URL: https://publ.cc/zpsdcr
Submission Tags: falconsandbox
Submission: On May 04 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 6 countries across 23 domains to perform 62 HTTP transactions. The main IP is 74.220.219.168, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is publ.cc.
TLS certificate: Issued by R3 on April 26th 2023. Valid for: 3 months.
This is the only time publ.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 74.220.219.168 46606 (UNIFIEDLA...)
1 192.229.220.206 15133 (EDGECAST)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.223.40.198 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
5 142.250.185.162 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.2.239 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.56.205.163 16625 (AKAMAI-AS)
2 2 172.217.18.6 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 18.171.28.83 16509 (AMAZON-02)
1 65.9.95.48 16509 (AMAZON-02)
1 65.9.95.123 16509 (AMAZON-02)
2 18.133.81.67 16509 (AMAZON-02)
62 23
Apex Domain
Subdomains
Transfer
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 33829
ad4m.at — Cisco Umbrella Rank: 12004
assets.ad4m.at — Cisco Umbrella Rank: 44547
568 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
213 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 169
20 KB
8 publ.cc
publ.cc
247 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19329
api.webgains.io — Cisco Umbrella Rank: 54433
32 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 573
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 773
s.tribalfusion.com — Cisco Umbrella Rank: 1977
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150278
static-de.ad4mat.net — Cisco Umbrella Rank: 200298
4 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 58140
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 32690
2 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 94288
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 81035
436 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 83680
261 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18068
704 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1258
350 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428
714 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1482
588 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
265 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
49 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 945
598 B
1 dribbble.com
cdn.dribbble.com — Cisco Umbrella Rank: 45200
2 MB
62 23
Domain Requested by
8 pagead2.googlesyndication.com publ.cc
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 publ.cc publ.cc
6 assets.ad4m.at as.ad4m.at
5 cm.g.doubleclick.net googleads.g.doubleclick.net
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
publ.cc
2 api.webgains.io analytics.webgains.io
2 ad.doubleclick.net 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 c1.adform.net 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.awin1.com as.ad4m.at
1 www.google.com tpc.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 www.googletagservices.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net publ.cc
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.dribbble.com publ.cc
62 32

This site contains no links.

Subject Issuer Validity Valid
www.publicc-page.ecraft.club
R3
2023-04-26 -
2023-07-25
3 months crt.sh
*.dribbble.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-18 -
2024-04-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-04-09 -
2023-07-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-02-22 -
2023-07-13
5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02
2023-03-02 -
2023-09-21
7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01
2023-02-28 -
2023-10-28
8 months crt.sh

This page contains 11 frames:

Primary Page: https://publ.cc/zpsdcr
Frame ID: FCF13162CF6B98C39695C420B2EBB428
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html
Frame ID: 0194D74390A50DC5F6FC3A0318D8C1A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&adk=1812271804&adf=3025194257&lmt=1683165164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165164795&bpp=3&bdt=148&idt=159&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1673339364011&frm=20&pv=2&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178
Frame ID: F65D274B35BDC2F5DC72B30C5FB018D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Frame ID: 163493796D361F4FEC71A723EE2C0077
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CScBu7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBN0BT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6Or7aghg5v6zVgd9K4_JAK1Xk_kIETXJKxZqtvOWMGAMpt0CuNFuABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM5MDYxMjcxODg0NzMzMTcYAA&sigh=S4oS2NTU7Sc&uach_m=[UACH]&cid=CAQSOwBygQiDy9z-W7Qi0H1dGp-A2DD3d-aOWL3ETr6WAKpf3xIgCJKSgOTMCPft1PcbQz5NDXxI3V1ocyGWGAE
Frame ID: 7EC798B40FCFCE9C12D5570DADC5BAC2
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Frame ID: 3D28319211F9E94435AF1A7C0CC902D0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B6303362C377CEFF221DF33C4A5259B
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 497D73318AE4A459AA3D0A8E639F2B21
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Frame ID: E4D03231A4B2F27BEE90B552D1A00E90
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D57034C8D3CFE56F05C95DD289D3D73D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47A505480B930AED386F468E99E7DF59
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Error - Publicc URL Shortener & Free Custom link shortener

