clk.one Open in urlscan Pro
81.177.136.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clk.one/VjL0
Submission: On January 26 via manual (January 26th 2022, 4:15:30 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 18 domains to perform 93 HTTP transactions. The main IP is 81.177.136.29, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is clk.one.
TLS certificate: Issued by R3 on December 21st 2021. Valid for: 3 months.

This is the only time clk.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	81.177.136.29 81.177.136.29	8342 (RTCOMM-AS) (RTCOMM-AS)
8	2a00:1450:400... 2a00:1450:400f:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400f:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:224... 2600:9000:224a:4a00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400f:80a::2004	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
93	24

13 81.177.136.29 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv229-vps-st.jino.ru

clk.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400f:800::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400f:800::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:4a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.eu.criteo.net — Cisco Umbrella Rank: 7730 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	63 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	202 KB
13	clk.one clk.one	157 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	2 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541	104 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	24 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	68 KB
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1576	922 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	1 KB
2	gstatic.com fonts.gstatic.com	51 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	643 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	341 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	33 KB
93	18

	Domain	Requested by
14	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
13	clk.one	clk.one
8	pagead2.googlesyndication.com	clk.one pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	mc.yandex.com	2 redirects mc.yandex.ru
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
2	mc.yandex.ru	1 redirects clk.one
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects clk.one
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	clk.one
1	www.googletagmanager.com	clk.one
1	code.jquery.com	clk.one
93	24

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.clk.one R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 9 frames:

Primary Page: https://clk.one/VjL0
Frame ID: 5A2C21525C9635D0001B78046421D62D
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/zrt_lookup.html
Frame ID: 9CF9B3B93C99D60E017BD8A1B9DAC45A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&adk=1812271804&adf=3025194257&lmt=1643213725&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fclk.one%2FVjL0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724973&bpp=2&bdt=234&idt=209&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6749181604348&frm=20&pv=2&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: E1BCA1ED56EB660D3A93F11F5EFAAC5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=90&slotname=6466313457&adk=3089341041&adf=4134371643&pi=t.ma~as.6466313457&w=728&lmt=1643213725&psa=0&format=728x90&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724975&bpp=1&bdt=236&idt=227&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5CA7Lcqdu&p=https%3A//clk.one&dtd=232
Frame ID: 5022CFC45A6013FB686B60A81CCE27E7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=280&slotname=4406840912&adk=3226970648&adf=2913177901&pi=t.ma~as.4406840912&w=960&fwrn=4&fwrnh=100&lmt=1643213725&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724976&bpp=1&bdt=237&idt=234&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HSV2HLbR29&p=https%3A//clk.one&dtd=236
Frame ID: AE141DAC01FDA42F86CE098CF41EDB74
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQADvWoK7eTOAASLgGNoAJoFinoxHcmfYQ&u=%7CdxbenMfvIlV6yBf%2FQGTV4%2B7oDWDwjXjYWmghLd2%2FjW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1XogzGAbpr82E-qhkaU0SAp17p7sdaharNxRiII9yko7-I_nIMH01VD1vC2dldiI92o45hiilJZ2Eyoeu0QpZz1geqGn4FP0YzgjBivhBpiB17iLAc_mZZ4ZVn47vEEpIIiL8xUHSoRDuBlNDtKoUChwW3F358ORzP79FpyjjJ2Y8Heo8GJU0gS_VfKmG4thCJhlC9nBgL2GiP7LYK32KMK0WjXt1hic89adlHJvGRAhSkIKztArnDDiuZxuWfbKF2WsRyZdelwd1yc7Z76UVqoEN3-UtHYp5kIzeBXwXMSog8p7EhDkME7AU2vM3A7cuQNQ9DZBtEYD74huvnmJyesMakn6HUMuWfbHBw7SfzWb_o5INh7xq_GlzX2CdmSdswpkoim6qM8hpJWVdEHYCeN4IY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLYLGnXPxYer6Ds7JtweAl5KgCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NDMxNjk0NTU5NTk3MjWgAdW20uoDyAEJqQJev9K9re2yPqgDAaoEuAFP0Mt_dIcJilC0ki_mAkwtt32idRdRCdbEmHIxY1qvKU17eVHWtf2J5UuhI-qITjcEAWqkk4tnltyMlbrAA1e-7Xy_9s2jK23OSl0ElPmiDE0qXUaKK9fJbRuUBR678tqvhAR3J9Oqzj8fDMQ8w-L9clqWoV-3tDjrZmGLHSxwpSZyR9X2B_gghv4bJ7_a_DZNSiIIj9wyO0tdt4sqKKjODZXDqo5WLj69SexbBE0_VDgYEJ3PQgZHgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14nZRnkHS9cutmj6dyOlAyv2V3cg%26client%3Dca-pub-3643169455959725%26adurl%3D
Frame ID: 0EA27F245CF254BAFBD09D65A9EEA352
Requests: 25 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQAEHPoKsopIAAVvt2JbTgriQdwVi3Qzbw&u=%7CdxbenMfvIlXLFuuaLldstiXHJG3bwUOVDv0JwmUuYJ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoBeNQDHLsV97sBnnuXA8hdQXsThnUsuYvISst3I0juZ16BieLYGxufY6ha5Jmw_NgfgUGh4JnqyPdBj-UkW1nJ39Nxuu8WgCbov6qbMb0FwhEnzfDuRfY25iZcw8GyUI6HZa6OfY0HWELmvAM6REIuHNDOGRJxPtixl34YnTCknyIoBKN8dsKMHd1hd7oDoHMh3rNygN-CV0Ol46Pnt6D3VzdqIpvWyzqZ0CF6KiuSYI8_vHAQo_aZwIn2VrLlCM7sj6JErOZ3bl1rO-UMs-PBYmu4bZae40AnPo6vWzkf7h8P56t5QvnpmC6Gpw8ZCQa8H8037drTtCW408fn_WobPclzsbvwmY66WlVWU3HJkZnJ8rfe5Lk_C4Bbh4CsnNx9Gv1XsGhyGKiaQ6p0l23ek&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCtNnXPxYfq5EMiUygW335XABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzY0MzE2OTQ1NTk1OTcyNaAB1bbS6gPIAQmpAl6_0r2t7bI-qAMBqgSzAU_QmY0bGEdsN2ApgU5M6Eqo3adwZV8oYHGuzTSHv772tawxF6Astau239XK8Mj9A-g9orUccivqd2evaMOlIrXvf71TKJaVBkWWebBKDDWd_b4xtpC7AGmYni3mcAeeRuRu5bq-aVPo3gbihmstzkROIrSFEXt4A4oz7HRJsjZa5G5-W_VIjl28jiu4585Tdq6gKoHm-LHcRov80IC_cayLYGzKH1xzQZXueTMeXwSsSMfegAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0s6jEK-1Tbh9ayMj6RcyTFk7wnng%26client%3Dca-pub-3643169455959725%26adurl%3D
Frame ID: 0175C13A40EDBE40935716C259AD41BC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C525656FDBE0ABE537D8F7C825FF578C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26887D131DFBB3CEDCBA1905E2D3AD26
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сервис сокращения ссылок - Короткие URL | CLK.ONE RU

