urlscan.io logo urlscan.io
SecurityTrails logo

account.rewe.de Open in urlscan Pro
2606:4700::6810:4109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://epost.rewe.de/go/kov63armhbq2sbkq0d91cr279h3jwnpgtcdcgogg06kf/25204
Effective URL: https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Submission: On December 09 via manual from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700::6810:4109, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.rewe.de. The Cisco Umbrella rank of the primary domain is 220472.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.
This is the only time account.rewe.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.35.36.168 8422 (NETCOLOGN...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
2 104.16.64.9 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
8 5
1    78.35.36.168 (Cologne, Germany)

ASN8422 (NETCOLOGNE NetCologne Gesellschaft fur Telekommunikation mbH, DE)
PTR: nr293.elaine-asp.de
epost.rewe.de
2    2606:4700::6810:4109 (United States)

ASN13335 (CLOUDFLARENET, US)
account.rewe.de
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
2    104.16.64.9 (None, )

ASN13335 (CLOUDFLARENET, US)
account.rewe.de
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 rewe.de
epost.rewe.de — Cisco Umbrella Rank: 809564
account.rewe.de — Cisco Umbrella Rank: 220472
410 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
8 2
Domain Requested by
4 account.rewe.de account.rewe.de
2 challenges.cloudflare.com account.rewe.de
challenges.cloudflare.com
1 epost.rewe.de 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
rewe.de
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Frame ID: D39C5245FBDEB3CD91AC6F198377C2AB
Requests: 11 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/h0fgn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: B6839386F20861BAF1F3411A3CC03AAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://epost.rewe.de/go/kov63armhbq2sbkq0d91cr279h3jwnpgtcdcgogg06kf/25204 HTTP 302
    https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de... Page URL

Page Statistics

8
Requests

75 %
HTTPS

20 %
IPv6

2
Domains

3
Subdomains

5
IPs

3
Countries

586 kB
Transfer

841 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://epost.rewe.de/go/kov63armhbq2sbkq0d91cr279h3jwnpgtcdcgogg06kf/25204 HTTP 302
    https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reset-credentials
account.rewe.de/realms/sso/login-actions/
Redirect Chain
  • https://epost.rewe.de/go/kov63armhbq2sbkq0d91cr279h3jwnpgtcdcgogg06kf/25204
  • https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
252 KB
181 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c5d0c6cdf10748eee12ec44c6b624d70cd6e83a1204c7a83f2b3aaf69405d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
org52dReJ3l/lnWXDAGsF8uJVIolmPAlVWEKnzSlPL05IrUwK3wjp3gHA207Gxm6381lEaO/ovv/TodW5lsGq0wKCqf6ShIV4xzG9d6gs1nSbakOCksLZfMNPsv8CAdne1mjBEzfeVSXVreNsOYIiA==$8PUaMmFLLC0YQtSm+LWp/g==
cf-mitigated
challenge
cf-ray
8ef4cbf5dcf965b8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 09 Dec 2024 11:53:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate max-age=0, must-revalidate, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Dec 2024 11:53:47 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT Mon, 09 Dec 2024 11:53:47 GMT
Location
https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
pragma
no-cache
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df71d8a906ddc49b98f67b2e6edcd5d24daffad8b5351d28ec1e817cd942a818

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4efdcf87ec97d5e45303c25a13d8aa844de707fd560fa2d6fa474a4cc5a6702d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://account.rewe.de
Referer

Response headers

Content-Type
font/woff
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
add667c08419a02504872e314c8e41393cb78a1c3de63b98debdc2d8eb1385d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://account.rewe.de
Referer

Response headers

Content-Type
font/woff
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8919b4e6880ad556ddca89d887c903eb90f4ef7069e98f23181185074f9a2c40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
v1
account.rewe.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.rewe.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8ef4cbf5dcf965b8
Requested by
Host: account.rewe.de
URL: https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec194bce0147aeb0ac0c540d26581513f2d6bff35b686717069bc3a7614ff81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom&__cf_chl_rt_tk=ByVN1Ht7Z.0oL2fPEdDpnQBg_tBHBOBuCazXXmWX0lY-1733745227-1.0.1.1-2KKrDz2XLSx5S_zgnKNWt0RNXgk08.7oZDtM6.E_MCU

Response headers

strict-transport-security
max-age=15552000
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
cf-ray
8ef4cbf66d4e65b8-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 09 Dec 2024 11:53:47 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
truncated
/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e793ee6074a07fab6d7cd1c5ce60e7406b3379901f970953ba8f2da5f511610

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://account.rewe.de
Referer

Response headers

Content-Type
font/woff
truncated
/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6b2e24fbfab1df445c5c028e25ccfbef91f8105df68b6fdf215128732bc8d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://account.rewe.de
Referer