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

90 %
HTTPS

43 %
IPv6

23
Domains

32
Subdomains

23
IPs

6
Countries

3346 kB
Transfer

4680 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 25
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAwoKT7dFg33ZoY8Mz6C-yg&google_cver=1&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6kr-XvTddCDA6mKuF2R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTEzOTMzNzQ1MzYzMTYzNg%3D%3D&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6kr-XvTddCDA6mKuF2R
Request Chain 26
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAgmrrB0nsuz-xJSqBs1cRQ&google_cver=1&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_ZJJ9qtRpV1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_ZJJ9qtRpV1&google_hm=eS1OX0NMemtoRTJwSEJrRXRoa2FmQ1N3NlA4ZHFKb3dVUX5B
Request Chain 27
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKxPxCHMlol2Vf3iQfTtSj4&google_cver=1&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GIwmeWFz2J8in56Trgb-5Na1O8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKxPxCHMlol2Vf3iQfTtSj4&google_cver=1&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GIwmeWFz2J8in56Trgb-5Na1O8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjkyOTAwOTYxMDY0NjcyNA&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GIwmeWFz2J8in56Trgb-5Na1O8
Request Chain 29
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_cver=1&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr_q4S39n5qKzjXhg4rMnE7DpEottJ6Ht_Kjqfzks8bT-ergywiNkyspNmsB6cA9m5Eo HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr_q4S39n5qKzjXhg4rMnE7DpEottJ6Ht_Kjqfzks8bT-ergywiNkyspNmsB6cA9m5Eo&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_hm=ZFMP7ejog-P9jl3-FVgK2AAADLEAAAIB&google_nid=index&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr_q4S39n5qKzjXhg4rMnE7DpEottJ6Ht_Kjqfzks8bT-ergywiNkyspNmsB6cA9m5Eo
Request Chain 49
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIjXzO7G2v4CFY6W_QcdmdgKag;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request zpsdcr
publ.cc/
5 KB
2 KB
Document
General
Full URL
https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
nginx/1.21.6 /
Resource Hash
fdd176d93b55baa1c4ead448431e6417cb006b79c5310680c3615ef3256877a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1738
content-type
text/html; charset=UTF-8
date
Thu, 04 May 2023 01:52:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx/1.21.6
vary
Accept-Encoding
x-endurance-cache-level
2
x-nginx-cache
WordPress
style.css
publ.cc/static/frontend/css/
613 KB
129 KB
Stylesheet
General
Full URL
https://publ.cc/static/frontend/css/style.css
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
e2a8a40a026302aa683e3d2112d9b54793bc682df45a4e28f0a5a36237e48cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
public
date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
x-powered-by
W3 Total Cache/2.3.1
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Fri, 03 May 2024 01:52:44 GMT
error_404_animation_800x600.gif
cdn.dribbble.com/users/1498094/screenshots/6352951/
2 MB
2 MB
Image
General
Full URL
https://cdn.dribbble.com/users/1498094/screenshots/6352951/error_404_animation_800x600.gif
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash
b132e5fbaec53cd29623a2ca0b4ac34b471298e8cf82c0df98bf6af9766e1b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:44 GMT
via
1.1 5035c434ac92f0eed9f2b400824fa6e9.cloudfront.net (CloudFront)
x-amz-version-id
uwAAHsn1wJyYestiwMmXqugFKAeu3KAc
age
44923040
x-amz-cf-pop
IAD89-P2
x-cache
HIT
content-length
2242914
last-modified
Wed, 17 Apr 2019 15:37:55 GMT
server
ECAcc (frc/4CC0)
etag
"d68ee8b857558fc7240724259a14c82e"
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
image/gif
access-control-allow-origin
https://dribbble.com
cache-control
max-age=315576000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
elSuMDmzeOgLc-Bou8BnQ7_7jTcqC42JZvQW-Vwt0hSSXxJ_PCEpAw==
expires
Thu, 19 Sep 2030 13:44:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3906127188473317
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d87858d69ed074b8c87111f2c1f844e5a8772b864b788f0b4c9f964f518ce50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://publ.cc/zpsdcr
Origin
https://publ.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47091
x-xss-protection
0
server
cafe
etag
8228935748044256125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:52:44 GMT
jquery.min.js
publ.cc/static/frontend/libs/jquery/dist/
87 KB
38 KB
Script
General
Full URL
https://publ.cc/static/frontend/libs/jquery/dist/jquery.min.js
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
public
date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
x-powered-by
W3 Total Cache/2.3.1
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Fri, 03 May 2024 01:52:44 GMT
svg-injector.min.js
publ.cc/static/frontend/libs/svg-injector/dist/
4 KB
2 KB
Script
General
Full URL
https://publ.cc/static/frontend/libs/svg-injector/dist/svg-injector.min.js
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
gzip
x-powered-by
W3 Total Cache/2.3.1
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
2255
pragma
public
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Fri, 03 May 2024 01:52:44 GMT
feather.min.js
publ.cc/static/frontend/libs/feather-icons/dist/
74 KB
25 KB
Script
General
Full URL
https://publ.cc/static/frontend/libs/feather-icons/dist/feather.min.js
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
public
date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
x-powered-by
W3 Total Cache/2.3.1
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Fri, 03 May 2024 01:52:44 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/
354 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3906127188473317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c9e04bcce8b5752ad7f3f3824daa47f5a7645efc6b35ee0bbba5d95c92a1762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122073
x-xss-protection
0
server
cafe
etag
2473410867217980187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:52:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/ Frame 0194
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3906127188473317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://publ.cc/zpsdcr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 17:55:37 GMT
etag
15057649708203361565
expires
Wed, 17 May 2023 17:55:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
381 B
598 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=publ.cc&callback=_gfp_s_&client=ca-pub-3906127188473317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d48b0f5a775739343830defa03c56a1addc6a8c2c42b2e1a31fe3f2cac94064f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=publ.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F65D
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&adk=1812271804&adf=3025194257&lmt=1683165164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165164795&bpp=3&bdt=148&idt=159&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1673339364011&frm=20&pv=2&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://publ.cc/zpsdcr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 01:52:45 GMT
expires
Thu, 04 May 2023 01:52:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
nunito-sans-v12-latin-600.woff2
publ.cc/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://publ.cc/static/frontend/fonts/nunito-sans-v12-latin-600.woff2
Requested by
Host: publ.cc
URL: https://publ.cc/static/frontend/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Request headers

