urlscan.io logo urlscan.io
SecurityTrails logo

main.picksecured.com Open in urlscan Pro
2606:4700:3031::6815:52e5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ib.adnxs.com/getuid?https://illuvium-loyalty.com/DE
Effective URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_16...
Submission: On October 14 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3031::6815:52e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is main.picksecured.com.
TLS certificate: Issued by WE1 on October 14th 2024. Valid for: 3 months.
This is the only time main.picksecured.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    162.241.62.215 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-62-215.unifiedlayer.com
illuvium-loyalty.com
1    45.89.245.10 (Bulgaria)

ASN31469 (XOSTING-AS, UA)
PTR: no-rdns.blank.record
track.emlrckr.com
2    172.67.139.50 (United States)

ASN13335 (CLOUDFLARENET, US)
track.buzz-track.com
24    2606:4700:3031::6815:52e5 (United States)

ASN13335 (CLOUDFLARENET, US)
main.picksecured.com
img.picksecured.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
24 picksecured.com
main.picksecured.com
img.picksecured.com
141 KB
4 gstatic.com
fonts.gstatic.com
31 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
277 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
34 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
4 KB
2 buzz-track.com
track.buzz-track.com
1 KB
2 illuvium-loyalty.com
illuvium-loyalty.com
543 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
24 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
3 KB
1 emlrckr.com
track.emlrckr.com
4 KB
42 14
Domain Requested by
16 img.picksecured.com main.picksecured.com
8 main.picksecured.com 1 redirects track.buzz-track.com
main.picksecured.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com main.picksecured.com
www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com main.picksecured.com
client
2 unpkg.com main.picksecured.com
2 track.buzz-track.com
2 illuvium-loyalty.com 2 redirects
2 ib.adnxs.com 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.de main.picksecured.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 ajax.googleapis.com main.picksecured.com
1 track.emlrckr.com 1 redirects
42 17

This site contains no links.

Subject Issuer Validity Valid
buzz-track.com
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
picksecured.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
unpkg.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.googleadservices.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Frame ID: 251768077849B0B006697977E579D8CD
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

online

Page URL History Show full URLs

  1. https://ib.adnxs.com/getuid?https://illuvium-loyalty.com/DE HTTP 307
    https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Filluvium-loyalty.com%2FDE HTTP 302
    https://illuvium-loyalty.com/DE HTTP 301
    https://illuvium-loyalty.com/DE/ HTTP 302
    https://track.emlrckr.com/?a=166215&c=369809&co=215770&mt=3 HTTP 302
    https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a3... Page URL
  2. https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=13579&aff=buzz&m=ns_66&publishe... HTTP 302
    https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

11
IPs

3
Countries

513 kB
Transfer

1336 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ib.adnxs.com/getuid?https://illuvium-loyalty.com/DE HTTP 307
    https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Filluvium-loyalty.com%2FDE HTTP 302
    https://illuvium-loyalty.com/DE HTTP 301
    https://illuvium-loyalty.com/DE/ HTTP 302
    https://track.emlrckr.com/?a=166215&c=369809&co=215770&mt=3 HTTP 302
    https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id= Page URL
  2. https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=13579&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id= HTTP 302
    https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ib.adnxs.com/getuid?https://illuvium-loyalty.com/DE HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Filluvium-loyalty.com%2FDE HTTP 302
  • https://illuvium-loyalty.com/DE HTTP 301
  • https://illuvium-loyalty.com/DE/ HTTP 302
  • https://track.emlrckr.com/?a=166215&c=369809&co=215770&mt=3 HTTP 302
  • https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
Request Chain 38
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEI8IKzuAYQrMW1o4_ivYnOARIdANwh8ogLuObHn7rI8GpYdSqXOEGqbHniMCY2IhY&pscrd=IhMI983_r9CNiQMVWpCDBx0VlReOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21haW4ucGlja3NlY3VyZWQuY29tL0JXQ2hFSThJS3p1QVlRc2MyXzc2cWt1cUdDQVJJc0FIQmMwT05tV3RPcFJmbEpzcVdFOWF0Wjl0MlY5cU5HZ0dIZ0tPMUVRMWpFYlFyMk1wVkFYcERLanJR HTTP 302
  • https://www.google.com/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI983_r9CNiQMVWpCDBx0VlReOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21haW4ucGlja3NlY3VyZWQuY29tL0JXQ2hFSThJS3p1QVlRc2MyXzc2cWt1cUdDQVJJc0FIQmMwT05tV3RPcFJmbEpzcVdFOWF0Wjl0MlY5cU5HZ0dIZ0tPMUVRMWpFYlFyMk1wVkFYcERLanJR&is_vtc=1&cid=CAQSGwDpaXnfpUqp7e8g64un1Z8JbkjjNSIhkZUASQ&eitems=ChEI8IKzuAYQrMW1o4_ivYnOARIdANwh8ogF1qsOkAZR8Fkb21MiqMLxfMdOzNsnBAM&random=1730371835 HTTP 302
  • https://www.google.de/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI983_r9CNiQMVWpCDBx0VlReOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21haW4ucGlja3NlY3VyZWQuY29tL0JXQ2hFSThJS3p1QVlRc2MyXzc2cWt1cUdDQVJJc0FIQmMwT05tV3RPcFJmbEpzcVdFOWF0Wjl0MlY5cU5HZ0dIZ0tPMUVRMWpFYlFyMk1wVkFYcERLanJR&is_vtc=1&cid=CAQSGwDpaXnfpUqp7e8g64un1Z8JbkjjNSIhkZUASQ&eitems=ChEI8IKzuAYQrMW1o4_ivYnOARIdANwh8ogF1qsOkAZR8Fkb21MiqMLxfMdOzNsnBAM&random=1730371835&ipr=y