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

97 %
HTTPS

74 %
IPv6

18
Domains

24
Subdomains

24
IPs

6
Countries

845 kB
Transfer

2119 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044B%u043B%u043E%u043A%20-%20%u041A%u043E%u0440%u043E%u0442%u043A%u0438%u0435%20URL%20%7C%20CLK.ONE%20RU;0.033880428571254395 HTTP 302
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044B%u043B%u043E%u043A%20-%20%u041A%u043E%u0440%u043E%u0442%u043A%u0438%u0435%20URL%20%7C%20CLK.ONE%20RU;0.033880428571254395

Request Chain 93

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9530.0Mu0vuwTl7iciimxS9gx9ODIEKIPMsKTJTha5Cwwtfh0luQdLn6VUubnCSo6oX2z.rw8ACIJU5J0RfQ_XXPl_HPHBszk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9530.B4orX8f6RCOm6EP_8uP4_D0XDlItDcWp63OUVwuOlD9TL63lf6HfOrVb0dJP4PVlUfJjXdt22xI1PAtoqLJdZg%2C%2C.7yFGYm3QW7UNZBjUtUSkCSlR7Y8%2C

Request Chain 95

https://mc.yandex.com/watch/74863930?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A740%3Acn%3A1%3Adp%3A0%3Als%3A1474000778806%3Ahid%3A3645897%3Az%3A0%3Ai%3A20220126161527%3Aet%3A1643213727%3Ac%3A1%3Arn%3A402297949%3Arqn%3A1%3Au%3A1643213727257702961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643213724508%3Ads%3A53%2C111%2C63%2C1%2C%2C0%2C%2C370%2C2%2C1557%2C1557%2C1%2C599%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643213727%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20-%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B8%D0%B5%20URL%20%7C%20CLK.ONE%20RU&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/74863930/1?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A740%3Acn%3A1%3Adp%3A0%3Als%3A1474000778806%3Ahid%3A3645897%3Az%3A0%3Ai%3A20220126161527%3Aet%3A1643213727%3Ac%3A1%3Arn%3A402297949%3Arqn%3A1%3Au%3A1643213727257702961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643213724508%3Ads%3A53%2C111%2C63%2C1%2C%2C0%2C%2C370%2C2%2C1557%2C1557%2C1%2C599%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643213727%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20-%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B8%D0%B5%20URL%20%7C%20CLK.ONE%20RU&t=gdpr%2814%29aw%281%29ti%282%29

93 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request VjL0 Show response
clk.one/ 9 KB
3 KB 227ms
63ms Document
text/html 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 / PHP/7.3.29
Resource Hash: 84c823cc86e8388fdfd9f8653c994f67d06f9737a1154d64f9227c235e59b428

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-type: text/html; charset=UTF-8
content-length: 3198
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
x-powered-by: PHP/7.3.29
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 143ms
56ms Script
text/javascript 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3643169455959725

Requested by

Host: clk.one
URL: https://clk.one/VjL0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe0b238d4cb2b9427bd85d905fac0b721b830d41a66937ca3f989cc1387b254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clk.one/
Origin: https://clk.one
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51962
x-xss-protection: 0
server: cafe
etag: 17695930873111561278
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Jan 2022 16:15:24 GMT

GET
H2 200 style.min.css
clk.one/assets/css/ 31 KB
8 KB 58ms
58ms Stylesheet
text/css 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/css/style.min.css
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 00c00bce946136fab8d158c577e90217cef6345044d269d9e329177e6bae0b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "7ddf-5d3ab23dd51c5-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 7924

GET
H2 200 logo_new.svg
clk.one/assets/img/ 4 KB
2 KB 178ms
175ms Image
image/svg+xml 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clk.one/assets/img/logo_new.svg
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: d5d09edd0c71bb7b5fdf9c964e091df1c8df686c15a5dbaedb9658caa65c7f2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "e10-5d3ab23dd6935-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 1558

GET
H2 200 loading.gif
clk.one/assets/img/ 81 KB
82 KB 178ms
176ms Image
image/gif 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clk.one/assets/img/loading.gif
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: c49c9d9db189690471411cfb5ee4f94bae8c1629aa0938f8342eba674a5d6e1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "14588-5d3ab23dd654d"
content-type: image/gif
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 83336

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 67ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: "573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1643213724.dop019.ml1.t,1643213724.cds216.ml1.hn,1643213724.cds214.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 clipboard.js Show response
clk.one/assets/js/ 1007 B
730 B 60ms
56ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/clipboard.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: c2df3d1f095e6e3032a82b482dc6fa75b99121fa9eae1e1ddd3a94a77221a1cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "3ef-5d3ab23dd6d1d-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 468

GET
H2 200 main.js Show response
clk.one/assets/js/ 9 KB
3 KB 63ms
60ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/main.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: dae575c457d0c5b4ae7459cbb0ecacd38c3b5bf8c76698773176ee9978d42f2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "2314-5d3ab23dd74ed-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 2452

GET
H2 200 masonry.pkgd.min.js Show response
clk.one/assets/js/ 24 KB
7 KB 61ms
58ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/masonry.pkgd.min.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "5e27-5d3ab23dd74ed-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 7354

GET
H2 200 imagesloaded.pkgd.min.js Show response
clk.one/assets/js/ 5 KB
2 KB 61ms
58ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/imagesloaded.pkgd.min.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "15da-5d3ab23dd7105-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 1810

GET
H2 200 jquery.fancybox.min.js Show response
clk.one/assets/js/ 67 KB
22 KB 119ms
115ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/jquery.fancybox.min.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "10a9d-5d3ab23dd7105-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 22013

GET
H2 200 tipped.min.js Show response
clk.one/assets/js/ 76 KB
20 KB 120ms
117ms Script
application/javascript 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/js/tipped.min.js
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 9cc3da2b4855a270b5305af3bb60c7e2581b4847da238a708d4cb343dcb5f0f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "1311e-5d3ab23dd78d5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 20285

GET
H2 200 jquery.fancybox.min.css
clk.one/assets/css/ 12 KB
3 KB 120ms
117ms Stylesheet
text/css 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/css/jquery.fancybox.min.css
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "31fb-5d3ab23dd51c5-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 3096

GET
H2 200 tipped.css
clk.one/assets/css/ 18 KB
4 KB 178ms
176ms Stylesheet
text/css 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.one/assets/css/tipped.css
Requested by: Host: clk.one
URL: https://clk.one/VjL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: 921616499702db5de086f682ca043c515ed74c906c0b68f08ec138507aa8125a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/VjL0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "4989-5d3ab23dd5995-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 3345

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 62ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4WZF4B2EZ

Requested by

Host: clk.one
URL: https://clk.one/VjL0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0818640724abade6a0f283310ef2e9d03d7ca65e1280e496bae54eba7df28d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62344
x-xss-protection: 0
expires: Wed, 26 Jan 2022 16:15:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: clk.one
URL: https://clk.one/assets/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72a4dfde6d3492b33274b134ef7292c29faf9b8b2fb8a285d96404c64ef28848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 14:31:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 16:15:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 16:15:24 GMT