Referer
https://publ.cc/static/frontend/css/style.css
Origin
https://publ.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-powered-by
W3 Total Cache/2.3.1
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
17194
pragma
public
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Fri, 03 May 2024 01:52:45 GMT
nunito-sans-v12-latin-regular.woff2
publ.cc/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://publ.cc/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by
Host: publ.cc
URL: https://publ.cc/static/frontend/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

Referer
https://publ.cc/static/frontend/css/style.css
Origin
https://publ.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-powered-by
W3 Total Cache/2.3.1
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
17019
pragma
public
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Fri, 03 May 2024 01:52:45 GMT
nunito-sans-v12-latin-italic.woff2
publ.cc/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://publ.cc/static/frontend/fonts/nunito-sans-v12-latin-italic.woff2
Requested by
Host: publ.cc
URL: https://publ.cc/static/frontend/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.219.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2012.bluehost.com
Software
Apache / W3 Total Cache/2.3.1
Resource Hash
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Request headers

Referer
https://publ.cc/static/frontend/css/style.css
Origin
https://publ.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
public
date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-nginx-cache
WordPress
last-modified
Sun, 30 Apr 2023 17:15:31 GMT
server
Apache
x-powered-by
W3 Total Cache/2.3.1
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires
Fri, 03 May 2024 01:52:45 GMT
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=publ.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1634
33 KB
13 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a04eaddb5b778199064a1b1948545cde506e53ff276484fed072c716200cb9a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://publ.cc/zpsdcr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 01:52:45 GMT
expires
Thu, 04 May 2023 01:52:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7EC7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CScBu7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBN0BT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6Or7aghg5v6zVgd9K4_JAK1Xk_kIETXJKxZqtvOWMGAMpt0CuNFuABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM5MDYxMjcxODg0NzMzMTcYAA&sigh=S4oS2NTU7Sc&uach_m=[UACH]&cid=CAQSOwBygQiDy9z-W7Qi0H1dGp-A2DD3d-aOWL3ETr6WAKpf3xIgCJKSgOTMCPft1PcbQz5NDXxI3V1ocyGWGAE
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 May 2023 01:52:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7EC7
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gf3perbgv8wn4z9006t3a8pafa1xv05h2vahykwesbs34z3ek4vy96ayv5926v6dnemm08pdqqmn5n6r1zfcbr4wkj6v8tcbcz9sgdegve1mnbajkxxfgtr87gxpyq2vzcyxqrzfnawj9r8zsxxxrawv5gak4p9r0j30qpqvsb1248ttmjsb7zfpr5eec515wzz8ggx3n1vccm45fejvbkk4wsb3hnwke3tmnzz3aeqkhax65qrgh22nn7efv5dny60knxtabwns9n4hgm8jqbnkd0h9pbwqzan6bwdx9h8exyq54q17zy2b71r7hbnd8pq5a2f051hc2tq98twcprdyxhkeb9pwytcz8pd4zh8qnx67ym58bv5jjkayhcscpgb60q3p7aay20&b=ZFMP7QAGcvAKd-FIAAje2Rf839w648r-8buAwQ
Requested by
Host: publ.cc
URL: https://publ.cc/zpsdcr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 May 2023 01:52:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3D28
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af9bb88be5d211c5fcdbe3c3f6882bd30379cfcb23121a8203bbfef0a005b6f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c1d1b2d7e2d9b88-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 01:52:45 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7EC7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:56:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0B63
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38097
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7EC7
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EC7
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 01:52:45 GMT
i.match
s.tribalfusion.com/z/ Frame 0B63
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKU...
43 B
438 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c1d1b2eecc39229-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
183
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKM41QPTDTIe8dOiOSz_NMU&google_cver=1&google_push=ATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOlrUe5n9fFM0PyfaxHNWIpqjMbR-AwT3kWRXqbHe_Bl3ptX_z51f-5Crw5kZ52RGrQ0W7h5vJ1lhJaOVuwYREA89zzvKULs_X-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c1d1b2dac429229-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0B63