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
track.buzz-track.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://illuvium-loyalty.com/DE
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Filluvium-loyalty.com%2FDE
  • https://illuvium-loyalty.com/DE
  • https://illuvium-loyalty.com/DE/
  • https://track.emlrckr.com/?a=166215&c=369809&co=215770&mt=3
  • https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
281 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d26c5327e7265cf-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 10:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dspT3U2Tz1hstO8C2Cb0F8IMM%2F1AequxLaje18L8y4c0pKdKaBoFbf8w%2FRao%2FEMaYPQpfvHlzc0aV312YoeazWMDiOgogqgEyYc5TfTfheHWiILBrEWnT%2Bc6QAL%2BzYfy2uvhV7xFXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Mon, 14 Oct 2024 10:08:48 GMT
location
https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
server
nginx
speculation
track.buzz-track.com/cdn-cgi/ 		128 B
572 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.buzz-track.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://track.buzz-track.com
Referer
https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6H3r%2F2LHEhterDI7yMYZmhpl1by2%2F5f6oScatIqpmkVKYDi4Fl5YdAqi8CGwz%2BBZ%2Fm5l9bVReg2irk94fFwV3KEJyAmNWJRa3y2iUnQNKm7nHw5ZnyOFlgKvYf2q10Rq%2BMg0rZvJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c5338fc165cf-FRA
access-control-allow-origin
https://track.buzz-track.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Primary Request index
main.picksecured.com/c/
Redirect Chain
  • https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=13579&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
  • https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
40 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Requested by
Host: track.buzz-track.com
URL: https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034c1e2899d8675790863de86022d6ffb9ea5ce4eb206e329a51865138ca50b8

