Submitted URL: https://throughfares.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md
Effective URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Submission: On December 16 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 13 HTTP transactions. The main IP is 45.156.91.34, located in Germany and belongs to abuntis Abuntis Verwaltungs GmbH, DE. The main domain is detmu.deinesparangebote.de.
TLS certificate: Issued by R11 on November 25th 2024. Valid for: 3 months.
This is the only time detmu.deinesparangebote.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.78.74.19 396982 (GOOGLE-CL...)
1 1 104.199.34.244 396982 (GOOGLE-CL...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 8 45.156.91.34 211823 (abuntis A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.158.79.89 16509 (AMAZON-02)
1 157.240.251.9 32934 (FACEBOOK)
13 6
Apex Domain
Subdomains
Transfer
7 deinesparangebote.de
detmu.deinesparangebote.de
1 MB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
35 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
12 KB
1 trckde01.de
trckde01.de
803 B
1 sbbq3otrk.com
www.sbbq3otrk.com
700 B
1 homerchandising.com
homerchandising.com
750 B
1 throughfares.com
throughfares.com
304 B
13 9
Domain Requested by
7 detmu.deinesparangebote.de detmu.deinesparangebote.de
2 meine.pixelweiche.de detmu.deinesparangebote.de
meine.pixelweiche.de
1 connect.facebook.net detmu.deinesparangebote.de
1 ajax.googleapis.com detmu.deinesparangebote.de
1 use.fontawesome.com detmu.deinesparangebote.de
1 fonts.googleapis.com detmu.deinesparangebote.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
1 homerchandising.com 1 redirects
1 throughfares.com 1 redirects
13 10
Subject Issuer Validity Valid
*.deinesparangebote.de
R11
2024-11-25 -
2025-02-23
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
use.fontawesome.com
WE1
2024-11-07 -
2025-02-06
3 months crt.sh
coyote.pixel-weiche.de
R10
2024-10-27 -
2025-01-25
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-24 -
2024-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Frame ID: 12AA43050EED7C6ACEECB0AD61077CD5
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Temu Paletten Gewinnen!

Page URL History Show full URLs

  1. https://throughfares.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md HTTP 302
    https://homerchandising.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md&... HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/Z8QTQX/?sub1=7323&sub2=fbid&sub3=384191356 HTTP 302
    https://trckde01.de/de01,temu,paletten_849.html?idPartner=69&idCampaignAd=0&subId=2184_7323&subI... HTTP 302
    https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

6
IPs

3
Countries

1274 kB
Transfer

1891 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://throughfares.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md HTTP 302
    https://homerchandising.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md&ckmguid=69e97e2e-533c-42f2-893e-3ccd98481de1 HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/Z8QTQX/?sub1=7323&sub2=fbid&sub3=384191356 HTTP 302
    https://trckde01.de/de01,temu,paletten_849.html?idPartner=69&idCampaignAd=0&subId=2184_7323&subIdentifier=c871482a597e4cb5ab24b1e62ff7bbd7_fbid HTTP 302
    https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request campaign_1183.html
detmu.deinesparangebote.de/
Redirect Chain
  • https://throughfares.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md
  • https://homerchandising.com/?a=7323&oc=21356&c=58239&m=3&s1=1000&s2=18576_2&s3=14_109410_11368_41848_md&ckmguid=69e97e2e-533c-42f2-893e-3ccd98481de1
  • https://www.sbbq3otrk.com/4J58SX1/Z8QTQX/?sub1=7323&sub2=fbid&sub3=384191356
  • https://trckde01.de/de01,temu,paletten_849.html?idPartner=69&idCampaignAd=0&subId=2184_7323&subIdentifier=c871482a597e4cb5ab24b1e62ff7bbd7_fbid
  • https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
170 KB
38 KB
Document
General
Full URL
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bdd904f57388dec927bfa6ac05314a181b587583f5e38a6040cb873b5bf352e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
38153
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Dec 2024 09:06:58 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Dec 2024 09:06:58 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
cpa_style.css
detmu.deinesparangebote.de/media/adresseManager/microSiteFiles/1183/
248 KB
39 KB
Stylesheet
General
Full URL
https://detmu.deinesparangebote.de/media/adresseManager/microSiteFiles/1183/cpa_style.css
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

Content-Encoding
gzip
ETag
"3e0cd-6087b57717314-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40035
Keep-Alive
timeout=5, max=99
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Tue, 24 Oct 2023 19:28:21 GMT
Vary
Accept-Encoding
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/css
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af927f797635cda4db3167e24491d6eabb585f013b16e5b9dfeb980a78b51577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 09:06:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 09:06:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 16 Dec 2024 08:13:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.5.0/css/
50 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://detmu.deinesparangebote.de
Referer
https://detmu.deinesparangebote.de/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
age
1096378
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuPv8tAN2BfiLVwOCW%2B%2FKEEmQdvUMIgtKe99qaA9RzixWebKEy6tFLTlDxN9sIWBAHjhPaCws0pPuFZ8WATthvfWp%2F4U5gwmA9zMFSgIVX0r8on8lgjpb8U3063Q%2FDjvCo8dsRz8li%2FjNxqfoJoA8mIG"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6576&min_rtt=6078&rtt_var=1646&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4009&recv_bytes=2340&delivery_rate=510295&cwnd=254&unsent_bytes=0&cid=9da7cee2748201c7&ts=23&x=0"
date
Mon, 16 Dec 2024 09:06:58 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2d853dfbca695b-FRA
access-control-allow-origin
*
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/