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8081e7942505fe188f1992a3f5e24260e2ffd0c683c6d29d16891f7897f709f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bg-loading.svg
clk.one/assets/img/ 1 KB
812 B 175ms
174ms Image
image/svg+xml 81.177.136.29
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clk.one/assets/img/bg-loading.svg
Requested by: Host: clk.one
URL: https://clk.one/assets/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.136.29 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv229-vps-st.jino.ru
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29 /
Resource Hash: da85d3209c497eb5eafc24f2e1aebe53eba2c094dbddfa702bb1dab9fb9cb22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/assets/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:14:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.29
etag: "581-5d3ab23dd5995-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3153600, public
accept-ranges: bytes
content-length: 555

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v21/ 20 KB
20 KB 43ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://clk.one
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:43:34 GMT
x-content-type-options: nosniff
age: 73910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20480
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 19:43:34 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 30 KB
31 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://clk.one
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:33:06 GMT
x-content-type-options: nosniff
age: 74538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 19:33:06 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd9ee778c3e6d10390af17394904cecfd284efc8b4a4e209f265928a62ef25db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 312 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44b9056d2f11a99f0620425ce2fd995e140ffdb85b21b91be6c80edd2ee4e095

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 118ms
63ms Script
text/javascript 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3643169455959725&plah=clk.one&bust=31064215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3643169455959725

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ca0e54aca2b5a007af5440c5e615d6a8eaf5793a0de7b8080255b480b637347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104321
x-xss-protection: 0
server: cafe
etag: 14244270521556553882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Jan 2022 16:15:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/ Frame 9CF9 11 KB
5 KB 57ms
9ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220120/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3643169455959725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Wed, 26 Jan 2022 06:04:45 GMT
expires: Wed, 09 Feb 2022 06:04:45 GMT
cache-control: public, max-age=1209600
age: 36640
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044B%...
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044...

104 B
590 B

60ms
59ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044B%u043B%u043E%u043A%20-%20%u041A%u043E%u0440%u043E%u0442%u043A%u0438%u0435%20URL%20%7C%20CLK.ONE%20RU;0.033880428571254395

Requested by

Host: clk.one
URL: https://clk.one/VjL0

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 16:15:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Mon, 25 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 16:15:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//clk.one/VjL0;h%u0421%u0435%u0440%u0432%u0438%u0441%20%u0441%u043E%u043A%u0440%u0430%u0449%u0435%u043D%u0438%u044F%20%u0441%u0441%u044B%u043B%u043E%u043A%20-%20%u041A%u043E%u0440%u043E%u0442%u043A%u0438%u0435%20URL%20%7C%20CLK.ONE%20RU;0.033880428571254395
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 25 Jan 2021 21:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
341 B 37ms
15ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B4WZF4B2EZ&gtm=2oe1o0&_p=345456612&sr=1600x1200&ul=en-us&cid=949429139.1643213725&_s=1&dl=https%3A%2F%2Fclk.one%2FVjL0&dt=%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20-%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B8%D0%B5%20URL%20%7C%20CLK.ONE%20RU&sid=1643213725&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4WZF4B2EZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clk.one/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clk.one
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
643 B 59ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=clk.one&callback=_gfp_s_&client=ca-pub-3643169455959725

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3643169455959725&plah=clk.one&bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

de27fed06d622cd9fe8109139e4213123d1cdcba1cd5c6f3231b38a630082c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 58ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=clk.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=clk.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1BC 0
19 B 87ms
66ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&adk=1812271804&adf=3025194257&lmt=1643213725&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fclk.one%2FVjL0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724973&bpp=2&bdt=234&idt=209&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6749181604348&frm=20&pv=2&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 26 Jan 2022 16:15:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 16:15:25 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5022 22 KB
9 KB 372ms
361ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=90&slotname=6466313457&adk=3089341041&adf=4134371643&pi=t.ma~as.6466313457&w=728&lmt=1643213725&psa=0&format=728x90&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724975&bpp=1&bdt=236&idt=227&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5CA7Lcqdu&p=https%3A//clk.one&dtd=232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2228489d445e26ee81f229ba4d44ca2c459984008880ce95e1189b8c18bf2fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 26 Jan 2022 16:15:25 GMT
server: cafe
content-length: 9340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 16:15:25 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE14 22 KB
9 KB 355ms
349ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=280&slotname=4406840912&adk=3226970648&adf=2913177901&pi=t.ma~as.4406840912&w=960&fwrn=4&fwrnh=100&lmt=1643213725&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724976&bpp=1&bdt=237&idt=234&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HSV2HLbR29&p=https%3A//clk.one&dtd=236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef0c651e9bc266224085cdb8afc97c1a5325274e35cd19033187465062cb84d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 26 Jan 2022 16:15:25 GMT
server: cafe
content-length: 9381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 16:15:25 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame AE14 2 KB
1 KB 125ms
40ms Script
text/javascript 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=280&slotname=4406840912&adk=3226970648&adf=2913177901&pi=t.ma~as.4406840912&w=960&fwrn=4&fwrnh=100&lmt=1643213725&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724976&bpp=1&bdt=237&idt=234&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HSV2HLbR29&p=https%3A//clk.one&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:12:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE14 122 KB
38 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 16:15:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame AE14 15 KB
7 KB 118ms
34ms Script
text/javascript 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:08:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5022 2 KB
1 KB 109ms
41ms Script
text/javascript 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=90&slotname=6466313457&adk=3089341041&adf=4134371643&pi=t.ma~as.6466313457&w=728&lmt=1643213725&psa=0&format=728x90&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724975&bpp=1&bdt=236&idt=227&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5CA7Lcqdu&p=https%3A//clk.one&dtd=232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:12:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5022 122 KB
37 KB 39ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 16:15:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5022 15 KB
6 KB 103ms
36ms Script
text/javascript 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 16:08:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE14 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9BVYnXPxYer6Ds7JtweAl5KgCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NDMxNjk0NTU5NTk3MjWgAdW20uoDyAEJqQJev9K9re2yPqgDAaoEtQFP0Mt_dIcJilC0ki_mAkwtt32idRdRCdbEmHIxY1qvKU17eVHWtf2J5UuhI-qITjcEAWqkk4tnltyMlbrAA1e-7Xy_9s2jK23OSl0ElPmiDE0qXUaKK9fJbRuUBR678tqvhAR3J9Oqzj8fDMQ8w-L9clqWoV-3tDjrZmGLHSxwpSZyR9X2B_gghv4bJ7_a_HRPa7CPAEAhhNdJFFsXjlDHGZ91oKBOrIp1dEqpu1MTTL2ylI5wgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjQzMTY5NDU1OTU5NzI1GAA&sigh=y_cYKmQTl5A&uach_m=[UACH]&cid=CAQSGwCNIrLMQnh0N9-gbsKEI7jPwdZdRRxS7D4asRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=280&slotname=4406840912&adk=3226970648&adf=2913177901&pi=t.ma~as.4406840912&w=960&fwrn=4&fwrnh=100&lmt=1643213725&rafmt=1&psa=0&format=960x280&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724976&bpp=1&bdt=237&idt=234&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HSV2HLbR29&p=https%3A//clk.one&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 26 Jan 2022 16:15:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Jan 2022 16:15:25 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AE14 0
0 52ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RMAHmAKdg2ICAgAAANgyINJGFZF8EJxz8WGaeKXDSNW5p67qewAS&wp=YfFznQADvWoK7eTOAASLgGNoAJoFinoxHcmfYQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 294842
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0EA2 171 KB
53 KB 169ms
139ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQADvWoK7eTOAASLgGNoAJoFinoxHcmfYQ&u=%7CdxbenMfvIlV6yBf%2FQGTV4%2B7oDWDwjXjYWmghLd2%2FjW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1XogzGAbpr82E-qhkaU0SAp17p7sdaharNxRiII9yko7-I_nIMH01VD1vC2dldiI92o45hiilJZ2Eyoeu0QpZz1geqGn4FP0YzgjBivhBpiB17iLAc_mZZ4ZVn47vEEpIIiL8xUHSoRDuBlNDtKoUChwW3F358ORzP79FpyjjJ2Y8Heo8GJU0gS_VfKmG4thCJhlC9nBgL2GiP7LYK32KMK0WjXt1hic89adlHJvGRAhSkIKztArnDDiuZxuWfbKF2WsRyZdelwd1yc7Z76UVqoEN3-UtHYp5kIzeBXwXMSog8p7EhDkME7AU2vM3A7cuQNQ9DZBtEYD74huvnmJyesMakn6HUMuWfbHBw7SfzWb_o5INh7xq_GlzX2CdmSdswpkoim6qM8hpJWVdEHYCeN4IY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLYLGnXPxYer6Ds7JtweAl5KgCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NDMxNjk0NTU5NTk3MjWgAdW20uoDyAEJqQJev9K9re2yPqgDAaoEuAFP0Mt_dIcJilC0ki_mAkwtt32idRdRCdbEmHIxY1qvKU17eVHWtf2J5UuhI-qITjcEAWqkk4tnltyMlbrAA1e-7Xy_9s2jK23OSl0ElPmiDE0qXUaKK9fJbRuUBR678tqvhAR3J9Oqzj8fDMQ8w-L9clqWoV-3tDjrZmGLHSxwpSZyR9X2B_gghv4bJ7_a_DZNSiIIj9wyO0tdt4sqKKjODZXDqo5WLj69SexbBE0_VDgYEJ3PQgZHgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14nZRnkHS9cutmj6dyOlAyv2V3cg%26client%3Dca-pub-3643169455959725%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a759bad0d83a1a084666b9527c793524985aafc93f6b0fdac82684efaa2ff6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KB29LZEQTa_CImE-0U7YQ74ag92cKpXXH760_pf4Vt6V0M808FVthAVqs_JAIZ2_2EDFQG2VTxxfk7T7UUcgHgBCZRXIQ-FUZsyQgl7s4-DHK6NAXJBapjErzlY17rutjFS7gStWEAgolk3rcaoP45Q7n_IhNaSEQW1nOK5SlVNJpuRvfDZY1xT29adso8y5sxpP5CqIHCCtafMM4UYvlhGNGoabriv-Y8U1U5qGB2SJC0wPlS4_-hzmGlBA21Zf-YzR-A"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 110370833
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5022 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqVPNnXPxYfq5EMiUygW335XABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzY0MzE2OTQ1NTk1OTcyNaAB1bbS6gPIAQmpAl6_0r2t7bI-qAMBqgSwAU_QmY0bGEdsN2ApgU5M6Eqo3adwZV8oYHGuzTSHv772tawxF6Astau239XK8Mj9A-g9orUccivqd2evaMOlIrXvf71TKJaVBkWWebBKDDWd_b4xtpC7AGmYni3mcAeeRuRu5bq-aVPo3gbihmstzkROIrSFEXt4A4oz7HRJsjZa5G5-W_VIjl28jmm6xlzU-TKzlR3yW2Hh4HP1xIoJe4KT4tgCIvqB_ovCYba02xcTgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjQzMTY5NDU1OTU5NzI1GAA&sigh=vIzHHXnGXIg&uach_m=[UACH]&cid=CAQSGwCNIrLMwnAts9YLpYP0BMJDbGWQT9e02LYghRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3643169455959725&output=html&h=90&slotname=6466313457&adk=3089341041&adf=4134371643&pi=t.ma~as.6466313457&w=728&lmt=1643213725&psa=0&format=728x90&url=https%3A%2F%2Fclk.one%2FVjL0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643213724975&bpp=1&bdt=236&idt=227&shv=r20220120&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6749181604348&frm=20&pv=1&ga_vid=949429139.1643213725&ga_sid=1643213725&ga_hid=345456612&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066428%2C31064183%2C31064215%2C31063247&oid=2&pvsid=2945295791059351&pem=289&tmod=199382567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5CA7Lcqdu&p=https%3A//clk.one&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 26 Jan 2022 16:15:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Jan 2022 16:15:25 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5022 0
0 35ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EN6BMNgFWp2DYgICAAAAHG47_fq7Y9AQnHPxYXM-diQIAzV_K9A9ABI&wp=YfFznQAEHPoKsopIAAVvt2JbTgriQdwVi3Qzbw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 281736
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0175 155 KB
51 KB 127ms
114ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQAEHPoKsopIAAVvt2JbTgriQdwVi3Qzbw&u=%7CdxbenMfvIlXLFuuaLldstiXHJG3bwUOVDv0JwmUuYJ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoBeNQDHLsV97sBnnuXA8hdQXsThnUsuYvISst3I0juZ16BieLYGxufY6ha5Jmw_NgfgUGh4JnqyPdBj-UkW1nJ39Nxuu8WgCbov6qbMb0FwhEnzfDuRfY25iZcw8GyUI6HZa6OfY0HWELmvAM6REIuHNDOGRJxPtixl34YnTCknyIoBKN8dsKMHd1hd7oDoHMh3rNygN-CV0Ol46Pnt6D3VzdqIpvWyzqZ0CF6KiuSYI8_vHAQo_aZwIn2VrLlCM7sj6JErOZ3bl1rO-UMs-PBYmu4bZae40AnPo6vWzkf7h8P56t5QvnpmC6Gpw8ZCQa8H8037drTtCW408fn_WobPclzsbvwmY66WlVWU3HJkZnJ8rfe5Lk_C4Bbh4CsnNx9Gv1XsGhyGKiaQ6p0l23ek&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCtNnXPxYfq5EMiUygW335XABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzY0MzE2OTQ1NTk1OTcyNaAB1bbS6gPIAQmpAl6_0r2t7bI-qAMBqgSzAU_QmY0bGEdsN2ApgU5M6Eqo3adwZV8oYHGuzTSHv772tawxF6Astau239XK8Mj9A-g9orUccivqd2evaMOlIrXvf71TKJaVBkWWebBKDDWd_b4xtpC7AGmYni3mcAeeRuRu5bq-aVPo3gbihmstzkROIrSFEXt4A4oz7HRJsjZa5G5-W_VIjl28jiu4585Tdq6gKoHm-LHcRov80IC_cayLYGzKH1xzQZXueTMeXwSsSMfegAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0s6jEK-1Tbh9ayMj6RcyTFk7wnng%26client%3Dca-pub-3643169455959725%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e01b409d8f39c13b70cf9286b9eb662c7451c363d2d955752675e15e73dceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QOOOVZEQTa_CImE-oniknmegiOv-iS3PZDE63N0Q-Rfv98uYEfNDjJAS1fKiSPHcFBQme7d2NWO_mS8_GX2Rplw8qNz1ggVd-Z4WD-kgRf-4p4ArxgBHOstQrkn2N7UwK_j9xqJ3Kf3tJdE2dY4Sj31hcaWi7snlbMD-3LXVGbdGL1XoeI-bfhdPVI_nxNg4vwNludK_nPlo3527vD-8LI39ApxWxD7EggIkwwEiNoEOHOEo69LpLYcRtUC6h0kR7flTnQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 96836619
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame AE14 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d32407e4cb85e78ee8d699e6ebdb358269450d334fbc0c2276a4877d2c91f32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5022 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 703a02a924e6bae2a356849868c07d91d4af77024ead832a2ff123dca5c28e7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0175 2 KB