Response headers

Content-Type
font/woff
76dda606-d7ca-4d8d-b7dd-a1fefe7a674d
https://account.rewe.de/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by
Host: account.rewe.de
URL: https://account.rewe.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8ef4cbf5dcf965b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://account.rewe.de
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8ef4cbf6beb61941-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 09 Dec 2024 11:53:47 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
account.rewe.de/ 		252 KB
181 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.rewe.de/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.64.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f0ad728419d7560b6c1cb1bcdbf428acad52d61c6677a961641c9b0fd1231c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Mon, 09 Dec 2024 11:53:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
9wgUwZhTDpeNk8GLPuKc1boXhZpUTN9cBj52AB9lH/32Jz83NXONBVpClX0l8AJuFtmnONG28x7wgtTBRcpaGSB4Cel3kqRzrgC9NG/9E0PeKnmiAUY2uUpYARLQWakE0pyNvkcvCTIe/zAyivAOiA==$oxuLOD6oZagpDd1ZpYMZQQ==
strict-transport-security
max-age=15552000
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8ef4cbf6dbabd22f-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
SYBZrRRVcaPzGzZkVAaMTVAwsctLHWzgpyZq7ZD9Sss-1733745227-1.2.1.1-Inmwk.FldEK_FHsdxL5mnBuJXddUyOh0FvH2aPjN4YfUQtPhbx1j0i_P.PsvuZbI
account.rewe.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1098934314:1733530469:9FiZgJu0gf9w0o9LjKYgbDf6gOIISNa9XHHctunrTXw/8ef4cbf5dcf965b8/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.rewe.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1098934314:1733530469:9FiZgJu0gf9w0o9LjKYgbDf6gOIISNa9XHHctunrTXw/8ef4cbf5dcf965b8/SYBZrRRVcaPzGzZkVAaMTVAwsctLHWzgpyZq7ZD9Sss-1733745227-1.2.1.1-Inmwk.FldEK_FHsdxL5mnBuJXddUyOh0FvH2aPjN4YfUQtPhbx1j0i_P.PsvuZbI
Requested by
Host: account.rewe.de
URL: https://account.rewe.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8ef4cbf5dcf965b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.64.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d945a397dad1e0d9fd1f2aa9b18bab1ea5adb88cf59cd9fa2d24a552c1763f07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
SYBZrRRVcaPzGzZkVAaMTVAwsctLHWzgpyZq7ZD9Sss-1733745227-1.2.1.1-Inmwk.FldEK_FHsdxL5mnBuJXddUyOh0FvH2aPjN4YfUQtPhbx1j0i_P.PsvuZbI

Response headers

strict-transport-security
max-age=15552000
content-encoding
br
cf-ray
8ef4cbf74ca2d22f-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 09 Dec 2024 11:53:47 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
kTkpKl9m/6GRwqpdmTjqAG+BK+CQIVXLVhw0hnlnyLkyJ9RVqN6Wnwz6vNtdtfZNVYU2wCtsAiE=$/20qO00fXWTObA4G
server
cloudflare
priority
u=1,i
fe247d8e-df06-4e25-839e-589f7ff71e65
https://account.rewe.de/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/h0fgn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame B683 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/h0fgn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ef4cbf78b0718bd-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 09 Dec 2024 11:53:47 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account.rewe.de
URL
blob:https://account.rewe.de/76dda606-d7ca-4d8d-b7dd-a1fefe7a674d
Domain
account.rewe.de
URL
blob:https://account.rewe.de/fe247d8e-df06-4e25-839e-589f7ff71e65

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| INuv4 function| jWrr7 function| nWsSX2 function| fjGVd3 boolean| xAqqm6 function| spwE7 function| huBu8 function| HCGH4 function| roxIF0 object| uBNhi5 object| vEte4 object| ZUPr1 number| OCenw1 object| angular object| hfdFG3 object| turnstile boolean| RtWm0 function| _ string| DSJv8 boolean| aumSQ3

2 Cookies

Domain/Path Name / Value
epost.rewe.de/ Name: PHPSESSID
Value: nbo3g839u3v2qt16rrfrimm92t
.rewe.de/ Name: __cf_bm
Value: G3FFhGcv4xeGeBAtaLRtbflN560_2m0djRYI.xxV1Bs-1733745227-1.0.1.1-KkW.69f.zCvWqGXTxJmUbcR5CIXwOMUABwEL9ibBb0SXyd1RuzLFq2vSF7qziSpYWQZW4WROigBvTaCajUAxww

2 Console Messages

Source Level URL
Text
network error URL: https://account.rewe.de/realms/sso/login-actions/reset-credentials?redirect_uri=https://shop.rewe.de&client_id=ecom
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://account.rewe.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN