urlscan.io logo urlscan.io
SecurityTrails logo

bio-packet.gewinn24-7.de Open in urlscan Pro
188.95.252.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3YDu46v
Effective URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Submission: On February 03 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 57 HTTP transactions. The main IP is 188.95.252.33, located in Spain and belongs to RACKMARKT, ES. The main domain is bio-packet.gewinn24-7.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2023. Valid for: 3 months.
This is the only time bio-packet.gewinn24-7.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 45.85.218.145 44486 (SYNLINQ s...)
1 17 188.95.252.33 197518 (RACKMARKT)
7 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 78.46.198.121 24940 (HETZNER-AS)
57 12
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    45.85.218.145 (Germany)

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: protondash.com
plornay.com
17    188.95.252.33 (Spain)

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com
gewinn-ometer.com
bio-packet.gewinn24-7.de
7    2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
12    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
4    2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
5    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
1    78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de
deaffiliateceoo.mycleverpush.com
Apex Domain
Subdomains		 Transfer
17 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 15357
api.cleverpush.com — Cisco Umbrella Rank: 15503
136 KB
16 gewinn24-7.de
bio-packet.gewinn24-7.de
478 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
412 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
21 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
24 KB
1 mycleverpush.com
deaffiliateceoo.mycleverpush.com
27 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5986
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
355 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1186
30 KB
1 gewinn-ometer.com
gewinn-ometer.com
719 B
1 plornay.com
plornay.com
492 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5353
286 B
57 12
Domain Requested by
16 bio-packet.gewinn24-7.de plornay.com
bio-packet.gewinn24-7.de
12 static.cleverpush.com bio-packet.gewinn24-7.de
static.cleverpush.com
deaffiliateceoo.mycleverpush.com
7 www.google-analytics.com bio-packet.gewinn24-7.de
www.google-analytics.com
5 api.cleverpush.com static.cleverpush.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.gstatic.com bio-packet.gewinn24-7.de
www.google.com
4 www.google.com bio-packet.gewinn24-7.de
www.gstatic.com
www.google.com
1 deaffiliateceoo.mycleverpush.com static.cleverpush.com
1 www.google.de bio-packet.gewinn24-7.de
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.aspnetcdn.com bio-packet.gewinn24-7.de
1 gewinn-ometer.com 1 redirects
1 plornay.com
1 bit.ly 1 redirects
57 14
Subject Issuer Validity Valid
plornay.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-11-24		 a year crt.sh
bio-packet.gewinn24-7.de
cPanel, Inc. Certification Authority		 2023-01-29 -
2023-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-06 -
2023-06-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Frame ID: 70EC2645DF5A5C1CF041A9D204157C6B
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Frame ID: D6DA336AEFF0A573BC116CF2CA132AB3
Requests: 7 HTTP requests in this frame

Frame: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbio-packet.gewinn24-7.de
Frame ID: 8D5D10B35AEC32A53B9E502A901BB696
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sparen Sie 500€ bei Ihren Denns Biomarkt -Einkäufen

Page URL History Show full URLs

  1. https://bit.ly/3YDu46v HTTP 301
    https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245 Page URL
  2. https://gewinn-ometer.com/de,denns,biomarkt,2021,ceoo,aff_1976.html?idPartner=1484&idCampaignAd=0&subI... HTTP 302
    https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

14
Subdomains

12
IPs

5
Countries

1129 kB
Transfer

2281 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3YDu46v HTTP 301
    https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245 Page URL
  2. https://gewinn-ometer.com/de,denns,biomarkt,2021,ceoo,aff_1976.html?idPartner=1484&idCampaignAd=0&subId=474220&subIdentifier=1327422947 HTTP 302
    https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3YDu46v HTTP 301
  • https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ZA9876543245
plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/
Redirect Chain
  • https://bit.ly/3YDu46v
  • https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245
198 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.85.218.145 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS
protondash.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
198
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 14:00:34 GMT
Server
Apache

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
176
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 14:00:33 GMT
location
https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z"'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245
server
nginx
via
1.1 google
Primary Request campaign_3112.html
bio-packet.gewinn24-7.de/
Redirect Chain
  • https://gewinn-ometer.com/de,denns,biomarkt,2021,ceoo,aff_1976.html?idPartner=1484&idCampaignAd=0&subId=474220&subIdentifier=1327422947
  • https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
226 KB
227 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Requested by
Host: plornay.com
URL: https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
ed79aa55d10a68d4475689a075376d34605ba52b293c5616e51ad972cd91a7f9

Request headers

Referer
https://plornay.com/101134570f4c2258000/ZARERZAERT/ZAa%C3%A9z%22'(-%C3%A8_%C3%A7%C3%A0/ZA9876543245
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 14:00:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 14:00:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:12:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2905
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 15:12:10 GMT
jquery-3.4.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12235657
x-cache
HIT
content-length
30737
x-xss-protection
1; mode=block
last-modified
Thu, 02 May 2019 18:32:11 GMT
server
ECAcc (frc/4CDC)
etag
"808705b151d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
reset.css
bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/reset.css
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:34 GMT
Last-Modified
Thu, 29 Sep 2016 12:39:41 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1073
Content-Type
text/css
custom.css
bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/custom.css
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:34 GMT
Last-Modified
Fri, 24 Aug 2018 10:36:34 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
21826
Content-Type
text/css
series.css
bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/ 		41 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/series.css
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:34 GMT
Last-Modified
Thu, 05 Jan 2017 15:26:26 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
42281
Content-Type
text/css
button.js
bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/ftp/o2o_umfrageTemplate/button.js
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:34 GMT
Last-Modified
Thu, 06 Apr 2017 07:50:57 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
3824
Content-Type
application/javascript
NK8GfGNLpAYfKeg38.js
static.cleverpush.com/channel/loader/ 		277 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0201a7120e2d88d6afd9fe46c68f6fcb50f5f9ebca92274bee1271b471dcb757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5FC71XKB1CGRJW2W
age
6292
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0PcNZW8pZ+5pUnt8jws9ekyKFwHFJY8DtG0l1ee3dBJealA2LJm0Vo2Zji3Ami29XHXXqlvBQ0g=
last-modified
Fri, 03 Feb 2023 00:03:28 GMT
server
cloudflare
etag
W/"d5b4a204ef689ae2a58281f3da2d2d86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnFxRVKqPn0JNYzBh0VnxxLbIx7diIVsCvx7Hke9mbki%2BSVvQYNfFKN1WM%2FF6ytlof7k3o3aY0othpg%2BIDG84YMNx%2FDKJ8BYbHDlKksGpi9uWBJq43kHC3GqfkfGk0vDeJesc%2B6ELQlJN37ZkxByIoa5CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
793bb19578aa9c0a-FRA
denn,mobile,prize,b.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/denn,mobile,prize,b.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
a7773d5bd7e65690001c70584db16827a04806daff1aabd95d69cd586b510144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Tue, 29 Jun 2021 09:40:00 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
58893
Content-Type
image/png
denn,desk,header,b.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/denn,desk,header,b.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
9f0f795abf3d1b6c6f5bde0ff8e07772d159592516d82b87087db574ad079d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Tue, 29 Jun 2021 09:40:00 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
4160
Content-Type
image/png
step,done,a.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/step,done,a.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
af7bc91ea45dfe62e6e911345d1b10e8c7c476784245c52256a2cd7457306534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:15:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1178
Content-Type
image/png
step,2.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/step,2.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
411de839f0361e0ea8ab059c8adf19bbbba2f69e146ad1e9448ac63368a5f0ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:15:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1113
Content-Type
image/png
step,3.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/step,3.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
54245f82fcbd8b1737ae2c9d1a4cd17cf215e59133adc05b4f75edfcb8d1f2f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:15:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1120
Content-Type
image/png
step,4.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/step,4.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
bd814a256cd0d2a3311115b8f207bbfef5835419e8a0b4beb704cce72b86ab19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:15:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1102
Content-Type
image/png
aln,pb,prize.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		853 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/aln,pb,prize.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
75409c001657142bd50f5b3005a90ab95b92fc359747c939195b226a722a4423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:15:02 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
853
Content-Type
image/png
api.js
www.google.com/recaptcha/ 		884 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83e19e82cfc9293c095cc4507a7da53a713e950111cb222a85ce7f2a3c87b06d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
582
x-xss-protection
1; mode=block
expires
Fri, 03 Feb 2023 14:00:35 GMT
main_layout_logo.png
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Mon, 08 May 2017 07:24:36 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
7333
Content-Type
image/png
coyoteDefaultLibrary.css
bio-packet.gewinn24-7.de/templates/coyoteDefaultLibrary/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.css
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Tue, 04 May 2021 04:37:20 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
2458
Content-Type
text/css
coyoteDefaultLibrary.js
bio-packet.gewinn24-7.de/templates/coyoteDefaultLibrary/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bio-packet.gewinn24-7.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.js
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Tue, 04 May 2021 04:37:20 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
17749
Content-Type
application/javascript
collect
www.google-analytics.com/j/ 		4 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=649237854&t=pageview&_s=1&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACACI~&jid=2138438233&gjid=105675199&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&_r=1&_slc=1&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=1766898581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bio-packet.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 14:00:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bio-packet.gewinn24-7.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=649237854&t=event&_s=2&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=pageview&el=3112%2Fadressdata1%2F&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=1039556401
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 10:06:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14071
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=649237854&t=event&_s=3&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idPartner&el=1484&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=127761897
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 10:06:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14071
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=649237854&t=event&_s=4&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idAmKampagne&el=3112&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=4311836
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 10:06:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14071
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=649237854&t=event&_s=5&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=wgname&el=Sparen%20Sie%20500%E2%82%AC%20bei%20Ihren%20Denns%20Biomarkt%20-Eink%C3%A4ufen&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=867994141
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 10:06:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14071
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=649237854&t=event&_s=6&dl=https%3A%2F%2Fbio-packet.gewinn24-7.de%2Fcampaign_3112.html%3FcoyoteAffiliTokenId%3D486026454%26&dr=https%3A%2F%2Fplornay.com%2F&dp=3112%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=1484&el=474220&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2082993845.1675432835&tid=UA-68861802-12&_gid=1977174068.1675432835&cg1=3112&cg2=191&cg3=1484&cg4=474220&cg5=1327422947&cd1=3112&cd2=191&cd3=1484&cd4=474220&cd5=1327422947&cd6=2684&z=676845866
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 10:06:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14071
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
denn,desk,bg.jpg
bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bio-packet.gewinn24-7.de/media/adresseManager/microSiteImg/3112/denn,desk,bg.jpg
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
06024ad6c3358022935f1a370418765bc6ddf1ad47e236a297f3aa841208b07e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 14:00:35 GMT
Last-Modified
Fri, 25 Jun 2021 09:20:52 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
88639
Content-Type
image/jpeg
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bio-packet.gewinn24-7.de/
Origin
https://bio-packet.gewinn24-7.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:25 GMT
x-content-type-options
nosniff
age
254350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16276
x-xss-protection
0
last-modified
Mon, 27 Apr 2015 23:45:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:21:25 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bio-packet.gewinn24-7.de/
Origin
https://bio-packet.gewinn24-7.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:26:12 GMT
x-content-type-options
nosniff
age
45263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15572
x-xss-protection
0
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 01:26:12 GMT
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		4 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-68861802-12&cid=2082993845.1675432835&jid=2138438233&gjid=105675199&_gid=1977174068.1675432835&_u=YEBAAEAAAAAAACACI~&z=1943625749
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bio-packet.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 03 Feb 2023 14:00:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bio-packet.gewinn24-7.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68861802-12&cid=2082993845.1675432835&jid=2138438233&_u=YEBAAEAAAAAAACACI~&z=1235244408
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 14:00:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68861802-12&cid=2082993845.1675432835&jid=2138438233&_u=YEBAAEAAAAAAACACI~&z=1235244408
Requested by
Host: bio-packet.gewinn24-7.de
URL: https://bio-packet.gewinn24-7.de/campaign_3112.html?coyoteAffiliTokenId=486026454&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 14:00:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/ 		79 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/config?confirmAlertTestsEnabled=true&platformName=Windows
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6024722c47ff6a88c82d84e8e2e7ee955a3f1d6d23e8112df0981fbe4ba58e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://bio-packet.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
EXPIRED
x-backend-server
cleverpush-worker-15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hUwQoI8yIIYigzFTejb4HkjoKY8Dlve2LxqWHrqXnwDHFWXXH2wC2YCy5SmO%2F7nsMKeW7AjF173%2FwWrkQSznleHFmyMGLvlGp3HMqYObO13Oo09NeHf32J4zo9NXLR6hK4Z9JklG7yU00gCywZhfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=60
cf-ray
793bb19658a59096-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
expires
Fri, 03 Feb 2023 14:01:37 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bio-packet.gewinn24-7.de/
Origin
https://bio-packet.gewinn24-7.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 06:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 06:28:19 GMT
anchor
www.google.com/recaptcha/api2/ Frame D6DA 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eefc8cbe990befd4e0a9935d7d292ab4ceed67bfb210d85bb7e1bd90ce455b29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l5FPZpOUZCcNttj-AMCPIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bio-packet.gewinn24-7.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22472
content-security-policy
script-src 'report-sample' 'nonce-l5FPZpOUZCcNttj-AMCPIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 14:00:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame D6DA 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 06:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 06:57:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame D6DA 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 06:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 06:28:19 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D6DA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:21 GMT
x-content-type-options
nosniff
age
254355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D6DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:18:51 GMT
x-content-type-options
nosniff
age
348105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 13:18:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D6DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:11:58 GMT
x-content-type-options
nosniff
age
89318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:11:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D6DA 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iaW8tcGFja2V0Lmdld2lubjI0LTcuZGU6NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=g58m7krpuxp6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Fri, 03 Feb 2023 14:00:36 GMT
5.6f7d09106719ee0a61f9.js
static.cleverpush.com/sdk/chunk/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6f7d09106719ee0a61f9.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0882b4f05fa3f47d6b5a5b8c9321196f4b43ae0dee99226714c6006af55d118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B071PM0QV7S9PSK
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WqWI2miv08oWmWaHiF46O8eAwVJwcPHzjQL5zrXoNmGeVtdNwyTJIqsxxGAZmvVDwpLeHfapBnc=
last-modified
Tue, 31 Jan 2023 18:54:18 GMT
server
cloudflare
etag
W/"90810682258d2af35934336056dcc091"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbsGsXlTdeBSfZKuPvFO2%2BB%2FRZhhFrhgJWQwyBS4YF%2FAJ7KasDqhdXSqtc611MciUfs4Jwl6v8bOK4Kkv6dLEzGKH9trERUaYGCLpyEh8dvCACwCt36q6pS9zwActmNgn%2FK6eMke9XyAgcwkvkH8lPkLJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a3c9469c0a-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B0BCEJG7B9B96Q6
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+P4qgUtL0ImsNX57/iB3s2/EAl65HsV/u/SVFfcX7pvF8x4Wqek2tVxwAQjwwUDE1oIAUmmh4NM=
last-modified
Tue, 31 Jan 2023 18:54:17 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU8MHvChuNdBm1DhMg3huGnuB37S2q0UiNVKs3%2BL6uMpS6J5%2FrvhX947ARJU6xHQm1QBAnMbKUz3S7y5i%2Fty9FWX45G48TqP3Uzjl7UUQUAsJghkhrjVAB5G6Ta%2BC7%2F5J2LihHtzb%2Fsw6xXY9ek%2BOPVqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a3c9499c0a-FRA
115.ba0d7343026308ac5af6.js
static.cleverpush.com/sdk/chunk/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B04QEZVTV949WN6
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JrEBkzJq0CldayL7xy+gqL9HGfrhpnFQBeApU5/dsHJMfAck09YE1fdySHgX0GJOcnB5s7MXS3E=
last-modified
Tue, 31 Jan 2023 18:54:17 GMT
server
cloudflare
etag
W/"bdf3b760e2b81b6f97aa3f8f66d110e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q8iX62Fpc0JJB1LmD%2FbgoP9m2BvkFHBE40cf5qJBwc%2FRbh8AcswofwdiMENHqG9KbQgxL9YEv9NdF%2Fszph2bpfMSogTRJ2s5Yw6rbUKVCzW3k2yyxKrx0gJXlSD4zANCtFpKJjc2ibRrpOoFb1BZkRIhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a3c94a9c0a-FRA
iframe
deaffiliateceoo.mycleverpush.com/ Frame 8D5D 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbio-packet.gewinn24-7.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.198.46.78.clients.your-server.de
Software
/
Resource Hash
8907f82918cee9715231e0434cfb691058510255f66c038de201efac657c13c5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bio-packet.gewinn24-7.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 14:00:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-15
x-cache-status
HIT
x-robots-tag
noindex
5.6f7d09106719ee0a61f9.js
static.cleverpush.com/sdk/chunk/ Frame 8D5D 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6f7d09106719ee0a61f9.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbio-packet.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0882b4f05fa3f47d6b5a5b8c9321196f4b43ae0dee99226714c6006af55d118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B0478PP5Q1589TV
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EM7goinWK49C/u5vDe0KC+qfb+XH651W1LV8buP92AMksC3N9sgxqnRC0mXttTbNfwXbEvHWfjU=
last-modified
Tue, 31 Jan 2023 18:54:18 GMT
server
cloudflare
etag
W/"90810682258d2af35934336056dcc091"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIw5Be4Hryj8L0%2Bghq%2FoDNRN8DI3nx%2FjI7EO50vRlyG0CwN4xngOQUywF%2FvE6NZMx3eawfBz8TnNADI8LuKUSnUXzNVFcNmdrh1%2FebcWg4bHLg4H%2FBv%2Bhs34KfjvcjDyHNDqKxTq8uxc1VI6F%2FOHBycHuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a4fdde6957-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ Frame 8D5D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbio-packet.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B0386ZQMYEXC8MM
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Jm11fbjkIsnIKOiZK/rnt0wB0M8VmUqWXtEPHFQ8rSgVklebUVfdCpC0EeKugaqGYYtHym6TNAs=
last-modified
Tue, 31 Jan 2023 18:54:17 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvdMhJJth7VM8veNxg5Jn%2FsJdeqtJjHzCIqpEaIEE7AT8RiDhmSsJ2269SxRbSLjDsv9v5uAkcgly1sjgTp%2FL2m0odCh%2B022F4q4%2BN38by4wcJESWd7N9GQF5swKu4Bg3Ox11b8hpejwoJ4Ez374Mt27Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a4fde06957-FRA
818.2053369c6ba49d7081f4.js
static.cleverpush.com/sdk/chunk/ Frame 8D5D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbio-packet.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B09K5QAK2GRY6E4
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RQ5zKOA5U8ZxBHX90nuTZWQ5UhCwJSpwgkqdp5/P4AurYGe7RDyX+8DfdXoqs5XwMNBfihf6lnw=
last-modified
Tue, 31 Jan 2023 18:54:19 GMT
server
cloudflare
etag
W/"9c2d7319802a49372e38ced07eee7c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKP5tKWiQONNwj1ByU%2F3vbt%2FLe496nWuhfXOMyEE%2BmK0Q8SQo74El%2FCh%2BTtuAEqBRKozWAaw1brFggRjMv1wLliupoDRmu8NjbBkrLcQqHcc36AM9%2BiQfxNtOahIRQuQl4P07XpKKxQLYm%2Fo53PQ%2FRUlyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a4fde16957-FRA
103.723d7d2c1f459bc8bb33.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.723d7d2c1f459bc8bb33.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B00DQY0280B41HZ
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
A97wFvyp7myNf0JKFI84phhW9I1qnhm/MvJh936N6GqH5JA4OKgffyT5IVOCTHwTDQygTINaCuM=
last-modified
Tue, 31 Jan 2023 18:54:17 GMT
server
cloudflare
etag
W/"fba09f0a1fd8e7dd17acf513393f116f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLoTvNJEbf8kzremlZX7M3vxyAlM8UwNCo88VeZLy9L3LbsScqT2nSDxxJz1jQR4YL%2BUy2ZoSmJ0pQKpTG5KKgRR%2B02OqEAVqAsQNtiISsKVbGX487g32xxlVeNzifsCB%2BAHLWXeAp9g0UzR1wjkTsjOIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a51e0d6957-FRA
720.88a3607d4c17ce2453f0.js
static.cleverpush.com/sdk/chunk/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.88a3607d4c17ce2453f0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dfc52adc4b2e77ac5881bf9ecfd0250aaba890abc09b3ad674cc62e455c0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B01S2TQP3J8X6Q0
age
25569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JiWI06oIwPX75CnRpACnG2PeJvADP7lGDCi0hWIyJmlFW2UKRh1r+UyZDE81JqdaQy7oQ4OexiI=
last-modified
Tue, 31 Jan 2023 18:54:18 GMT
server
cloudflare
etag
W/"068eefa4304043bf1bb6ddedb6bea8e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVGB3GWlkoAagOg68vyV%2BT3y07eiV9GszkgA4YunOhQ8DPicvb6afRU%2Bw220LdQdIcZKk5%2FCgI95k5GaEzHp4ZSNoBar1P%2BYopQvU8FNToKo0GhgKKph6YnSah2ouOzmVJx0CtQKdMEvawBDp4De8opfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a51e0f6957-FRA
728.d40aa42dd2d65bc5d5ab.js
static.cleverpush.com/sdk/chunk/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/728.d40aa42dd2d65bc5d5ab.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0ea47914a6242eea44fe3951adcdb35d94bcabf1cef0e384cd126385ea774a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QNWG447CQXFRBH49
age
25099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nncmAJ79gQqvKCk/epNXytmlqVLkRY0/d+H54OXbX+xRd/xQp/Cft+NuOQzoWe64XDmLU6qKrwc=
last-modified
Tue, 31 Jan 2023 18:54:18 GMT
server
cloudflare
etag
W/"65885428a7278e91cac00e268e1601da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP6dlqS9F1XJVYdGx0LK0g0FkLu4ArDklnwTt0D%2B3bRs3Ub%2BkxBo6n66fec4jTt%2BxE3sNi5xDs2Se0LmOVfZV71%2Fk0p77Izz4doCBJuBmNkYLt72PBysOyk8YZ55IRrQty5lRToeEs3XnH2wAXfMKbS9ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a57e8a6957-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://bio-packet.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 14:00:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jsbcc5rjZC5NO%2FIDHXwpWTdWhVVWiKUqcZC8hoO7wQj6BRCMQlUUn%2FolCE30NgzQ%2BoeaOjK78UMWW6vuOWGYXFpSWjSgASlG9%2FZ2WjDq8u7KpZO6gtyyMyD4pu1hKZ7%2BkxhJCiZHZMF4LigmXV9Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
793bb1a5afe89028-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bio-packet.gewinn24-7.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
793bb1a58cc99096-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 03 Feb 2023 14:00:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYXsMCfv5RmDiMqG4o6aYW0LoUuKROh%2BdqqZJyyWGK3ccoFd3SjdaiEFaL6jy2Ki2h4XRcd88UGSmSuqgsRzgp1Joa7mvnVt2jMmR48Xccmc2B9mANljDWLHZ7FNiqH3Kw8liI9DDS%2FyLVH%2B6OeH0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
499.9985a935289708bf13c2.js
static.cleverpush.com/sdk/chunk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/499.9985a935289708bf13c2.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151b25deaef38f2a72a0e1ee11f9ddc895ed4d1c9290da0ee58fbe2f3d3e9320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6B0CMQTVYC00GGXJ
age
25560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/pJSMLuZesCopMYDTWrRcQL9ll1X6+hyIgrRIR+ySv2rG5wggQBtAVRt9sxNnCEja8kr/0RYvUE=
last-modified
Tue, 31 Jan 2023 18:54:18 GMT
server
cloudflare
etag
W/"c45b7ce9e07aa220d832612704ede749"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtLL9Xmg730B00CPfHxi7cWSJR0%2BDyAMYi%2BjjbkqLcItLHiE23fvU46DYntdLL7Kwx55ynxIZU9HwoR1MF090t0PebvW1febTyaIP7i3VZyHh6FQS8NB9aksrJijED64sjRfbsKO%2B1OOxIsCS8isQA%2FYEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
793bb1a59eb86957-FRA
confirm-alert
api.cleverpush.com/channel/ 		16 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://bio-packet.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 14:00:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSC%2BLURyVd9xeFGWNAPX%2FqNtqqndstYbWz3WGIkw9L0y5mJeltGnHLEGiPrgNRgQjvJYjzRxwPeUkmsHlCy%2FXwgQGINKaSJiWW9%2BPeBgFrZ0rC9kZVBsvQKcoIRriWq9iASmDYtlWh2JRnYqgkPifQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
793bb1abded19028-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bio-packet.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 14:00:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GV7MMFT27YE7G7YC
age
272223
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
732
x-amz-id-2
Rurruqp21ny7A+rTk8h2H0eZMc3iGtyXOT64jqzBvbFky0kDe28Ic8K3kotcTp7q1N0ys9XSIcM=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJlkvKElDagDV%2BkniU8xhHw9wPf5jUf%2FulS7dD5bWxOHrBk0A6rzLKNit7RkJQ9s%2F1uOxc4zVN3pcxGK6Q5mQ6lTQaUYC7PCK4OrS9kbx2%2FMeD3vYeHHR9vsbmYiJGsEqNtwMgYS%2B7o63nOfK334y0eWyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
793bb1abbe196957-FRA
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bio-packet.gewinn24-7.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
793bb1abbeb99028-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 03 Feb 2023 14:00:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDH%2FWoDPeesKML3iaNLkUU%2BISltsbAlAJUm9j8qGUPS5wTlDgG%2BYL4kkwxcrjTV9zcwxeb853WgkERasX1vpFzC2ZsxNBTwqGINkXRCCfoSglNG8XYMJ3bwPcl9%2FOG%2FuCfynpQbwo%2F%2F15UeJFtcQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| _ga string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| setCampaignId function| setDatasetToken object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CleverPush string| formpages function| captchaExecute object| modals string| action object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| initCopyPastePreventer object| lightboxOptions object| lightboxRO function| onWindowResizeLightbox function| openLightbox function| closeLightbox object| recaptcha object| closure_lm_176272