Request headers

Referer
https://track.buzz-track.com/click?offer_id=15811&aff_id=66&click_id=b5c8829b71434263a8c04d1f3cdcde3924a30&pub_id=166215_&sub_id=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d26c535baf391f0-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 10:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puUDGbcE824qlpqseqomL3z3UFPDigAxkOxgrnjnQRQksZsje78emkrmBRTB%2FqMDTuviEeQZlPlePn%2BVqCXLOT3%2B2%2B9DdFzqWghxu%2FMMzgFTPmsU%2BD%2BCteJevitxRj6%2FVgFtUMlZnBVvZ4cMZ0XrnMY3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d26c534fa2691f0-FRA
date
Mon, 14 Oct 2024 10:08:49 GMT
location
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zCT0CXaZi2irLzw55uOTJSelfklmTJ0A%2BZjIGnzkjmwR85r4a0YdZ82x3as6oXb%2FdQfXu9Y8ABYIINJtJKFbEp3fRGYLu1Vcb8kRu0UJWhcfn4aGSnahn08pshBb9xRSFQ52lZkZTbfbPP5n7olCMoexA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation
main.picksecured.com/cdn-cgi/ 		128 B
605 B 		Other
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://main.picksecured.com
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mruEHOXcjMBshkw93%2FK58wjSiELv3U5ZLSYudtYecDumrWEreN1M%2FHDlEkA6VmZMFvs4Rrn3vTe7WJVeM2RzlKbxBl%2FDTh5%2BClx7WkQsbmEoAes9s6RV9F620X%2FOh2fLFleLKPOoUfrCABMBOI7M%2FEjmvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537ad4d91f0-FRA
access-control-allow-origin
https://main.picksecured.com
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
site.css
main.picksecured.com/ST/ 		869 B
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/ST/site.css
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aeb555b764bd40e3904c9fc6af91b3631f94c831ae160cc680eb1e813f32097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"365-4b59098a96900-gzip"
age
1384
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLuJvaEHEnI1S21ifSJs9NKw9Yn0wac9CXhLuoKwXoRVpWwWOYeG4%2BzeN8TDPY2KygCwmNrQWcvHwOqLa8KdRy44OQbEJc1tC6HvQouAOEDXkGR6eqmRO7LRc2995nyr7RUg5Jn5w2EBdYq7vQk7EsmzNg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
text/css
last-modified
Mon, 02 Jan 2012 19:29:08 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d26c537bd5891f0-FRA
accept-ranges
bytes
content-length
509
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
gzip
age
347804
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 09:32:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 09:32:06 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33507
x-xss-protection
0
server
sffe
script2.js
main.picksecured.com/ST/script/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/ST/script/script2.js?date=20.4
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154ed175845f0751f139807eb0032243a28014847d2ec7b566bb93ffcd1929ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"24a7-5ecf71d86bd00"
age
1384
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsIXvXZ5xcaaDMHQeqdJHzN8nipJcmcdggtHZg5hAKpAGQh9DEB%2BcuwVd0FgrwaW6Gpp24IPlUHrKehmEPwV4Rio2icrGOK5CNYDy8T2pjzg7c7pP7Y0PKbPOT6kD6Kpv0B6WhO5UxWcTuUrsJ4YUeV0CA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537bd5a91f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
application/javascript
last-modified
Tue, 08 Nov 2022 15:23:00 GMT
vary
Accept-Encoding
server
cloudflare
email_check.js
main.picksecured.com/ST/script/ 		188 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/ST/script/email_check.js
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32bd9b94367a02c30759ca3bf7bfeea38a06c89499e502638f938b66cac71c5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"bc-4c69b42a235c0"
age
1384
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XJaZyq7hVpJC1oPQ%2Bg%2BQ4oO4AhKZ8SjeZnvlkswusDCQ19iD%2BIXoIddWdbZYItWph15Xc9zvu94880cfSCiPy0fwPeZ7nLUVbJphqOadg%2FLh6STLpLSWiQKB25MDx93258ZjPItlx%2FCqA42ZyWdVUnO8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537bd5b91f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
application/javascript
last-modified
Mon, 06 Aug 2012 16:20:47 GMT
vary
Accept-Encoding
server
cloudflare
phone_check_new.js
main.picksecured.com/c/ 		195 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/c/phone_check_new.js?geo=DE
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb54269f773fc5574cd8d81a58c1d9fe5df9a3ec9ce0ec95be6031affc08dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enyWRu2UBnT29UHbc6AlZ66OmNWaI%2Baf5vbEuNsdSmIOWnJywjes9TGa4TKITkOAjeMmpXYpQoHDN1ZddM3X5totP22YPcbDeEGSPbQT5MIA1UHk85WXvkoWy4KLdIXTSCjjtJnL4v2LtlHaGyp6V0UD%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537bd5d91f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 10:08:49 GMT
vary
Accept-Encoding
server
cloudflare
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age
888060
x-content-type-options
nosniff
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01J9AS3J2S2RPNGDS720E5G9QY-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d26c539bc3471d3-FRA
access-control-allow-origin
*
server
cloudflare
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 10:08:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 10:02:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
xmbBKpFILskrBnX.svg
img.picksecured.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/xmbBKpFILskrBnX.svg
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f9c01af9d50c8e153164145a10eaff0b5749dbcca3233ddb1e260759889f9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"4f3-5e8ba06e84640"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1N7Hwhh8hH3e4CkHrV8jYJYakkH9%2BWaeAQf8zmmcxuit9aB8ylgsTDIZXO0cwZsUeBWEHl12nBCsOE6tHKsKPIuTTfl6fA2QeQxPHWLxNpaCwB6eSZpYrL%2FbwVVJbgrMjgU88GIfXEz6a7aV5Tb%2BqqYG"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537dd7d91f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
image/svg+xml
last-modified
Thu, 15 Sep 2022 16:49:21 GMT
vary
Accept-Encoding
server
cloudflare
jNyX95YLD0FVvLy.5stars.png
img.picksecured.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/jNyX95YLD0FVvLy.5stars.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858aadf0246a8860eb3bfe384bc3651821a09d6a13829cf04693f2b94c74a1de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"2826-5e8ba0a9a51c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTjHiHvjFJEDn3fED3LBkMIC3153u2JoAJjFw4X%2F0CODjeXEye0P%2FDoPs1XCdZtFRVeoyyfjSELBimvPzzCbFbJio3KGl5bz8Bjz7OIA8JI7r4wxxPWYhm3FijNeMksXKSS3JDtziivYJLUud5YfeAwX"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537dd7b91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
10278
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:23 GMT
vary
Accept-Encoding
server
cloudflare
j911zlJOKmLmawg.png
img.picksecured.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/j911zlJOKmLmawg.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139c945b8604741d9843aa90d6f401abd87c9882d0e3e6b4e77e9c30434d327e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"3005-5e8ba090d9740"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iA%2Bg1pUwOrD2HubgXhWUkCsbgvNlzVXYy7lfNBDRO7He29Fe8xFLW0f4UIw88wpLVAwjujjh6VzFc%2BGO6z4S%2F1n3XXbZUqhOGR3Osk%2BntghnwSFKEYIpMAhgnc%2BcfSHR2qp31nHqq493tt7EFuyCBSIg"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c539d80d91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
12293
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:49:57 GMT
vary
Accept-Encoding
server
cloudflare
m9GhX2JTuz0wyrY.png
img.picksecured.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/m9GhX2JTuz0wyrY.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe0c267df74383e3b53462b5c982b8a3ba15a795940238cbefc57271c7490ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"2eba-5e8ba0c91dc00"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuaF4GZY2eBQHjbPlDWMUyUGzzCqDT%2BeLBupo6RiRIUxQBZQVTZsRhMiM4OG%2F6aikXpGkXryxtGM6v0HTOPNpV93U%2BxqM303aCKXvc9TjUUPCGsGniXWwGEE7GQEg75alTFKpel6fyFO9spFNg%2F8hg8v"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53ac8fb91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
11962
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:56 GMT
vary
Accept-Encoding
server
cloudflare
pqGf9CNf4KHKbEh.png
img.picksecured.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/pqGf9CNf4KHKbEh.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f47482e34eebc7da7379dfce442f722306d20879750c975c7f9b61c47712f3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"3284-5e8ba0b8e75c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIgKXosZonadKsLGGKGV2dOXLw2pj9Hcub2pP6iv10%2FFznb6Otspxr0zK95zSFxVWP7a1UB%2Bpf1XYgbXCbF7uXhyxRC49HwOt%2Bg5rPLnckWezgpRJTJaiIMcVGwOY264H9QMoUZKGAsUi2NVHxHurpeq"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53ad91691f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
12932
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:39 GMT
vary
Accept-Encoding
server
cloudflare
EKsoVjWMdgoI4id.png
img.picksecured.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/EKsoVjWMdgoI4id.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f3dd59a17337bb969cb3c2fcea44aceaae9d6f8584b0e3fdd0278f08cca018

