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d181a8dcdabebd2ba2988085394e6bdd34529802a892c0ab32d4ba73ad0d9703

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 6WBPqYaOserdaF04-D2yBS_adnj6mlyv3pJr59RHxEtyW6MG3ZQvDQ==
age: 49478
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35feecb39085-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame A801 2 KB
1 KB 19ms
17ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b280a26ac6b47c3fdc078c0c3097499415f7ec8683909a0d6d102f6d6b1c74b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saturn.de/

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 c9cb74549b807d498500f04e1d4b8c7c.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C2
x-amz-cf-id: evTdJq9Eoi6IedpjMB1EETDKvJx88nb5AdHmAkYaF-yCSkiAFTF7ow==
age: 49478
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35feecb49085-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame D6FD 206 KB
60 KB 16ms
15ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fad6b8d5ecbc1f1f11ea43fda54d04399c9db629b1a7bacb9e75ed1b54ec0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49478
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60694
access-control-allow-origin: *
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: "dae9ae1940ea522734b9a5d85a29e652"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6d3f35ff2cd99085-FRA
x-amz-cf-id: du2ezJgQYELvceoWSoquTFL5k54fqZItFRAQyoiQjhZdCfXeBkWRqQ==

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame A801 151 KB
47 KB 13ms
13ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c32a316f43de160fff53eaddb9e091c0134baf0b08a33eb892a14738feb0f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49477
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47889
access-control-allow-origin: *
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: "11343af7a1d39e82cf96116282c15a36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 2a02ac7e0927ff4d681c73fb791a7754.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: HIO50-C2
accept-ranges: bytes
cf-ray: 6d3f35ff2cdb9085-FRA
x-amz-cf-id: hOPfyaI74asG0iIirc2Fr8QfUyIe6PgAjTqnar1KRFShhOItPS1CkA==

GET
H2 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame 6683 206 KB
59 KB 20ms
20ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fad6b8d5ecbc1f1f11ea43fda54d04399c9db629b1a7bacb9e75ed1b54ec0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49478
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60694
access-control-allow-origin: *
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: "dae9ae1940ea522734b9a5d85a29e652"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 6d3f35ff2cdc9085-FRA
x-amz-cf-id: du2ezJgQYELvceoWSoquTFL5k54fqZItFRAQyoiQjhZdCfXeBkWRqQ==

GET
H2 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame EF51 151 KB
47 KB 19ms
19ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c32a316f43de160fff53eaddb9e091c0134baf0b08a33eb892a14738feb0f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49477
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47889
access-control-allow-origin: *
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: "11343af7a1d39e82cf96116282c15a36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 2a02ac7e0927ff4d681c73fb791a7754.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: HIO50-C2
accept-ranges: bytes
cf-ray: 6d3f35ff2cdd9085-FRA
x-amz-cf-id: hOPfyaI74asG0iIirc2Fr8QfUyIe6PgAjTqnar1KRFShhOItPS1CkA==

GET
DATA 200
OK truncated
/ Frame A801 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame A801 508 B
892 B 37ms
37ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=44fc726&host=www.saturn.de&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d508c9632d56b34772505670189efdae0a0177b897d5f7cdc7afae65763adf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6d3f35ffa8c891d1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 23ms
12ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=44fc726&host=www.saturn.de&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35ff8a0e914c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame EF51 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame EF51 508 B
854 B 46ms
45ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=44fc726&host=www.saturn.de&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f090d2a2525c3f24f54dfbd8fe1e9203eb417176f1b1a964dc3e0080247bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6d3f35fff91f91d1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 13ms
12ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=44fc726&host=www.saturn.de&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d3f35ffda7a914c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/df4a52f7/ Frame D6FD 919 KB
347 KB 17ms
17ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/df4a52f7/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26143
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 21:03:07 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
cf-ray: 6d3f35ffe90d91d1-FRA
x-amz-cf-id: zdN2EJtQ7f5Bn6dt4jTOtagZD_7Ky7LDs-XI8PdFai4I0XRpn3Jz0w==

