Submitted URL: http://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1=
Effective URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Submission: On December 13 via manual from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 13 HTTP transactions. The main IP is 45.156.91.34, located in Germany and belongs to abuntis Abuntis Verwaltungs GmbH, DE. The main domain is de1641.deinesparangebote.de.
TLS certificate: Issued by R11 on November 25th 2024. Valid for: 3 months.
This is the only time de1641.deinesparangebote.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.78.74.19 396982 (GOOGLE-CL...)
1 1 104.199.34.244 396982 (GOOGLE-CL...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 8 45.156.91.34 211823 (abuntis A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.158.79.89 16509 (AMAZON-02)
1 157.240.253.1 32934 (FACEBOOK)
13 6
Apex Domain
Subdomains
Transfer
7 deinesparangebote.de
de1641.deinesparangebote.de
746 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
35 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
12 KB
1 trckde01.de
trckde01.de
805 B
1 sbbq3otrk.com
www.sbbq3otrk.com
710 B
1 homerchandising.com
homerchandising.com
752 B
1 throughfares.com
throughfares.com
261 B
13 9
Domain Requested by
7 de1641.deinesparangebote.de de1641.deinesparangebote.de
2 meine.pixelweiche.de de1641.deinesparangebote.de
meine.pixelweiche.de
1 connect.facebook.net de1641.deinesparangebote.de
1 ajax.googleapis.com de1641.deinesparangebote.de
1 use.fontawesome.com de1641.deinesparangebote.de
1 fonts.googleapis.com de1641.deinesparangebote.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
1 homerchandising.com 1 redirects
1 throughfares.com 1 redirects
13 10
Subject Issuer Validity Valid
*.deinesparangebote.de
R11
2024-11-25 -
2025-02-23
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
use.fontawesome.com
WE1
2024-11-07 -
2025-02-06
3 months crt.sh
coyote.pixel-weiche.de
R10
2024-10-27 -
2025-01-25
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-22 -
2024-12-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Frame ID: 9E4F3E258B9BE2F34C2215DD264FB422
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Lidl Geschenkkarte Gewinnen!

Page URL History Show full URLs

  1. http://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1= HTTP 307
    https://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1= HTTP 302
    https://homerchandising.com/?a=6518&oc=20987&c=56128&m=3&s1=&ckmguid=713e5825-cab1-426b-b855-afab4672281d HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=6518&sub2=fbid&sub3=383863549 HTTP 302
    https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_651... HTTP 302
    https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

6
IPs

3
Countries

856 kB
Transfer

1474 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1= HTTP 307
    https://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1= HTTP 302
    https://homerchandising.com/?a=6518&oc=20987&c=56128&m=3&s1=&ckmguid=713e5825-cab1-426b-b855-afab4672281d HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=6518&sub2=fbid&sub3=383863549 HTTP 302
    https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_6518&subIdentifier=e7112b555e3f47c58b274fd13a04c201_fbid HTTP 302
    https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request campaign_1641.html
de1641.deinesparangebote.de/
Redirect Chain
  • http://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1=
  • https://throughfares.com/?a=6518&oc=20987&c=56128&m=3&s1=
  • https://homerchandising.com/?a=6518&oc=20987&c=56128&m=3&s1=&ckmguid=713e5825-cab1-426b-b855-afab4672281d
  • https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=6518&sub2=fbid&sub3=383863549
  • https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_6518&subIdentifier=e7112b555e3f47c58b274fd13a04c201_fbid
  • https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
171 KB
38 KB
Document
General
Full URL
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a3a0a48dd1d1150c93a6d4832fcd77de5b3421c06738b0be05867e652d1fa305

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
38387
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Dec 2024 05:53:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Dec 2024 05:53:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
cpa_style.css
de1641.deinesparangebote.de/media/adresseManager/microSiteFiles/1641/
248 KB
39 KB
Stylesheet
General
Full URL
https://de1641.deinesparangebote.de/media/adresseManager/microSiteFiles/1641/cpa_style.css
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

Content-Encoding
gzip
ETag
"3e0cd-61623ab284fa0-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40035
Keep-Alive
timeout=5, max=99
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Vary
Accept-Encoding
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/css
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af927f797635cda4db3167e24491d6eabb585f013b16e5b9dfeb980a78b51577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 05:53:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:53:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 04:09:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.5.0/css/
50 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://de1641.deinesparangebote.de
Referer
https://de1641.deinesparangebote.de/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
age
1368809
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMYYneRz3Vbww%2FdGZRMWYnQeNV8SAMlmZ9MWsyJJB1wHLn0z55j50Cb8KI%2Fl3UexrXsAqZAyxNKuRZzB7CqzKgJlf6tFX8LLJuLXdijNc39Ju972lzHGKzOPeoytKC4Nc9GANVu2drOnvumO6iEkaUbW"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6560&min_rtt=6240&rtt_var=1202&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2309&delivery_rate=612370&cwnd=253&unsent_bytes=0&cid=15bd1deea23242d6&ts=25&x=0"
date
Fri, 13 Dec 2024 05:53:20 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f13b174fe2dbb9e-FRA
access-control-allow-origin
*
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/