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"11aa-5e8ba0db3c6c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zae0b0OrS5KWkkF5S%2FdfIRXDSaJg8lE3UwFDVJ5UJJ%2Bckg2dj45K8CpOpT9AlZCM7258MCb4lIZjdlkiVJjlwagusaDo3PWwrvXtbc%2B4ciATJPOHLYidFnCEIAo4UERcsEuaLysgnRDQhDDZpLMJCJ4Q"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af93891f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
4522
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:15 GMT
vary
Accept-Encoding
server
cloudflare
rFWQyanOrf9yoco.svg.png
img.picksecured.com/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/rFWQyanOrf9yoco.svg.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a964cba0c2b8a00832bc9fe9d99ac8e480bfb4344d5e9e7b96037bf57fb2680

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"f7bd-5e8ba0e98a880"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXD0IjPoCwb%2F5ZM%2Bg9mpXKoRuXcsQdJYUb4eWVQ3LaspR0Zb%2BB3VnVq2awqzKXbO6hzG4HQ1awkv6sRMAVso2dy63sZRMZDBVc4YpESnu%2F4qVeGmiOfOO8GncbkaeJP4Eyl%2F12WjFEe8RNSgbx8FRxs3"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af93f91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
63421
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:30 GMT
vary
Accept-Encoding
server
cloudflare
VU5yFGNgVqcuCBa.png
img.picksecured.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/VU5yFGNgVqcuCBa.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab69d8b07902d66c5c6828044211569222dfba940ba29a282f4490ef266d15bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"24a2-5e8ba0f9c0ec0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rcsOKDEtAU3gCfAQ1O2r7Rz0jg%2B59018slMGjYU6KsvrwRA30ix5rrwFuRunszlmoLFK7ApPkKZ0sQEj7%2F0ypmqZlgHr%2F8ML9ilCiGDTlDYyGDOY7fOXGDKwYmDHD13pxfg%2FvScXOhyUqAY4AW0Zv4T"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af94091f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
9378
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:47 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		259 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3902f8264a1b42d76a613bed2f087b256803d742e45361a95f1ee3079a828642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 14 Oct 2024 10:08:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94889
x-xss-protection
0
server
Google Tag Manager
xmbBKpFILskrBnX.svg
img.picksecured.com/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/xmbBKpFILskrBnX.svg
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f9c01af9d50c8e153164145a10eaff0b5749dbcca3233ddb1e260759889f9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"4f3-5e8ba06e84640"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1N7Hwhh8hH3e4CkHrV8jYJYakkH9%2BWaeAQf8zmmcxuit9aB8ylgsTDIZXO0cwZsUeBWEHl12nBCsOE6tHKsKPIuTTfl6fA2QeQxPHWLxNpaCwB6eSZpYrL%2FbwVVJbgrMjgU88GIfXEz6a7aV5Tb%2BqqYG"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537dd7d91f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
image/svg+xml
last-modified
Thu, 15 Sep 2022 16:49:21 GMT
vary
Accept-Encoding
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://main.picksecured.com
Referer
https://fonts.googleapis.com/

Response headers

age
556308
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 23:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 23:37:02 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://main.picksecured.com
Referer
https://fonts.googleapis.com/

Response headers

age
523755
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:39:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:39:35 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://main.picksecured.com
Referer
https://fonts.googleapis.com/

Response headers

age
525307
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:13:43 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://main.picksecured.com
Referer
https://fonts.googleapis.com/