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIHdQIEPIw3egMRH-6vEf-g&google_cver=1&google_push=ATf1kGMeJbdeJlxk_0yk7ROCzT9LM1t43EeiN0RgBPwyzOGAM4rsG-ddcmnLxcUPPNFqqF1r3KQBpS10MWHkCmRttRUuhemrRnKAQznF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAwoKT7dFg33ZoY8Mz6C-yg&google_cver=1&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTEzOTMzNzQ1MzYzMTYzNg%3D%3D&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6kr-X...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTEzOTMzNzQ1MzYzMTYzNg%3D%3D&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6kr-XvTddCDA6mKuF2R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTEzOTMzNzQ1MzYzMTYzNg%3D%3D&google_push=ATf1kGPMk8pIlO0-Un36P-DDzQ1qpmG8u4jEBQDY3mYg6KmGHN7FzMG-Qllk227hlyotQHU-P-x31DiWLUHWo6kr-XvTddCDA6mKuF2R
Date
Thu, 04 May 2023 01:52:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAgmrrB0nsuz-xJSqBs1cRQ&google_cver=1&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_ZJJ9qtRpV1&google_hm=eS1OX0NMemtoRTJwSE...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_ZJJ9qtRpV1&google_hm=eS1OX0NMemtoRTJwSEJrRXRoa2FmQ1N3NlA4ZHFKb3dVUX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 May 2023 01:52:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPgYyOpAPZOa9Vji7REps0sZcmY3ur893CthbDtLnsPNoISf1zh5y-HKYUGhIk-dAkmP0CNGn7UkFt9yCr0mFZy7_ZJJ9qtRpV1&google_hm=eS1OX0NMemtoRTJwSEJrRXRoa2FmQ1N3NlA4ZHFKb3dVUX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKxPxCHMlol2Vf3iQfTtSj4&google_cver=1&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKxPxCHMlol2Vf3iQfTtSj4&google_cver=1&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjkyOTAwOTYxMDY0NjcyNA&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjkyOTAwOTYxMDY0NjcyNA&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GIwmeWFz2J8in56Trgb-5Na1O8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNjkyOTAwOTYxMDY0NjcyNA&google_push=ATf1kGNNlCh-N5fcliIZo2vcMrV8E5yugTQzF-k3rWxWPYqlLpJl72UPp3Ss2h6GPy4qqkzBGHjly0GIwmeWFz2J8in56Trgb-5Na1O8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 0B63
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFUeic6OxffoucOkPgeuHno&google_cver=1&google_push=ATf1kGNYMEG_uTTSSswvyZBbA1XuLoI3PQYogf209kvdCqn1mmf6Bl6FAZpMnGWojIct_Rzrqy9shimFqxt2vvoCC9_y89CirUlJmMX5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sctmnb9d6ivpmu0nns0b28tlk6pefgb0
pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_hm=ZFMP7ejog-P9jl3-FVgK2AAADLEAAAIB&google_nid=index&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_hm=ZFMP7ejog-P9jl3-FVgK2AAADLEAAAIB&google_nid=index&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr_q4S39n5qKzjXhg4rMnE7DpEottJ6Ht_Kjqfzks8bT-ergywiNkyspNmsB6cA9m5Eo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 May 2023 01:52:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKAaRSP64F2f065XsdYX6nk&google_hm=ZFMP7ejog-P9jl3-FVgK2AAADLEAAAIB&google_nid=index&google_push=ATf1kGMOF6PGo1PkCmhsV5e8s2JBnDSiBv5lr_q4S39n5qKzjXhg4rMnE7DpEottJ6Ht_Kjqfzks8bT-ergywiNkyspNmsB6cA9m5Eo
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 0B63
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPT9kwaOhFvU6DioOylvvn4dFJnlKdyqkVm9IH-p6cKdd5bZMtohqW1rzuWDprm65v2ahU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3906127188473317&output=html&h=280&slotname=5106663811&adk=2792561709&adf=4034921668&pi=t.ma~as.5106663811&w=445&fwrn=4&fwrnh=100&lmt=1683165165&rafmt=1&format=445x280&url=https%3A%2F%2Fpubl.cc%2Fzpsdcr&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683165165381&bpp=7&bdt=734&idt=7&shv=r20230502&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a1b181fbbacc2f1-2278a8ceb7dd00d0%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaflnayisnCnxFhihhAg-DI53bjww&gpic=UID%3D00000bf52b196eb1%3AT%3D1683165165%3ART%3D1683165165%3AS%3DALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw&prev_fmts=0x0&nras=1&correlator=1673339364011&frm=20&pv=1&ga_vid=2103031479.1683165165&ga_sid=1683165165&ga_hid=687457950&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773809%2C44759837%2C31071755%2C31074199%2C44782468%2C44788441%2C44790154&oid=2&pvsid=4411695357551751&tmod=1546589930&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qZbXj8lkRQ&p=https%3A//publ.cc&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7EC7
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c23aaecf0789795b5f2cd1d6ccefb20ddcb535cfcc4b7deed6eebd70498d57b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 3D28
94 KB
12 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
744483
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MZWiRD29iH6vMYnuHL9b4u9WwYcYPBsMBzeHUeGfPG5ValBIFcHX53Ho3xhcY63bqriqRRc0SVpntkSFwszVW5G8V3hn2ncHEEiJF7j8Ykd5u2dwmzCv%2Ft%2BHs4rfNa%2BZAZfJqS65rY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7c1d1b2dce529b88-FRA
expires
Thu, 04 May 2023 02:52:45 GMT
r62eglto.js
ad4m.at/ Frame 3D28
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
203354
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WPxR6sbkUxl%2Bl4hekTdpPjD3FPLYUfDSGxs6z%2BYlDn6q94lyQ%2BuKLk%2Fd710YhM5Q8sXAD%2BJeg1%2BR1S6aPfPfAmoRnTuZoGVYDP3Mwwit4%2FYC%2F7u8w2stB8xT3lOdjmWmqqtXw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c1d1b2dce579b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Apr 2023 13:46:03 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3D28
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1706
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F6KjKxmaLklw9Mlk1i%2BmTAO03JJ%2BM3O2QBFD5FCzfD8WvvXi%2Fi2UJHH951H6nDWq185js8dlsjueEHkH4cK%2FN4KiQ5%2B6dUUcXWgIYdEIoRJSO3hQnKPeQ68k8oqLf%2FA7L1Xb8yDhqHa24qyrmDac3sV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c1d1b2eb85739c7-FRA
expires
Thu, 04 May 2023 02:15:39 GMT
frame.html
ad4m.at/ Frame 497D
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1748063
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c1d1b2e78db2c6f-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 04 May 2023 01:52:45 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njz87fSx4udLjecogYI2%2FytPlsZNS7f3%2FL98I6%2F3ak04iwR4R2e4J%2F%2FqWm%2BcTrUV5BcX5C5oCPMokyWQEa%2B%2BNPFbRC1kA2OcPYtjC64FOSokWrV%2Fh6asJNxXaO6Zl6piG0R%2BNbg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 3D28
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ab03ab58a0a7baeb1ed2652092a73e7e15a69216633440b3aaf52845a5e5a5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq5aItIjLlQzk%2FFg12GcBoGuoGWX52CWoMvN8YedfywPTX%2BGrrTCkglhwFzhjMfNqlFvmGdhavhEWh0ocngAk80%2FWf3D0eN06ZWOjfmt2i7pl7AqAoPOaM0Hyas2grI6zIhB7Dg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c1d1b2f2c083630-FRA
x-backend-server
aa-reachservice-group-europe-west1-5cmw
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c1d1b2eebd83630-FRA
content-length
24
content-type
text/plain
date
Thu, 04 May 2023 01:52:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYS47ancu06JtqpviWnJPYtkV2mLuXPm6dwL7Wizk2s263BoVKC%2BTt0W%2F%2BmZCJmyeE4x59TdVh9jcGk%2BRwUfP6pq6oQS%2BnXUWM614FdhuyGigzro8xOvzxYSYl2WUyqQdd8fp20%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-5cmw
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1e1a7f1133c0ba688bf21e473412944e076f5ec3b43b8fac8acd12b4692cab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11165
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3906127188473317&plah=publ.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 May 2023 01:52:45 GMT
rar
as.ad4m.at/ad/ Frame E4D0
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866d5f582cface253eafb334b9d0e9c3783fe880fd944aed1ef2c9884ee4180f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c1d1b2f795b2c6f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 01:52:46 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D570
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://publ.cc/zpsdcr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 19:48:21 GMT
expires
Thu, 02 May 2024 19:48:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 47A5
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b6b15949f9c9a5ff4cee50e2e2984b8a39a50d66c8961fc389b3845d56d596c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-asrhkMlwS96VDuyAr9vGhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://publ.cc/zpsdcr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-asrhkMlwS96VDuyAr9vGhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 01:52:46 GMT
expires
Thu, 04 May 2023 01:52:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame E4D0
94 KB
12 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
744484
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJBZJlcfIiicovbzBL3UBW3vCR%2FPDoIwXoLjhC4dAONQ%2BMwEbt8pWjFRmrdkWzE36%2BmvLkDrf5khdE6WhGjgXN9fiwd%2FEv7CSHruopTFk7qVPlzVYTD1D4N2Nm38PBUpF%2BBqlII%2BOYg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7c1d1b2fc98b2c6f-FRA
expires
Thu, 04 May 2023 02:52:46 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E4D0
2 KB
3 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
865987
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVA0MPILgG%2B9Pp1iuu4LxY7kJXVS3AwyLUxa%2BZXQUPQAhlCLfBaLzSORwStoUfboe2CXCFOS3PO0kEDzSbZAEfp0I2LgewkeH5iY3l%2F44ENlxC%2FcGcAwgtBQB%2Byj%2F1FUaurwsE2%2F2VahU%2BuR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf509b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E4D0
339 KB
340 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445865
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elVVB8wXF0WM9gecLbxbRRWIBwrYNXlq363RJm3Zhe8%2BTEdrtXoSEbD80xsG7oPPYRc%2BUcDrB6GANKnEW9VmtR%2F%2FfbvjlP5HsXsruXE4x0dnNmh49q0RjDWUAmmQq3czmSiF2OmhYc746bvn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf4e9b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
cshow.php
www.awin1.com/ Frame E4D0
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 May 2023 01:52:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E4D0
53 KB
54 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1413727
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A17rSG8ClnYs1rZWnxIyFMhyK3rx3y6kvbJuro4Xzq71eJ2T%2BH5jSBeoaH5teN76nXxWK%2B31hExAoNr3Rzu1axn%2BOhABJjeG55aEo0JaEr1FQIXgkG19zdiMFem%2FLJ6gm0%2B%2Fl7kIBlpFjr9D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf529b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame E4D0
31 KB
32 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453056
cf-polished
qual=85, origFmt=jpeg, origSize=80186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31900
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Feb 2021 09:05:09 GMT
server
cloudflare
etag
"59d356c7881daef6f04f2d59dfa8e54f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BSiMAHZbnzwbNNll1VCw3W8ZZpUD2QekE7hfUh%2FmED2t8jSmtfrlPm6l6nUlgBwAAwn7B0AX6D88X%2FUOlrE24ivANa3kMVeHdbTA89ygHzLo8f3nU%2BBc0JTkL6Y0Xy9JlVLRlEzI9UFMlHD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf519b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
/
partner.o2online.de/a/ Frame E4D0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIjXzO7G2v4CFY6W_QcdmdgKag;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite...
49 B
1 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Thu, 04 May 2023 01:52:46 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Thu, 04 May 2023 01:52:46 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame E4D0
5 KB
5 KB
Image
General
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1153111
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BADDMCekxoDmhiLRAwzAu1dGkvD4%2BWRz24NqAPMM5RZpmkBz5%2Fc5FwCPMIwMNfrCQ8mWCSh8lLoKroNkt1cpUNHDqOhw7lSRN1Or1vcwDXD7EkawRrLf1ROyqMyw9bpcuHdKBLl30WOEWjQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf549b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E4D0
91 KB
91 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1179338
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvmntGZ1uqePEInSvbrwyUWHHA2sPuTZ4Z1UBMsKpnRlyTICQdfHpO%2Bxl1U8ZS4FsI8r0SafqqMD7eQl1qU95QtPSZjfkd4ZUCvdivO6na1FVZMvg7RUic39vXUjHoMMNK6MHIa6lyBXKp93"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c1d1b2fdf539b88-FRA
expires
Fri, 05 May 2023 01:52:46 GMT
ikSMSteO3o14Tpi7JK6I_pos91N-O9tJx_W-F7IaH6U.js
pagead2.googlesyndication.com/bg/ Frame D570
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ikSMSteO3o14Tpi7JK6I_pos91N-O9tJx_W-F7IaH6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a448c4ad78ede8d784e98bb24ae88fe9a2cf7537e3bdb49c7f5be17b21a1fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
114287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 May 2024 18:07:59 GMT
link.html
track.webgains.com/ Frame E4D0
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9nhm80hr103m5r1a2qj1nyev9d0p5tandmvy827ra46njyfvrrdpzatq150tyfnqn142pfss2ss6erqyph3emdzmnvjrbde3ty3getpa4yaav0c0h5v18tx2pbjyvzvhb0b35g9qs5p9vgssng8sb1vh3bx3zemrbw0asxkmy05jnjm11jn9aq8hbqp28jcxj8r48aqg2c1h5bw6fyh2psnrjtwespecjd9mtwpat8gq8qk1a856mzsamg4vnds33sc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%252526client%25253Dca-pub-3906127188473317%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.171.28.83 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-28-83.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7c5edfda06f25023303be1bac3d4e86c52eef23d99e79765d509b07be132010b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
last-modified
Thu, 04 May 2023 01:52:46 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 04 May 2023 01:53:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 47A5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=4411695357551751&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame D570
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?htTjHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 01:52:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pvClk.min.js
analytics.webgains.io/ Frame E4D0
85 KB
31 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9nhm80hr103m5r1a2qj1nyev9d0p5tandmvy827ra46njyfvrrdpzatq150tyfnqn142pfss2ss6erqyph3emdzmnvjrbde3ty3getpa4yaav0c0h5v18tx2pbjyvzvhb0b35g9qs5p9vgssng8sb1vh3bx3zemrbw0asxkmy05jnjm11jn9aq8hbqp28jcxj8r48aqg2c1h5bw6fyh2psnrjtwespecjd9mtwpat8gq8qk1a856mzsamg4vnds33sc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%252526client%25253Dca-pub-3906127188473317%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-48.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:34:41 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
73086
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
HZp6FPXgHBFYQ74IK0XsD7TzbaAiyqEDDrBPhOeLrDQRNU2LAFV_VQ==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E4D0
15 KB
15 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1683165466&Signature=mWoPMrjomSYoW51kVY2EcQozmC0SW0K1DDWo93LakINidGTN0v4paPplGWaAMlmHQyl641K8uD3bz6rCc5oI3q~B2uVbvoOukOZzA6nY6ps7zJZDKFB-8o7w49trdhpkmijkvIMQvy9hn3yz5dEOY0udmfKnW9BNGIHZi98774N95ldVq-m3yQafQvzE2oKVEWf0vC4PMnZXoEah7DSwC3d7Hab5ql2nWzQ9omoh4cVlCOPfMXNtjLmH9OGuVkW-MM2yagIjybRJLrRwpDo2sthY7TyeaSpwcMrJMh7l-6YXfxAv361lL2Q31uyzuYNZ~0xq-4k2En9FxBkqHDLTfA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-123.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 03 May 2023 06:05:07 GMT
via
1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
71275
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
pFqdhkjHx6FrErTJ5ubBnhp0UtstTTAea4XNKD34eB0knsreN_UZ3Q==
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=4411695357551751&bg=!s7ClsOTNAAYV_mUANf47ADkAdvg8Wp0FAH9sMOEkaArEgAfioHpYa2HCvWY3CRd822lholDvv5yzfWbVguGADPyK0iCx3Nb5MNUCAAAAcFIAAAAEaAEHmQLfTKFDK6Wyo75WwrZVAL9ouVq_IfMWazF-VU8Ot6GRNui13YFxPGvt4lTxEFBfCsXtSnKVJJrx06nW2exLPQ06eFqGBDiqaCMvi_SYGu-DapydGaPwYqrI48fmdgcTJOw1JhvCtLKH8sKhVNdGCFxV2iB6jcVz0r2oBEr0DiCr1BlzqBDlQahVbeq9azwh2SUkiWruRHF8KuWgFtD87QDeWBbDt3Id7ahWlWMwsSZtDeDtAmDePkdzzYCCXCa7p6hbINCnfW3VO_Pd1R7S1YOGWTeC6BqrUS8L7EcEa9OPGiJ4YyWw8ezbfKwLYSa_rmoVixstH1FDWBya2Trdr-mSYaSRYlpac-o7mgfa80jKQUd7OvFjID0aNAL6vVfGhDSpGtjmxYeJ0jcFNSSr9WhAdHKnk60xImT66fns_yb-E0SBc3QYRtnHRi2jDarNcseG3N3-o7P7Y9FpfVFtOcQeG_c0XNUht4Dep_weAoTNahmNck03NN5mf2hpdIKL81-coNHjthJke1A0hlwIuIWZ9FrzD0ZP67ElUVdwdlnZY1ocSX1twJ3J5ft1zsMm5EFcseoyUwBPqa1PianaPgsJalusdnIrsoZ3OFdEc9hjwVwkW5p-yXv4X9O-3XQ7TJ-3F7xbDW8cv1asWBplVARVQ_QUPgD2SpQFlf_aWzVl_sb_V0i5tQQ8O5x-1rBDsH7wf-7-MfjY21OzV8QDiMdwEIjW6AIoQYed1nmVLXntPwdy8iD8B_52Eav99YhsnFGMLQnTdoPK0WAdV-2zu47ZYbAvurv-6B6gCZZakpnFh7dhCvotx0tJDXMQ9aj7cy3MG8tEOR_kjTR-cLfVTzhUEzOIUBRaouiBXGcyqoLuS6Rgd7cJoA5ibjbOYQ90J1FBXS45Pgaprq0Zui3Ig_g6Ez8ZAJPPnDkIXnrNaQFLd0ecpN0Cet7mfk5h4P_14OX5KZMO1GRnJJ6HxpXVURIk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://publ.cc/zpsdcr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 7EC7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI_hTKxVYgiZYgSQ3kn0FTdp6lUoIyW77IUWEOSvQDzcvQIpct93Bupefyd1HlbXAjKZQlH8R_JOPa4LE_lf5zTtGs&sig=Cg0ArKJSzJnmyav_2xlgEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2792561709&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683165165596&rpt=175&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 01:52:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame E4D0
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 May 2023 01:52:47 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 04 May 2023 01:52:47 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| google_lpabyc function| $ function| jQuery function| SVGInjector object| feather object| googletag object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
publ.cc/ Name: PHPSESSID
Value: f7bb9332712bb01a86dcc93ae36e31b5
.publ.cc/ Name: __gads
Value: ID=4a1b181fbbacc2f1-2278a8ceb7dd00d0:T=1683165165:RT=1683165165:S=ALNI_MaflnayisnCnxFhihhAg-DI53bjww
.publ.cc/ Name: __gpi
Value: UID=00000bf52b196eb1:T=1683165165:RT=1683165165:S=ALNI_MaKCeIYVzeULyKGGrecJ_n8_Zwvtw
.doubleclick.net/ Name: IDE
Value: AHWqTUmc0ZTI_I5plKleRkxCKDstJr3PnBOTJo6L3KrJSwulCeI1krBBWLP8n6vnlPc
.adfarm1.adition.com/ Name: UserID1
Value: 7229139337453631636
.casalemedia.com/ Name: CMID
Value: ZFMP7ejog.P9jl3.FVgK2AAA
.casalemedia.com/ Name: CMPS
Value: 3249
.casalemedia.com/ Name: CMPRO
Value: 3249
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBO0PU2QCEIgfABrtfKOqDcPYpJVjjB0FEgEBAQFhVGRcZAAAAAAA_eMAAA&S=AQAAAkbdwElfUH3VuqWeut8IX64
.adform.net/ Name: uid
Value: 3536929009610646724
.tribalfusion.com/ Name: ANON_ID
Value: aknseFtlix98qyTAZbCaMGvbUZbLnfIJfZcBwBHS1FHZd0cKnPsOsRrqqF7E9epqHKGDA1QHQAMETfVGf72IwhiL
.awin1.com/ Name: awpv20044
Value: 412871|1683165166|5dc1bdd0-ea1e-11ed-afd4-223664211a24
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MzE2NTE2NnZsZWExZGUyMDIzMDUwNDAzNTI0Njg0NTc5NDAxMTI1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRlazhhM2ZWZmticmFqSFpIZXQxdDQ0NUh3U1FUS0tNc0p4RUdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023050403524684579401125X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MzE2NTE2NnZsZWExZGUyMDIzMDUwNDAzNTI0Njg0NTc5NDAxMTI1WDExNzY3OVYxMjI2MTMyNzAyT

9 Console Messages

Source Level URL
Text
network error URL: https://publ.cc/zpsdcr
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1g89d2hmcdqmyfdafhpzb6ryt7hmnxy7q1vp7gn9pcrfcqe9a8fz6t61w1ymf5mbyzk179tvy3pj1zf2k7z8jk33z7ms8h50vbwjhqyxerf4jw22y53v7ke7s77feq8t1qpa6bjntqb3q830wk1m1md140dzcg60pwnv00hdhdc23wertbf1xnhjx15a7pa2v7qg6p66dz12rjv4htkyhakxpe9vjn1p98ag0sqzfxvhqdj3e7k9abb56kycfavzbrj17y4c3h0zefyrayp938xz5936pp1bzfkrfzq36h0n515dt0v8ddgrgq08nreprn52nz2zkt16tf04j3jmdn3bqcvt088y2e526b57spftykpebjh1ksppxx2m6nm307w4b47wf1tx8nawnfa808kpx7sscq30mb97cqw21xzvdexrhxh13xfcm4ytq85kxsfvw22a2r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%26client%3Dca-pub-3906127188473317%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=eff1e32db66619e4cb1c1539ce74ccd0%2F12711471210906138801&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683165165939&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hh8b9e1n33t4wcgvvnjfqt49448bvhk4xgajeaancwk7nzzjwhsgzzgvar9etpx10s042g0pbjvsgzhr1ey1h0c7rxezkww8gt9j687mrnc0znpyq9kcpk1sfw9rf86wb8hksbnppnrcepaz24571hj9vft24jqt7zbrv7mndmk341ekgs5zs354s1jeb637dxj3gdnykzskqc5vdys4r5x9x767jcb81msxr3at5369f27wd9zmv7fzsv9j2xfjbv8ryxh6hnhzzya0tym7j4p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW7YO7Q9TZPDlGcjC3wPZvaOgDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzkwNjEyNzE4ODQ3MzMxN8gBCakCuEm_tTNnsj6oAwGqBOABT9C6dqfHOphTi7QXE5yMuheSMte_JX0PJ8nCWqpFbtIa22B79L4Ty4jyO_ESvD4AE35bu1kHB1ySzeK-0vlE_FL5kuw7zQXZsUc-jiRMlm-zESe1JUThpB-QmG_W7x0KjWP4Nhv7OYdz55seep4BQfupNAqpGZwC9c6ERotJ29vUsW6YwbQGLm0i5UwrHgxeUzuDeq-xeNiaxBdE3CHfCb477oY5YKI8q6HxKDOKCM2Zl65kJRW6eLz7EM_AOOwdBpfcObvS2Wzw9O8OY2qXRVjkLh0YBi8xYpwxdJMq6kWABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03Axt3gMZpWRgiVC9fHoiAKooMPg%2526client%253Dca-pub-3906127188473317%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
adservice.google.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.dribbble.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsp.adfarm1.adition.com
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
publ.cc
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
142.250.185.162
167.233.13.224
172.217.18.6
18.133.81.67
18.171.28.83
185.80.39.216
192.229.220.206
23.56.205.163
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:19ad
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2004
2a05:d018:d29:3602:a6ef:9034:ef93:4d3e
35.186.253.211
37.157.2.239
52.223.40.198
65.9.95.123
65.9.95.48
74.220.219.168
84.200.5.215
85.114.159.118
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499
0b6b15949f9c9a5ff4cee50e2e2984b8a39a50d66c8961fc389b3845d56d596c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c
1c23aaecf0789795b5f2cd1d6ccefb20ddcb535cfcc4b7deed6eebd70498d57b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4af9bb88be5d211c5fcdbe3c3f6882bd30379cfcb23121a8203bbfef0a005b6f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6c9e04bcce8b5752ad7f3f3824daa47f5a7645efc6b35ee0bbba5d95c92a1762
7c5edfda06f25023303be1bac3d4e86c52eef23d99e79765d509b07be132010b
866d5f582cface253eafb334b9d0e9c3783fe880fd944aed1ef2c9884ee4180f
8a448c4ad78ede8d784e98bb24ae88fe9a2cf7537e3bdb49c7f5be17b21a1fa5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
a04eaddb5b778199064a1b1948545cde506e53ff276484fed072c716200cb9a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b132e5fbaec53cd29623a2ca0b4ac34b471298e8cf82c0df98bf6af9766e1b63
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c7ab03ab58a0a7baeb1ed2652092a73e7e15a69216633440b3aaf52845a5e5a5
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d48b0f5a775739343830defa03c56a1addc6a8c2c42b2e1a31fe3f2cac94064f
d87858d69ed074b8c87111f2c1f844e5a8772b864b788f0b4c9f964f518ce50d
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e2a8a40a026302aa683e3d2112d9b54793bc682df45a4e28f0a5a36237e48cdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e1a7f1133c0ba688bf21e473412944e076f5ec3b43b8fac8acd12b4692cab2
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdd176d93b55baa1c4ead448431e6417cb006b79c5310680c3615ef3256877a3