Response headers

content-encoding
gzip
age
507685
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 08:51:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 08:51:55 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33951
x-xss-protection
0
server
sffe
freeheader.png
de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/
3 KB
3 KB
Image
General
Full URL
https://de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/freeheader.png
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b03aad60802ac7854a522fcd8efe05739e585c6d04727b0b120f16e868b55db4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

ETag
"b09-61623ab284fa0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2825
Keep-Alive
timeout=5, max=100
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
fr.png
de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/
4 KB
5 KB
Image
General
Full URL
https://de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/fr.png
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e87de448fe0489a66cce3d6dccaee65333ef8ca856b171deb8036aaedffd3727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

ETag
"11d6-61623ab284000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4566
Keep-Alive
timeout=5, max=98
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
lidlmv2.jpg
de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/
106 KB
106 KB
Image
General
Full URL
https://de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/lidlmv2.jpg
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
080826557af53d6ba1b6329581b4e6244fa0cbd88d2ab4bc48b540739e1bdb5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

ETag
"1a626-6165c71fb8f3a"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
108070
Keep-Alive
timeout=5, max=99
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Thu, 18 Apr 2024 10:29:25 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
script.js
meine.pixelweiche.de/
964 B
1 KB
Script
General
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/

Response headers

ETag
"3c4-5581a7e5699e1;6256c3cc94652"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
964
Keep-Alive
timeout=5, max=100
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Content-Type
text/javascript
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-V0YVgEBo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 13 Dec 2024 05:53:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-V0YVgEBo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4484, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
hsTLbdiLjfdH2WPrpA1yt/PU+SkCRlJUV8IbPKWgZO4yvwpVec/adXaolrtUNxxTeTd9webWfpHHaRgY5wIQRQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
lidlbg1.jpg
de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/
483 KB
483 KB
Image
General
Full URL
https://de1641.deinesparangebote.de/media/adresseManager/microSiteImg/1641/lidlbg1.jpg
Requested by
Host: de1641.deinesparangebote.de
URL: https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
171fd1f5f97ecadcd56fb7cde242590f992886f1423da3070b9e447c3d1eb4b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

ETag
"78cbc-61623da285b1d"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
494780
Keep-Alive
timeout=5, max=97
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Mon, 15 Apr 2024 14:58:20 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
script.js
meine.pixelweiche.de/tg/
0
485 B
XHR
General
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Connection
Keep-Alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Keep-Alive
timeout=5, max=100
Date
Fri, 13 Dec 2024 05:53:20 GMT
Content-Type
application/javascript
X-Powered-By
PHP/5.6.30
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
favicon.ico
de1641.deinesparangebote.de/
72 KB
72 KB
Other
General
Full URL
https://de1641.deinesparangebote.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://de1641.deinesparangebote.de/campaign_1641.html?coyoteAffiliTokenId=89280219&

Response headers

ETag
"11e46-5e822ffd79f32"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
73286
Keep-Alive
timeout=5, max=96
Date
Fri, 13 Dec 2024 05:53:20 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.41 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw

8 Cookies

Domain/Path Name / Value
.homerchandising.com/ Name: st
Value: 8bADtdIv3NRyUryfDhStYBmXtvHv2E+vFkwB/93LJxBHEgJlegie2A==
.homerchandising.com/ Name: tib
Value: ZaKF4BT4OTuqEhN/QKzInhmXtvHv2E+vFkwB/93LJxBHEgJlegie2A==
.homerchandising.com/ Name: c20935
Value: 8bADtdIv3NQlVLSB3Sy5F96dM7TL1rNBGv5t50FsfVhvpAkzqkNoOA==
www.sbbq3otrk.com/ Name: uniqueClick_2CGLJ45
Value: 92ebdf60-2a9b-419b-b9c2-1299e41222e8:1734069199
www.sbbq3otrk.com/ Name: transaction_id
Value: e7112b555e3f47c58b274fd13a04c201
trckde01.de/ Name: PHPSESSID
Value: etqq1j1n45ufgnvnb1g07126qi
de1641.deinesparangebote.de/ Name: PHPSESSID
Value: 92ant2v8uu8aq29ufjqk3k22ci
de1641.deinesparangebote.de/ Name: coyoteAffiliTokenId1641
Value: 89280219