Response headers

age
525574
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:09:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:09:16 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age
888060
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d26c539bc3471d3-FRA
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01J9AS3J2S2RPNGDS720E5G9QY-fra
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		14 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 10:08:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 14 Oct 2024 10:02:48 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jNyX95YLD0FVvLy.5stars.png
img.picksecured.com/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/jNyX95YLD0FVvLy.5stars.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858aadf0246a8860eb3bfe384bc3651821a09d6a13829cf04693f2b94c74a1de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"2826-5e8ba0a9a51c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTjHiHvjFJEDn3fED3LBkMIC3153u2JoAJjFw4X%2F0CODjeXEye0P%2FDoPs1XCdZtFRVeoyyfjSELBimvPzzCbFbJio3KGl5bz8Bjz7OIA8JI7r4wxxPWYhm3FijNeMksXKSS3JDtziivYJLUud5YfeAwX"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c537dd7b91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
10278
date
Mon, 14 Oct 2024 10:08:49 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:23 GMT
vary
Accept-Encoding
server
cloudflare
j911zlJOKmLmawg.png
img.picksecured.com/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/j911zlJOKmLmawg.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139c945b8604741d9843aa90d6f401abd87c9882d0e3e6b4e77e9c30434d327e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"3005-5e8ba090d9740"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iA%2Bg1pUwOrD2HubgXhWUkCsbgvNlzVXYy7lfNBDRO7He29Fe8xFLW0f4UIw88wpLVAwjujjh6VzFc%2BGO6z4S%2F1n3XXbZUqhOGR3Osk%2BntghnwSFKEYIpMAhgnc%2BcfSHR2qp31nHqq493tt7EFuyCBSIg"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c539d80d91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
12293
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:49:57 GMT
vary
Accept-Encoding
server
cloudflare
m9GhX2JTuz0wyrY.png
img.picksecured.com/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/m9GhX2JTuz0wyrY.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe0c267df74383e3b53462b5c982b8a3ba15a795940238cbefc57271c7490ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"2eba-5e8ba0c91dc00"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuaF4GZY2eBQHjbPlDWMUyUGzzCqDT%2BeLBupo6RiRIUxQBZQVTZsRhMiM4OG%2F6aikXpGkXryxtGM6v0HTOPNpV93U%2BxqM303aCKXvc9TjUUPCGsGniXWwGEE7GQEg75alTFKpel6fyFO9spFNg%2F8hg8v"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53ac8fb91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
11962
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:56 GMT
vary
Accept-Encoding
server
cloudflare
pqGf9CNf4KHKbEh.png
img.picksecured.com/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/pqGf9CNf4KHKbEh.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f47482e34eebc7da7379dfce442f722306d20879750c975c7f9b61c47712f3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"3284-5e8ba0b8e75c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIgKXosZonadKsLGGKGV2dOXLw2pj9Hcub2pP6iv10%2FFznb6Otspxr0zK95zSFxVWP7a1UB%2Bpf1XYgbXCbF7uXhyxRC49HwOt%2Bg5rPLnckWezgpRJTJaiIMcVGwOY264H9QMoUZKGAsUi2NVHxHurpeq"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53ad91691f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
12932
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:50:39 GMT
vary
Accept-Encoding
server
cloudflare
EKsoVjWMdgoI4id.png
img.picksecured.com/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/EKsoVjWMdgoI4id.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f3dd59a17337bb969cb3c2fcea44aceaae9d6f8584b0e3fdd0278f08cca018

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"11aa-5e8ba0db3c6c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zae0b0OrS5KWkkF5S%2FdfIRXDSaJg8lE3UwFDVJ5UJJ%2Bckg2dj45K8CpOpT9AlZCM7258MCb4lIZjdlkiVJjlwagusaDo3PWwrvXtbc%2B4ciATJPOHLYidFnCEIAo4UERcsEuaLysgnRDQhDDZpLMJCJ4Q"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af93891f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
4522
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:15 GMT
vary
Accept-Encoding
server
cloudflare
rFWQyanOrf9yoco.svg.png
img.picksecured.com/ 		62 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/rFWQyanOrf9yoco.svg.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a964cba0c2b8a00832bc9fe9d99ac8e480bfb4344d5e9e7b96037bf57fb2680