Response headers

content-encoding
gzip
age
426
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 08:59:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:59:52 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33951
x-xss-protection
0
server
sffe
logo3.png
detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/
71 KB
71 KB
Image
General
Full URL
https://detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/logo3.png
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7de59ef27fa6ce6758d11426473e991b3b081cc5aa3808a99785865c658e1724

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

ETag
"11c34-6087c2612ce42"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
72756
Keep-Alive
timeout=5, max=100
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Tue, 24 Oct 2023 20:26:07 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
desktop1.png
detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/
686 KB
686 KB
Image
General
Full URL
https://detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/desktop1.png
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
66781ee60baf644e6d0f023d8549d219f362998f03677ff1fa4374a373d8a17d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

ETag
"ab7e1-61a375cfbcd2d"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
702433
Keep-Alive
timeout=5, max=100
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Thu, 06 Jun 2024 11:55:45 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
temumobile.jpg
detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/
129 KB
129 KB
Image
General
Full URL
https://detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/temumobile.jpg
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2d773ead0af4bb35f5016ef42df15044f0c07f37d7e3a746d9ca647a200a836b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

ETag
"20334-61a375cfbcd2d"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
131892
Keep-Alive
timeout=5, max=98
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Thu, 06 Jun 2024 11:55:45 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
script.js
meine.pixelweiche.de/
964 B
1 KB
Script
General
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/

Response headers

ETag
"3c4-5581a7e5699e1;6256c3cc94652"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
964
Keep-Alive
timeout=5, max=100
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Content-Type
text/javascript
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ShZI4xAi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:06:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ShZI4xAi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4469, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
2X01Gc9c38KrLVQG8xQKdenNrC1E8dFhficTAgMdwkHHpTXQon7IoJM5k390FoW3x+pr2ZaYZ30zoWkzKITDVQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
temubg.jpg
detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/
128 KB
129 KB
Image
General
Full URL
https://detmu.deinesparangebote.de/media/adresseManager/microSiteImg/1183/temubg.jpg
Requested by
Host: detmu.deinesparangebote.de
URL: https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b2bf6d2b5ab3bb21c424e99d0465d1af994f3031eb6ca6a5d53a82cb579fd6e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

ETag
"20192-61a375cfbcd2d"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
131474
Keep-Alive
timeout=5, max=99
Date
Mon, 16 Dec 2024 09:06:58 GMT
Last-Modified
Thu, 06 Jun 2024 11:55:45 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
script.js
meine.pixelweiche.de/tg/
0
485 B
XHR
General
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Connection
Keep-Alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Keep-Alive
timeout=5, max=100
Date
Mon, 16 Dec 2024 09:06:59 GMT
Content-Type
application/javascript
X-Powered-By
PHP/5.6.30
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
favicon.ico
detmu.deinesparangebote.de/
72 KB
72 KB
Other
General
Full URL
https://detmu.deinesparangebote.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (abuntis Abuntis Verwaltungs GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://detmu.deinesparangebote.de/campaign_1183.html?coyoteAffiliTokenId=89374891&

Response headers

ETag
"11e46-5e822ffd79f32"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
73286
Keep-Alive
timeout=5, max=99
Date
Mon, 16 Dec 2024 09:06:59 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.41 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw

8 Cookies

Domain/Path Name / Value
.homerchandising.com/ Name: sl
Value: ZZmbsEapU8iqEhN/QKzInpwn91/52cG1IqR2Gmof6vtehoPFOvCnJw==
.homerchandising.com/ Name: ti
Value: k9Lp0SU7oyt7/dQsTHoWIJwn91/52cG1IqR2Gmof6vtehoPFOvCnJw==
.homerchandising.com/ Name: c21304
Value: ZZmbsEapU8ghZM5SELneJoiRG0xvVTO43cnRa006KgyxU6zwGxzjMA==
www.sbbq3otrk.com/ Name: uniqueClick_Z8QTQX
Value: e107a519-1cc3-436b-bbb0-2579431c6a92:1734340017
www.sbbq3otrk.com/ Name: transaction_id
Value: c871482a597e4cb5ab24b1e62ff7bbd7
trckde01.de/ Name: PHPSESSID
Value: 62ngr2haskpoo743no30j85m9a
detmu.deinesparangebote.de/ Name: PHPSESSID
Value: el10p7q7hni8v235s64k6981sr
detmu.deinesparangebote.de/ Name: coyoteAffiliTokenId1183
Value: 89374891