10 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n13e0x-8796148f931cd12d5b-00N
plornay.com/ Name: uid18672
Value: 1327422947-20230203080034-5f5c52482125f3795751d874779854af-
gewinn-ometer.com/ Name: PHPSESSID
Value: 836d87a0e3f929f875d9f803d96446c0
gewinn-ometer.com/ Name: coyoteTrackingCookie_1976
Value: 486026454
gewinn-ometer.com/ Name: coyoteSimpleTrackingCookie
Value: 486026454
bio-packet.gewinn24-7.de/ Name: PHPSESSID
Value: c6bd3e2436e7dac8175dfe7573cbe4f0
bio-packet.gewinn24-7.de/ Name: coyoteAffiliTokenId3112
Value: 486026454
.gewinn24-7.de/ Name: _ga
Value: GA1.2.2082993845.1675432835
.gewinn24-7.de/ Name: _gid
Value: GA1.2.1977174068.1675432835
.gewinn24-7.de/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.cleverpush.com
bio-packet.gewinn24-7.de
bit.ly
deaffiliateceoo.mycleverpush.com
fonts.gstatic.com
gewinn-ometer.com
plornay.com
static.cleverpush.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
152.199.19.160
188.95.252.33
2606:4700:20::681a:e1f
2606:4700:20::681a:f1f
2a00:1450:400d:802::200e
2a00:1450:400d:806::2003
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2003
2a00:1450:4025:401::9a
45.85.218.145
67.199.248.11
78.46.198.121
0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743
0201a7120e2d88d6afd9fe46c68f6fcb50f5f9ebca92274bee1271b471dcb757
06024ad6c3358022935f1a370418765bc6ddf1ad47e236a297f3aa841208b07e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2
151b25deaef38f2a72a0e1ee11f9ddc895ed4d1c9290da0ee58fbe2f3d3e9320
15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8
16dfc52adc4b2e77ac5881bf9ecfd0250aaba890abc09b3ad674cc62e455c0be
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
411de839f0361e0ea8ab059c8adf19bbbba2f69e146ad1e9448ac63368a5f0ca
425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853
4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b
54245f82fcbd8b1737ae2c9d1a4cd17cf215e59133adc05b4f75edfcb8d1f2f2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
75409c001657142bd50f5b3005a90ab95b92fc359747c939195b226a722a4423
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e19e82cfc9293c095cc4507a7da53a713e950111cb222a85ce7f2a3c87b06d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8907f82918cee9715231e0434cfb691058510255f66c038de201efac657c13c5
895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9e0ea47914a6242eea44fe3951adcdb35d94bcabf1cef0e384cd126385ea774a
9f0f795abf3d1b6c6f5bde0ff8e07772d159592516d82b87087db574ad079d1a
a7773d5bd7e65690001c70584db16827a04806daff1aabd95d69cd586b510144
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7bc91ea45dfe62e6e911345d1b10e8c7c476784245c52256a2cd7457306534
bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647
bd814a256cd0d2a3311115b8f207bbfef5835419e8a0b4beb704cce72b86ab19
c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e0882b4f05fa3f47d6b5a5b8c9321196f4b43ae0dee99226714c6006af55d118
e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64
eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9
ed79aa55d10a68d4475689a075376d34605ba52b293c5616e51ad972cd91a7f9
eefc8cbe990befd4e0a9935d7d292ab4ceed67bfb210d85bb7e1bd90ce455b29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f6024722c47ff6a88c82d84e8e2e7ee955a3f1d6d23e8112df0981fbe4ba58e6