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"f7bd-5e8ba0e98a880"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXD0IjPoCwb%2F5ZM%2Bg9mpXKoRuXcsQdJYUb4eWVQ3LaspR0Zb%2BB3VnVq2awqzKXbO6hzG4HQ1awkv6sRMAVso2dy63sZRMZDBVc4YpESnu%2F4qVeGmiOfOO8GncbkaeJP4Eyl%2F12WjFEe8RNSgbx8FRxs3"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af93f91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
63421
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:30 GMT
vary
Accept-Encoding
server
cloudflare
VU5yFGNgVqcuCBa.png
img.picksecured.com/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picksecured.com/VU5yFGNgVqcuCBa.png
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab69d8b07902d66c5c6828044211569222dfba940ba29a282f4490ef266d15bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"24a2-5e8ba0f9c0ec0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rcsOKDEtAU3gCfAQ1O2r7Rz0jg%2B59018slMGjYU6KsvrwRA30ix5rrwFuRunszlmoLFK7ApPkKZ0sQEj7%2F0ypmqZlgHr%2F8ML9ilCiGDTlDYyGDOY7fOXGDKwYmDHD13pxfg%2FvScXOhyUqAY4AW0Zv4T"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c53af94091f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
9378
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 16:51:47 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
gzip
age
2555
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 11:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 09:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		249 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-693039449&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dac87df9768db46dda637c2968d03784a2b8387ee362efb9d706692522fc6412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 14 Oct 2024 10:08:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90235
x-xss-protection
0
server
Google Tag Manager
/
www.googleadservices.com/pagead/conversion/693039449/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/693039449/?random=1728900530866&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-693039449&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
7aed9da896390358cafe82444d597a22f558bce3ca0d6f75494d45e639970925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2823
date
Mon, 14 Oct 2024 10:08:50 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collect
www.google-analytics.com/j/ 		15 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=882195144&t=pageview&_s=1&dl=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&dr=https%3A%2F%2Ftrack.buzz-track.com%2F&ul=de-de&de=UTF-8&dt=online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=642363905&gjid=1952514765&cid=1255860927.1728900531&tid=UA-246674629-1&_gid=437124424.1728900531&_r=1&_slc=1&gtm=45He4a90n81NF2NMTWv830506792za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685&npa=1&z=840659798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0a0a2c78ee41c7a989ce941b1a44efa17619ed7151428fab07e21ccf7331ddc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://main.picksecured.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://main.picksecured.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VP56HFYSZ9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
982333d5a37922484593e7630ca3fc211f1350b4332022e2f6cc3d78ce50191d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 10:08:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97755
x-xss-protection
0
server
Google Tag Manager
/
www.google.de/pagead/1p-conversion/693039449/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1...
  • https://www.google.com/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
  • https://www.google.de/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI983_r9CNiQMVWpCDBx0VlReOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21haW4ucGlja3NlY3VyZWQuY29tL0JXQ2hFSThJS3p1QVlRc2MyXzc2cWt1cUdDQVJJc0FIQmMwT05tV3RPcFJmbEpzcVdFOWF0Wjl0MlY5cU5HZ0dIZ0tPMUVRMWpFYlFyMk1wVkFYcERLanJR&is_vtc=1&cid=CAQSGwDpaXnfpUqp7e8g64un1Z8JbkjjNSIhkZUASQ&eitems=ChEI8IKzuAYQrMW1o4_ivYnOARIdANwh8ogF1qsOkAZR8Fkb21MiqMLxfMdOzNsnBAM&random=1730371835&ipr=y
Requested by
Host: main.picksecured.com
URL: https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=
Protocol
H3
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 10:08:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/693039449/?random=626968227&cv=11&fst=1728900530866&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8830506792za201zb830506792&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&ref=https%3A%2F%2Ftrack.buzz-track.com%2F&label=JnwqCMKnjMABENniu8oC&hn=www.googleadservices.com&frm=0&tiba=online&value=0&npa=1&pscdl=noapi&auid=1915218388.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI983_r9CNiQMVWpCDBx0VlReOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21haW4ucGlja3NlY3VyZWQuY29tL0JXQ2hFSThJS3p1QVlRc2MyXzc2cWt1cUdDQVJJc0FIQmMwT05tV3RPcFJmbEpzcVdFOWF0Wjl0MlY5cU5HZ0dIZ0tPMUVRMWpFYlFyMk1wVkFYcERLanJR&is_vtc=1&cid=CAQSGwDpaXnfpUqp7e8g64un1Z8JbkjjNSIhkZUASQ&eitems=ChEI8IKzuAYQrMW1o4_ivYnOARIdANwh8ogF1qsOkAZR8Fkb21MiqMLxfMdOzNsnBAM&random=1730371835&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 14 Oct 2024 10:08:51 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VP56HFYSZ9&gtm=45je4a90v9114632152za200&_p=1728900530384&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101671035~101686685~101794736~101823848&ul=de-de&sr=1600x1200&cid=1255860927.1728900531&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fmain.picksecured.com%2Fc%2Findex%3Fcc%3DDE%26project%3D1307%26camp%3D20127%26access%3D7d1dbdb100000%26aff%3Dbuzz%26m%3Dns_66%26publisher%3Dbuzz_66_166215_%26ymid%3D4e62db66-8a14-11ef-9b91-28924a3ab82c%26pub_id%3D166215_%26sub_id%3D&dr=https%3A%2F%2Ftrack.buzz-track.com%2F&dt=online&sid=1728900531&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1915
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP56HFYSZ9&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://main.picksecured.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:08:51 GMT
content-type
text/plain
server
Golfe2
favicon.ico
main.picksecured.com/ 		0
510 B 		Other
General
Check archive.org
Download Go to
Full URL
https://main.picksecured.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:52e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://main.picksecured.com/c/index?cc=DE&project=1307&camp=20127&access=7d1dbdb100000&aff=buzz&m=ns_66&publisher=buzz_66_166215_&ymid=4e62db66-8a14-11ef-9b91-28924a3ab82c&pub_id=166215_&sub_id=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"0-4b5a1c7207d80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVJuQmHXi%2BXSFymhjaEB%2FVDZvHb%2FDWXg2Qoukwunz0QBv8tTyfoOfLWS6aP9%2BTqrJRxI6ZflvQ5RspJTq%2B2duNmt9%2FywsFcwurrlC%2Bq64Hsadxj6j52ayAozr9Qgk5uasfUIfb1uphYPWkH25byClNQzqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d26c54738de91f0-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Mon, 14 Oct 2024 10:08:52 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 03 Jan 2012 15:59:02 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery boolean| orgexit boolean| exit number| min string| domain string| lang function| titleblink function| exitwindow function| showWin function| showWin2 function| countDown function| confirmSubmit function| checkPhone function| checkZip function| checkBirth function| checkEmail function| checkEmail2 function| makeCheck function| checkName function| add_invalid_warning function| checkEmailAddress function| checkPhoneNumber object| dataLayer string| cc number| current_page string| newtitle number| timer function| countdown number| windowWidth object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