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/df4a52f7/ Frame 6683 919 KB
347 KB 17ms
17ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/df4a52f7/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/44fc726/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:24:21 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26143
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 21:03:07 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: FRA50-C1
cf-ray: 6d3f360069a391d1-FRA
x-amz-cf-id: zdN2EJtQ7f5Bn6dt4jTOtagZD_7Ky7LDs-XI8PdFai4I0XRpn3Jz0w==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.saturn.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8242842909457988:1643256181:0a7cea0cf17e4561cc31b0301d66908e1d2c03dd1ccce1098a0bb38a7c026ee7/6d3f35f52d743743	1969-12-31 23:59:59	Name: cf_chl_seq_95540df61cfd813 Value: e286c366eb410a7
.capitolonel.com/	1970-02-13 20:59:01	Name: sid Value: fdcb0924-7f28-11ec-bf15-1dc042901838
lookandfind.me/	1970-01-20 00:29:03	Name: fa931ecc535d16cde6503dca609b3821 Value: b3abecedd16c491229b24914994a89c1815195fd5311f8e30e5342e95fe392f6a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fa931ecc535d16cde6503dca609b3821%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
utkv6nyu.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: h7jacvoiotp8fvoul79n5jmbn1
.saturn.de/	1969-12-31 23:59:59	Name: session_trs Value: 61f21e739362e03765169118
.saturn.de/	1970-01-20 09:13:13	Name: trs Value: 61f21e739362e03765169118
.pvn.saturn.de/	1970-01-20 09:13:13	Name: trscj Value: MTY0MzI1NzQ1OXxMM1J5WTJzdlpXTnNhV05yTHpBeE5qTTBPREJrTldWaU5XSTFabUZrTWpSbU1qWmtZamsxWmpCaU1UTmhQM04xWW1sa1BXRjBNVEEzT1RrNVgyRXhNalV5TlRSZmJURXlYM0F4TXpRM01EaGZZMGxVWDNNNFlqTm1NRGN5T0dZMVlqaGtZall5TmpkbVpqZ3dPREl4TUdWaE9UTTRPQ1oxY213OWFIUjBjSE1sTTBFbE1rWWxNa1ozZDNjdWMyRjBkWEp1TG1SbEpUSkdKVE5HY21KMFl5VXpSR0ZtWmlVM1EyTnZiaVUzUXlVeU5ISmxaaVV5TkNVM1F5VTNReVUzUXlVM1F3PT18YUhSMGNITTZMeTlzYjI5cllXNWtabWx1WkM1dFpTOD0%3D
.saturn.de/	1970-01-20 00:27:39	Name: __cf_bm Value: T314n8Reb0y95tPFftpV3vbTrkpyWBrvP2RYk.MfIXQ-1643257460-0-ATuKVN+QN6ytCF6NnROkTJAA8p5Sj6CUzLI4CzGEopLLZBmxnBEUiKYYb6fcCVjxuP2NMpfB4HuLXe0Y/AlfmA2ZBVIUfBijvztJ465Yqw7p
www.saturn.de/	1970-01-20 00:27:41	Name: cf_chl_prog Value: b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.saturn.de/?utm_source=easymarketing&utm_medium=aff-content&utm_term=50287-at107999_a125254_m12_p134708_cIT_s8b3f0728f5b8db6267ff808210ea9388&utm_campaign=AFF_Startseite-AO&emid=61f21e739362e03765169119&rbtc=aff\|con\|$ref$\|\|\|\| Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773.booknower.com
capitolonel.com
clever-redirect.com
hcaptcha.com
lookandfind.me
newassets.hcaptcha.com
pvn.saturn.de
utkv6nyu.de
www.saturn.de
104.16.168.131
104.16.169.131
104.206.252.90
137.74.127.188
157.90.169.168
212.32.237.90
2606:4700:3036::ac43:872c
2606:4700:90:0:5225:7758:bd6:b326
78.46.197.88
013e9a5cdc0931e2672b73f44db829e97ba915e3396f9978a4ea30cdf64bd956
09c32a316f43de160fff53eaddb9e091c0134baf0b08a33eb892a14738feb0f0
1d707c746cddef8cce131c9b60a27936acea57a7325482c770ddcdb64f8bf435
1e6b0d4a8725be833746db1093417bad02c5c94408d1af8536e40e37b772624e
3642cf3f0db97e5d53929975b7e7bf11c071440b96b90c1267dddd2582a43b91
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5d508c9632d56b34772505670189efdae0a0177b897d5f7cdc7afae65763adf0
6976d7a04f3fbcaece583c4e635471293ac570b848d44df7376290260d673b05
7fad6b8d5ecbc1f1f11ea43fda54d04399c9db629b1a7bacb9e75ed1b54ec0c8
88aa3cf929b662819d8d97c645e03bec71afe08c3f03de10ce42cad969736f33
9bc302d1f6720eb576de46e567ecf6ec1d9339991b024eac0a7504b397b864e9
9f18d50cc6c314592f6b5b82e8cf83710f961e278b922dbe7c8be70e8d710f86
a14f45c6c54a0e8f81fb4b05009242766962eb5d087d7d3e7213a99cef914c1b
b280a26ac6b47c3fdc078c0c3097499415f7ec8683909a0d6d102f6d6b1c74b6
b2f090d2a2525c3f24f54dfbd8fe1e9203eb417176f1b1a964dc3e0080247bce
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
d181a8dcdabebd2ba2988085394e6bdd34529802a892c0ab32d4ba73ad0d9703
d2a8afc7306c2192dde60e5977ad4555f2511f4442542452206db59b9d18190b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.saturn.de Open in urlscan Pro 2606:4700:90:0:5225:7758:bd6:b326 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

89 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

7 IPs

5 Countries

1047 kBTransfer

2852 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.saturn.de Open in urlscan Pro
2606:4700:90:0:5225:7758:bd6:b326 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

89 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

7
IPs

5
Countries

1047 kB
Transfer

2852 kB
Size

9
Cookies

27 HTTP transactions
3 data transactions