22 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: XANDR_PANID
Value: p6bN4SEeoCTqHqDZo8JG7IMFlWrvPMCTomGSlR21BHSTU1rz4V-zl7cp37nC06S9JouYSmd3OljrUtzPTv53wP0ddJ5BOEPwl8yLriaFcM4.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1962072640304165938
illuvium-loyalty.com/ Name: PHPSESSID
Value: 8fb1f53aef1f06475144a4accad6856f
.emlrckr.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.emlrckr.com/ Name: gdm_uid_v2_1_001
Value: AtFtG9f1jJ4wVHOT9yKW1JLx6SDSbiR+U/fglvhQFaaTxTLU55CVizoIBhBVjRxB
.emlrckr.com/ Name: gdm_sid_v2_3_001
Value: CIN8mUAjbndzXIb42EbuC8PusaVhvnYh6E37tKFJIEyQEzom01AdYjF1C/zP+WdZvkBW+nvh6/6aaQ7DIlD4cZTZ+ukky9clpQDZVJpB7ynnbkyaIW/qC71GG029UpdASs/kDgyHqT7LsHoy4rePEqmT12II9TtpR5GImnQ5fi3BPRqDl+0tLE86HERKq+A6jBegv9X4ngIHQReJ8/GdFb4BEjBITTdKqEDCggNzI/q9oSZ28cBwtzz+KfKJWYNvts18hw3fOT2LzmdT5e47ts8qB0JyG2LbuI0+Q45VOPJNmtphoUf8e9jEJTuDWSltR8QCuNKoRvMwYV+OIzO1GE+M7BIz0XXGi+ZEpbwzdK7c4r7DMksZjh2t+a/bnu0j0Ies4q9zCG0zB62DeAfycRYVklp/ssssqHJ9bVqOOhM9ETX4eAqhI5fdzw+kNCTKdcD9EfQbn3Sre8msw6l8jglRwb6ihk7pnjIWg5oiAMLp/4qsPhjkUosOaY4K9FpSsoP7ApJTYb0vbiAOL8i63IKIhhHLOEXT9oRFu3l5ayir+ZCuNk7Mz54pgzk3XwGCF9/fdZDQZ+KgrZR4alpWdLmA2rhevuclDZij0EX7A1mFZRFR58NXi8v8nOFsql4ZI8NF+mCJoOdojUfacaYdlaX7aLPEdP77sYDhFVlIjM6npIdyar2hSkW1h4M76Ye9QAq+haBek82EuOC0Imj1f1tyVa5JZGN5ZSSqOuKVQ+67G+eFtW6biVcb7sAVx7LArTrw1SWPS/2+cVUZ+wHJRHbkfQlSiWnESVrzU7JlfSLU8DSZxGOwyn9pSFGZrPKE0iA6K8CMHYKAVZdqU96lJ4cCyq694ni7I8Ol1cGVoir9h3IFPy9flqkQAoyqixJd9jVMUCPm+4524QN4UQ+iQnm0dcTyxPuxla1G4hfV478TCi+mMK6Pl7LJkG6hofztRH3CzIrXyQrngSJlPUBU3TilgZwY1YtHYMAw+upzJUbMYQ4Q0wnP9dGqqvuKKCfug9X1PH651PhhshirghlXBoGSgHCsWtD0wkbnOTTakas=
.emlrckr.com/ Name: gdm_click_freq_v2_1_001
Value: ajaWtnO22MYkAQMCfnu94ItFfvZD2j05FN5fdYl5a6knGhCKYn5uEsZfIbbZijgN
.emlrckr.com/ Name: gdm_click_freq_v1_1_001
Value: ajaWtnO22MYkAQMCfnu94ItFfvZD2j05FN5fdYl5a6knGhCKYn5uEsZfIbbZijgN
.emlrckr.com/ Name: gdm_sid_v1_3_001
Value: CIN8mUAjbndzXIb42EbuC8PusaVhvnYh6E37tKFJIEyQEzom01AdYjF1C/zP+WdZvkBW+nvh6/6aaQ7DIlD4cZTZ+ukky9clpQDZVJpB7ynnbkyaIW/qC71GG029UpdASs/kDgyHqT7LsHoy4rePEqmT12II9TtpR5GImnQ5fi3BPRqDl+0tLE86HERKq+A6jBegv9X4ngIHQReJ8/GdFb4BEjBITTdKqEDCggNzI/q9oSZ28cBwtzz+KfKJWYNvts18hw3fOT2LzmdT5e47ts8qB0JyG2LbuI0+Q45VOPJNmtphoUf8e9jEJTuDWSltR8QCuNKoRvMwYV+OIzO1GE+M7BIz0XXGi+ZEpbwzdK7c4r7DMksZjh2t+a/bnu0j0Ies4q9zCG0zB62DeAfycRYVklp/ssssqHJ9bVqOOhM9ETX4eAqhI5fdzw+kNCTKdcD9EfQbn3Sre8msw6l8jglRwb6ihk7pnjIWg5oiAMLp/4qsPhjkUosOaY4K9FpSsoP7ApJTYb0vbiAOL8i63IKIhhHLOEXT9oRFu3l5ayir+ZCuNk7Mz54pgzk3XwGCF9/fdZDQZ+KgrZR4alpWdLmA2rhevuclDZij0EX7A1mFZRFR58NXi8v8nOFsql4ZI8NF+mCJoOdojUfacaYdlaX7aLPEdP77sYDhFVlIjM6npIdyar2hSkW1h4M76Ye9QAq+haBek82EuOC0Imj1f1tyVa5JZGN5ZSSqOuKVQ+67G+eFtW6biVcb7sAVx7LArTrw1SWPS/2+cVUZ+wHJRHbkfQlSiWnESVrzU7JlfSLU8DSZxGOwyn9pSFGZrPKE0iA6K8CMHYKAVZdqU96lJ4cCyq694ni7I8Ol1cGVoir9h3IFPy9flqkQAoyqixJd9jVMUCPm+4524QN4UQ+iQnm0dcTyxPuxla1G4hfV478TCi+mMK6Pl7LJkG6hofztRH3CzIrXyQrngSJlPUBU3TilgZwY1YtHYMAw+upzJUbMYQ4Q0wnP9dGqqvuKKCfug9X1PH651PhhshirghlXBoGSgHCsWtD0wkbnOTTakas=
.emlrckr.com/ Name: gdm_click_adv_freq_v2_1_001
Value: cOJsoM9LlN/HBaW3Z5bQ2YWcs5Pb70ynXURgysalgDb2XTEs0DMklAMYX93SdIOW
.emlrckr.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.emlrckr.com/ Name: gdm_click_adv_freq_v1_1_001
Value: cOJsoM9LlN/HBaW3Z5bQ2YWcs5Pb70ynXURgysalgDb2XTEs0DMklAMYX93SdIOW
.emlrckr.com/ Name: gdm_uid_v1_1_001
Value: AtFtG9f1jJ4wVHOT9yKW1JLx6SDSbiR+U/fglvhQFaaTxTLU55CVizoIBhBVjRxB
.buzz-track.com/ Name: d
Value: 0b90230e26fec4fd278040c0b1b10c7b7c097bf8399a1a413ca85b8e7f9f4ba8867e732596c4421aeb5ac723d0e1ca6fbaf7dc8bed21c773dc48973c7fc40d93a7fc25ccf130028598fe974355c14e6c
.picksecured.com/ Name: access
Value: 7d1dbdb100000
.picksecured.com/ Name: _gcl_au
Value: 1.1.1915218388.1728900531
.picksecured.com/ Name: _ga
Value: GA1.2.1255860927.1728900531
.picksecured.com/ Name: _gid
Value: GA1.2.437124424.1728900531
.picksecured.com/ Name: _gat_UA-246674629-1
Value: 1
.picksecured.com/ Name: _ga_VP56HFYSZ9
Value: GS1.2.1728900531.1.0.1728900531.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
illuvium-loyalty.com
img.picksecured.com
main.picksecured.com
region1.google-analytics.com
track.buzz-track.com
track.emlrckr.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.184.226
162.241.62.215
172.67.139.50
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:4700:3031::6815:52e5
2606:4700::6811:f5cb
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
37.252.171.149
45.89.245.10
034c1e2899d8675790863de86022d6ffb9ea5ce4eb206e329a51865138ca50b8
0a0a2c78ee41c7a989ce941b1a44efa17619ed7151428fab07e21ccf7331ddc1
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
139c945b8604741d9843aa90d6f401abd87c9882d0e3e6b4e77e9c30434d327e
154ed175845f0751f139807eb0032243a28014847d2ec7b566bb93ffcd1929ac
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1f47482e34eebc7da7379dfce442f722306d20879750c975c7f9b61c47712f3a
32bd9b94367a02c30759ca3bf7bfeea38a06c89499e502638f938b66cac71c5d
3902f8264a1b42d76a613bed2f087b256803d742e45361a95f1ee3079a828642
3aeb555b764bd40e3904c9fc6af91b3631f94c831ae160cc680eb1e813f32097
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
55f9c01af9d50c8e153164145a10eaff0b5749dbcca3233ddb1e260759889f9b
7a964cba0c2b8a00832bc9fe9d99ac8e480bfb4344d5e9e7b96037bf57fb2680
7aed9da896390358cafe82444d597a22f558bce3ca0d6f75494d45e639970925
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7eb54269f773fc5574cd8d81a58c1d9fe5df9a3ec9ce0ec95be6031affc08dfb
858aadf0246a8860eb3bfe384bc3651821a09d6a13829cf04693f2b94c74a1de
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
982333d5a37922484593e7630ca3fc211f1350b4332022e2f6cc3d78ce50191d
ab69d8b07902d66c5c6828044211569222dfba940ba29a282f4490ef266d15bc
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
cbe0c267df74383e3b53462b5c982b8a3ba15a795940238cbefc57271c7490ec
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dac87df9768db46dda637c2968d03784a2b8387ee362efb9d706692522fc6412
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f3dd59a17337bb969cb3c2fcea44aceaae9d6f8584b0e3fdd0278f08cca018