1 KB 62ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQAEHPoKsopIAAVvt2JbTgriQdwVi3Qzbw&u=%7CdxbenMfvIlXLFuuaLldstiXHJG3bwUOVDv0JwmUuYJ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoBeNQDHLsV97sBnnuXA8hdQXsThnUsuYvISst3I0juZ16BieLYGxufY6ha5Jmw_NgfgUGh4JnqyPdBj-UkW1nJ39Nxuu8WgCbov6qbMb0FwhEnzfDuRfY25iZcw8GyUI6HZa6OfY0HWELmvAM6REIuHNDOGRJxPtixl34YnTCknyIoBKN8dsKMHd1hd7oDoHMh3rNygN-CV0Ol46Pnt6D3VzdqIpvWyzqZ0CF6KiuSYI8_vHAQo_aZwIn2VrLlCM7sj6JErOZ3bl1rO-UMs-PBYmu4bZae40AnPo6vWzkf7h8P56t5QvnpmC6Gpw8ZCQa8H8037drTtCW408fn_WobPclzsbvwmY66WlVWU3HJkZnJ8rfe5Lk_C4Bbh4CsnNx9Gv1XsGhyGKiaQ6p0l23ek&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCtNnXPxYfq5EMiUygW335XABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzY0MzE2OTQ1NTk1OTcyNaAB1bbS6gPIAQmpAl6_0r2t7bI-qAMBqgSzAU_QmY0bGEdsN2ApgU5M6Eqo3adwZV8oYHGuzTSHv772tawxF6Astau239XK8Mj9A-g9orUccivqd2evaMOlIrXvf71TKJaVBkWWebBKDDWd_b4xtpC7AGmYni3mcAeeRuRu5bq-aVPo3gbihmstzkROIrSFEXt4A4oz7HRJsjZa5G5-W_VIjl28jiu4585Tdq6gKoHm-LHcRov80IC_cayLYGzKH1xzQZXueTMeXwSsSMfegAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0s6jEK-1Tbh9ayMj6RcyTFk7wnng%26client%3Dca-pub-3643169455959725%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0175 2 KB
1 KB 63ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0175 308 B
636 B 61ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 0175 507 B
835 B 61ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0175 0
462 B 158ms
107ms Image
text/plain 2600:9000:224a:4a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1643213725
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQAEHPoKsopIAAVvt2JbTgriQdwVi3Qzbw&u=%7CdxbenMfvIlXLFuuaLldstiXHJG3bwUOVDv0JwmUuYJ8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoBeNQDHLsV97sBnnuXA8hdQXsThnUsuYvISst3I0juZ16BieLYGxufY6ha5Jmw_NgfgUGh4JnqyPdBj-UkW1nJ39Nxuu8WgCbov6qbMb0FwhEnzfDuRfY25iZcw8GyUI6HZa6OfY0HWELmvAM6REIuHNDOGRJxPtixl34YnTCknyIoBKN8dsKMHd1hd7oDoHMh3rNygN-CV0Ol46Pnt6D3VzdqIpvWyzqZ0CF6KiuSYI8_vHAQo_aZwIn2VrLlCM7sj6JErOZ3bl1rO-UMs-PBYmu4bZae40AnPo6vWzkf7h8P56t5QvnpmC6Gpw8ZCQa8H8037drTtCW408fn_WobPclzsbvwmY66WlVWU3HJkZnJ8rfe5Lk_C4Bbh4CsnNx9Gv1XsGhyGKiaQ6p0l23ek&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCtNnXPxYfq5EMiUygW335XABMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzY0MzE2OTQ1NTk1OTcyNaAB1bbS6gPIAQmpAl6_0r2t7bI-qAMBqgSzAU_QmY0bGEdsN2ApgU5M6Eqo3adwZV8oYHGuzTSHv772tawxF6Astau239XK8Mj9A-g9orUccivqd2evaMOlIrXvf71TKJaVBkWWebBKDDWd_b4xtpC7AGmYni3mcAeeRuRu5bq-aVPo3gbihmstzkROIrSFEXt4A4oz7HRJsjZa5G5-W_VIjl28jiu4585Tdq6gKoHm-LHcRov80IC_cayLYGzKH1xzQZXueTMeXwSsSMfegAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0s6jEK-1Tbh9ayMj6RcyTFk7wnng%26client%3Dca-pub-3643169455959725%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:25 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: qENyMdxA1dhGssaDMnjUwZG_3181DKlMt--WTrQNPO6pSVEWzDrJyQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 0175 43 B
347 B 69ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=zwWjg_dilEUGzUYjtvasR3GqREddXgkxlDtcRxZOEABE1z0jsDLVDj5QY530zi8281OvVnXH5XUiSiFkKXUS5LAmKZDMxnZvddyKRVFWoJCF7p-l3bBYKrXpZ8UtYlcdtZp7c1XishyRrOfdDXpC570DxzmAHcII2DLkF9Vupq8MruayWFmjU_6VKVd0Y1JAen6Hejerg7aw9T3Rb66gbmcvVhMhQ6K-E8cIHL7dM_5sR-OqO4D9noF7-jIyiP6MTIUBpSDYxwEP98Y3KUIxQth80a_ZhbwUnWLW22Cci1KgrWd66HTk3Jc4SI8inStgy-W37xEKOd3MB5v51DnK2pj7zkLwbi9fFyC5ncxxQRMcVA5p0yX40_pVMr4gh2sKVmxx_rG8sV_1goeRxrn7rxdkB0o3JpJOJGspbmxxw2ZwPMaodTOVDfNoEttVA_A0ZlhUcQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2777572
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0175 12 KB
6 KB 38ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0EA2 2 KB
1 KB 30ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQADvWoK7eTOAASLgGNoAJoFinoxHcmfYQ&u=%7CdxbenMfvIlV6yBf%2FQGTV4%2B7oDWDwjXjYWmghLd2%2FjW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1XogzGAbpr82E-qhkaU0SAp17p7sdaharNxRiII9yko7-I_nIMH01VD1vC2dldiI92o45hiilJZ2Eyoeu0QpZz1geqGn4FP0YzgjBivhBpiB17iLAc_mZZ4ZVn47vEEpIIiL8xUHSoRDuBlNDtKoUChwW3F358ORzP79FpyjjJ2Y8Heo8GJU0gS_VfKmG4thCJhlC9nBgL2GiP7LYK32KMK0WjXt1hic89adlHJvGRAhSkIKztArnDDiuZxuWfbKF2WsRyZdelwd1yc7Z76UVqoEN3-UtHYp5kIzeBXwXMSog8p7EhDkME7AU2vM3A7cuQNQ9DZBtEYD74huvnmJyesMakn6HUMuWfbHBw7SfzWb_o5INh7xq_GlzX2CdmSdswpkoim6qM8hpJWVdEHYCeN4IY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLYLGnXPxYer6Ds7JtweAl5KgCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NDMxNjk0NTU5NTk3MjWgAdW20uoDyAEJqQJev9K9re2yPqgDAaoEuAFP0Mt_dIcJilC0ki_mAkwtt32idRdRCdbEmHIxY1qvKU17eVHWtf2J5UuhI-qITjcEAWqkk4tnltyMlbrAA1e-7Xy_9s2jK23OSl0ElPmiDE0qXUaKK9fJbRuUBR678tqvhAR3J9Oqzj8fDMQ8w-L9clqWoV-3tDjrZmGLHSxwpSZyR9X2B_gghv4bJ7_a_DZNSiIIj9wyO0tdt4sqKKjODZXDqo5WLj69SexbBE0_VDgYEJ3PQgZHgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14nZRnkHS9cutmj6dyOlAyv2V3cg%26client%3Dca-pub-3643169455959725%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0EA2 2 KB
1 KB 31ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0EA2 308 B
636 B 23ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 0EA2 507 B
835 B 22ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0EA2 0
460 B 106ms
105ms Image
text/plain 2600:9000:224a:4a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1643213725
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfFznQADvWoK7eTOAASLgGNoAJoFinoxHcmfYQ&u=%7CdxbenMfvIlV6yBf%2FQGTV4%2B7oDWDwjXjYWmghLd2%2FjW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0oQxlHyl1XogzGAbpr82E-qhkaU0SAp17p7sdaharNxRiII9yko7-I_nIMH01VD1vC2dldiI92o45hiilJZ2Eyoeu0QpZz1geqGn4FP0YzgjBivhBpiB17iLAc_mZZ4ZVn47vEEpIIiL8xUHSoRDuBlNDtKoUChwW3F358ORzP79FpyjjJ2Y8Heo8GJU0gS_VfKmG4thCJhlC9nBgL2GiP7LYK32KMK0WjXt1hic89adlHJvGRAhSkIKztArnDDiuZxuWfbKF2WsRyZdelwd1yc7Z76UVqoEN3-UtHYp5kIzeBXwXMSog8p7EhDkME7AU2vM3A7cuQNQ9DZBtEYD74huvnmJyesMakn6HUMuWfbHBw7SfzWb_o5INh7xq_GlzX2CdmSdswpkoim6qM8hpJWVdEHYCeN4IY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLYLGnXPxYer6Ds7JtweAl5KgCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NDMxNjk0NTU5NTk3MjWgAdW20uoDyAEJqQJev9K9re2yPqgDAaoEuAFP0Mt_dIcJilC0ki_mAkwtt32idRdRCdbEmHIxY1qvKU17eVHWtf2J5UuhI-qITjcEAWqkk4tnltyMlbrAA1e-7Xy_9s2jK23OSl0ElPmiDE0qXUaKK9fJbRuUBR678tqvhAR3J9Oqzj8fDMQ8w-L9clqWoV-3tDjrZmGLHSxwpSZyR9X2B_gghv4bJ7_a_DZNSiIIj9wyO0tdt4sqKKjODZXDqo5WLj69SexbBE0_VDgYEJ3PQgZHgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14nZRnkHS9cutmj6dyOlAyv2V3cg%26client%3Dca-pub-3643169455959725%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:25 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: u9ts04l9YaWBd21O8nJDdduelTXjYemtW1jAD16AkGdE8UqPECbisg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 0EA2 43 B
347 B 18ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=nNvEF6Igar3PdS5R9BM-mVDRxQW7k_6lT-WLiLRdiHIPGtEQAp0hLnPgh7AXgB6-cMe3Hlyjb2UYOKNX4ygkdSNUiNtBVx1I3e8FHTEecspze5zZuxwK-MhHDgTBxcVBKWL3oLFqDrvDApo92iK1dlERJo79FC5TfmGLFPTOCSf2YfoI5gfhssKBz_VbLBQCg1xuwgWrKAlWSB2SKNj27bipjmp9kd1QWlL4EHkbi42kEHqYzPaEQEorUe_kUZ2Ti5M5usqh969iTLGa4aI8orfOXDFuPRAJbvqE_EB-FSe20Yw2e8JqMi-j6SYmFSMrKcjU1haBWdA0v1SOXCRmlwkHI9azggl9UenGZNTZvsJlrmZrtrSlbGQNVDcyB8nWE4wJ5JUWTy5Zzs0mgqsyR9lNu9odi0YmQHEkScvzN4fr2Us8KQ4rGgWzEEwRDSwe4pLAkw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2594047
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0175 7 KB
7 KB 193ms
22ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:09:17 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 194768
vary: Origin
x-cache: hit
content-type: image/png
cache-control: public, max-age=30839042
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 7142
expires: Mon, 16 Jan 2023 08:33:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0175 0
127 B 77ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=QOOOVZEQTa_CImE-oniknmegiOv-iS3PZDE63N0Q-Rfv98uYEfNDjJAS1fKiSPHcFBQme7d2NWO_mS8_GX2Rplw8qNz1ggVd-Z4WD-kgRf-4p4ArxgBHOstQrkn2N7UwK_j9xqJ3Kf3tJdE2dY4Sj31hcaWi7snlbMD-3LXVGbdGL1XoeI-bfhdPVI_nxNg4vwNludK_nPlo3527vD-8LI39ApxWxD7EggIkwwEiNoEOHOEo69LpLYcRtUC6h0kR7flTnQ&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 16:15:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0175 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0175 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0EA2 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 7 KB
7 KB 87ms
23ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=WdRf6Q9mQAgL2zFfhMMUtchQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:09:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 194751
vary: Origin
x-cache: hit
content-type: image/png
cache-control: public, max-age=28698872
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 6722
expires: Thu, 22 Dec 2022 14:04:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
2 KB 87ms
24ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAusw%25C3%25A4rtiges_Amt____66998DE.gif%3Feb%3D1&v=3&w=800&s=aJ2py611bCqFrXrwaVMCtkBI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1f0a930d0679f03a247946aaf081964a4f9fad2f3eed2661f2e961a3e4932fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:55:03 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 195622
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=813394
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1372
expires: Wed, 02 Feb 2022 19:51:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 2 KB
3 KB 87ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoKolektor-Missel-Insulations-GmbH-104903DE-2012220822.gif%3Feb%3D1&v=3&w=800&s=ocxGcL15P-ZgB6F94Ge-dD9T&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fd186c86ecf9a5f94ab034208312159b1ca1cefd13042cf332d0119b172edc53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:20:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 194095
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=1037528
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 2250
expires: Sat, 05 Feb 2022 10:32:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
2 KB 89ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLandeshauptstadt-Stuttgart-188529DE.gif%3Feb%3D1&v=3&w=800&s=vZ604ejNI0IthEkYFX3drGcn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8081c76de1493e67239a84553a77c274e740ef5dfffc875d12b94eafd6729d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:20:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 197670
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=1815515
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1226
expires: Mon, 14 Feb 2022 09:39:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 2 KB
2 KB 88ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoStaatliche-Kunstsammlungen-Dresden-287780DE-2201191620.gif%3Feb%3D1&v=3&w=800&s=UVs9vQWmQ6zXUYZPQbZbbi-p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21b32da5a493de98d8be99537b8e9954ed7bcefa4d25781c79eed4e7334d2b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:53:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 195724
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=2197867
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1716
expires: Fri, 18 Feb 2022 20:24:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 2 KB
2 KB 88ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoSodexo-Services-GmbH-268646DE-2106261817.gif%3Feb%3D1&v=3&w=800&s=AwM82Zp7HfDBR5eAJ8ydmlR5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

173ac29a9d998299be052e273ad2283f1b91a0cd444a256446036dd22fe35320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:29:07 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 114377
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=723394
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1566
expires: Wed, 02 Feb 2022 17:25:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 3 KB
3 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoKliniken-Schmieder-Stiftung-Co-KG-83274DE.gif%3Feb%3D1&v=3&w=800&s=vF6ZH_KM5EoyEGPIXfKhfaIp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ce6fa80e877f7eeda29ecc39a47a45480aba5f8201e72e856d7d293d86e18562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:03:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 729
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=3576
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 3168
expires: Wed, 26 Jan 2022 06:53:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
2 KB 16ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2Flogofinanzen-net-GmbH-143563DE.gif%3Feb%3D1&v=3&w=800&s=Y_QghVtb-LPpQSnxX6JqEGqy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

369081185de8c3ddc58ba1e4c57febecc919b3362125e2828cd5dc60813392e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:03:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 195098
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=1235854
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1414
expires: Mon, 07 Feb 2022 17:21:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 2 KB
2 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBundesamt-fur-Migration-und-Fluchtlinge-102995DE.gif%3Feb%3D1&v=3&w=800&s=PI6N4B0XVTpb1T4clIW1R8Tn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f640a79a69360bbbd918b1cd92a71f9c69f58578e2b8658023f4472a32ed5baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:13:58 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 194486
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=1757885
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1920
expires: Sun, 13 Feb 2022 18:32:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
1 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWiesmann-Personalisten-GmbH-88129DE.gif%3Feb%3D1&v=3&w=800&s=7pfzMkFYnPCpuO9Gje6Ss2xG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

018b8e5d4b822f15aee18a1a2080da30feb3e6167c0e1299c57383b05ecbadd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 195517
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=351060
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1140
expires: Fri, 28 Jan 2022 11:27:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
1 KB 18ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEvangelische-Heimstiftung-GmbH-89393DE.gif%3Feb%3D1&v=3&w=800&s=2zR_25Wv1Xwdr0H9bU0OkxsH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

caacce1b26a81128f1cbb9ef7f92711e9e70de653379f625417e6ac0aab9c540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:22:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 197596
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=2281899
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1086
expires: Sat, 19 Feb 2022 19:13:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 1 KB
1 KB 18ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoScribbr-B-V-277389DE-2109171301.gif%3Feb%3D1&v=3&w=800&s=Dyl5XmWuJnDTGw9ZS4Nc5xAw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

94b11dcebc7b200b22b9561a3d0807bde8f84b2454063facd429ab5dc43d7b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 19:48:17 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 160028
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=365121
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1070
expires: Sat, 29 Jan 2022 01:13:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EA2 2 KB
2 KB 19ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLandesverband-der-Maschinenringe-in-Baden-Wurttemberg-e-V-118202DE.gif%3Feb%3D1&v=3&w=800&s=gY_6GQNBLJOFlH9qTPTPGkYQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d4d893d0f5f8808df0f2f22a2fc204d7ad3dff42257e7e290b63c16e26163577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:49:52 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 195933
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=2406405
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 1918
expires: Mon, 21 Feb 2022 06:16:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0EA2 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=KB29LZEQTa_CImE-0U7YQ74ag92cKpXXH760_pf4Vt6V0M808FVthAVqs_JAIZ2_2EDFQG2VTxxfk7T7UUcgHgBCZRXIQ-FUZsyQgl7s4-DHK6NAXJBapjErzlY17rutjFS7gStWEAgolk3rcaoP45Q7n_IhNaSEQW1nOK5SlVNJpuRvfDZY1xT29adso8y5sxpP5CqIHCCtafMM4UYvlhGNGoabriv-Y8U1U5qGB2SJC0wPlS4_-hzmGlBA21Zf-YzR-A&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 16:15:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0EA2 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0EA2 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:25 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 16:15:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 101ms
54ms XHR
application/json 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220120&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3f73f3a738acb53aeef9bddf825161b648134e370204b5aa0718e810929e0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8819
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
50ms Script
text/javascript 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 16:15:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C525 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 468880
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2688 783 B
1 KB 129ms
49ms Document
text/html 2a00:1450:400f:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71da7ccfe95cab88ca7f022dd178c3d90e8389fffed5531df9d0538dfe5d6584

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WYGp/6UQzQt4yTvd+3SDQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 26 Jan 2022 16:15:26 GMT
date: Wed, 26 Jan 2022 16:15:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WYGp/6UQzQt4yTvd+3SDQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame C525 35 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 503607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 20:21:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C525 0
9 B 34ms
33ms Image
text/plain 2a00:1450:400f:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wUb9Hg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:800::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 168ms
78ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: clk.one
URL: https://clk.one/VjL0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

35846c5410bd6fabd62978e1f35ad7ee1b4c5adc9580eb1dd0ef63d2405eba56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:26 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:25:59 GMT
etag: "61f113a7-10e66"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69222
expires: Wed, 26 Jan 2022 17:15:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5022 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCmQoNjFQM0iwPMMUZmu0TkgzyVXipmp_V41ZCX6ZOyVtwC_noyL-eg2E--ZNe2Hn63u-gqG_IG4tArHxh3YXi&sig=Cg0ArKJSzIFWNLDgfTOMEAE&id=lidar2&mcvt=1078&p=0,0,90,728&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3089341041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643213725208&rpt=517&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE14 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvMVRFudm3C5dwt_GFNztx4fEb3EOauNMv-QovZppLP9_7JODXZ2YcQ3trsPxFKVAKUK8bhiojWsBt8M5qdekxkQ&sig=Cg0ArKJSzJPiuenhXQ9uEAE&id=lidar2&mcvt=1080&p=0,0,280,960&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3226970648&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643213725212&rpt=492&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2688 0
0 59ms
58ms Image
text/html 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220120&jk=2945295791059351&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:400f:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220120&jk=2945295791059351&bg=!wcKlwobNAAZ_DxPPfw87ACkAdvg8WlxyhzZWfyU6hLPzmpvhSQR-hHpJRSH3bDL_RVxQQlPNmRO4gQIAAAG2UgAAAANoAQeZAptmELcZZCf-s-fq1F4FtbcW05AgQFHauAs2nmSjQDS3zwKVtZl6Ck6lJ2hmX1KsUne7t_tdjA96yNyKCpNSx-uOIHpN0C2pdCqsBIRsuOXBFVsdpekRPUwCKuDfEVGxWE-aLp--J9HbziVbikVU3nQv1nArcv-I8CNtji-3SmMNloCqTCPrrEY1jRSsev_3fzCUOhn2-Qk3Kb0tYbQiox1SKzHxxpU0TrgeE0CQD23izVaK5gwYb8T_dX2E_bNJtv9nNW5dvqwC4f1gDMBcAcPc-Ai7iX_wfZaAyLnCvcvS_dy3Y6YyX77W-8NTYjcCQtIreh4AU2VrtSlmiKhIYYzOiG4_JInRcIgaVdTMIPAyrci84OXxgA8KbRmUmm3N9zBcqASHbdXFwL9sId5fLHibyQuKU54w3kcuqDiSWZ6xnT0DVRX1QfEFtMlJTAaO3Y5441OSI0HNwq9irPmdFMYVccjNqkUPSq4I0500hFoWBeTspaKZrMXpanOZf_UyeDI1QUt5YqTSYpF84Lrwx8pTf0Ogq3U9ETmer5SH0auDFmvYcr7mtOp0QyzKzAKY3LZTGAjwKAe3y5MA_9DrypUHMWSsVXPEqpsW-KTg2tx_MlIN_uNP7GyL1rhUx6VfA4RN2L5AkhWDsBPmcLvvh2NFH1Cj3TGnhpbztnSC7W7DjUv60VaUXpj9ZZ4WAH3yAfoKYK4YaPcApLJiX_tz3qA_-BelGACm522TAhkdcuMX-tvyb6OQR2Krwejgkq-XxhoKUc3gIlTD6Uv0X8MnozRxSN4W1Cw5Pm4P1OuCNzcxZjPcE48On12l-ZCzPSESnVZdHRB1vExT9LkGijuUeGNp6vORBXKWHCaTHdrX5vrbCgAPnEZGLQbRwIt1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0175 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 16:15:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 0EA2 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 16:15:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9530.0Mu0vuwTl7iciimxS9gx9ODIEKIPMsKTJTha5Cwwtfh0luQdLn6VUubnCSo6oX2z.rw8ACIJU5J0RfQ_XXPl_HPHBszk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9530.B4orX8f6RCOm6EP_8uP4_D0XDlItDcWp63OUVwuOlD9TL63lf6HfOrVb0dJP4PVlUfJjXdt22xI1PAtoqLJdZg%2C%2C.7yFGYm3QW7UNZBjUtUSkCSlR7Y8%2C

75 B
75 B

39ms
39ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9530.B4orX8f6RCOm6EP_8uP4_D0XDlItDcWp63OUVwuOlD9TL63lf6HfOrVb0dJP4PVlUfJjXdt22xI1PAtoqLJdZg%2C%2C.7yFGYm3QW7UNZBjUtUSkCSlR7Y8%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:27 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9530.B4orX8f6RCOm6EP_8uP4_D0XDlItDcWp63OUVwuOlD9TL63lf6HfOrVb0dJP4PVlUfJjXdt22xI1PAtoqLJdZg%2C%2C.7yFGYm3QW7UNZBjUtUSkCSlR7Y8%2C
date: Wed, 26 Jan 2022 16:15:27 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 39ms
38ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:15:27 GMT
last-modified: Wed, 26 Jan 2022 12:25:59 GMT
etag: "61f113a7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 26 Jan 2022 17:15:27 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/74863930/
Redirect Chain

https://mc.yandex.com/watch/74863930?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/74863930/1?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

331 B
413 B

39ms
39ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/74863930/1?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A740%3Acn%3A1%3Adp%3A0%3Als%3A1474000778806%3Ahid%3A3645897%3Az%3A0%3Ai%3A20220126161527%3Aet%3A1643213727%3Ac%3A1%3Arn%3A402297949%3Arqn%3A1%3Au%3A1643213727257702961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643213724508%3Ads%3A53%2C111%2C63%2C1%2C%2C0%2C%2C370%2C2%2C1557%2C1557%2C1%2C599%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643213727%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20-%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B8%D0%B5%20URL%20%7C%20CLK.ONE%20RU&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5b1e9caf53caf2dc5ce54b908f14604d42f8268bc6fe088e307e12e42d0e1a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clk.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 26-Jan-2022 16:15:27 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clk.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 26-Jan-2022 16:15:27 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:27 GMT
last-modified: Wed, 26-Jan-2022 16:15:27 GMT
location: /watch/74863930/1?wmode=7&page-url=https%3A%2F%2Fclk.one%2FVjL0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A740%3Acn%3A1%3Adp%3A0%3Als%3A1474000778806%3Ahid%3A3645897%3Az%3A0%3Ai%3A20220126161527%3Aet%3A1643213727%3Ac%3A1%3Arn%3A402297949%3Arqn%3A1%3Au%3A1643213727257702961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643213724508%3Ads%3A53%2C111%2C63%2C1%2C%2C0%2C%2C370%2C2%2C1557%2C1557%2C1%2C599%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643213727%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20-%20%D0%9A%D0%BE%D1%80%D0%BE%D1%82%D0%BA%D0%B8%D0%B5%20URL%20%7C%20CLK.ONE%20RU&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://clk.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 26-Jan-2022 16:15:27 GMT

POST
H2 200 74863930 Show response
mc.yandex.com/webvisor/ 43 B
145 B 77ms
76ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/74863930?wmode=0&wv-part=1&wv-hit=3645897&page-url=https%3A%2F%2Fclk.one%2FVjL0&rn=955246703&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1643213730%3Aw%3A1600x1200%3Av%3A740%3Az%3A0%3Ai%3A20220126161529%3Au%3A1643213727257702961%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643213730&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clk.one/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:29 GMT
last-modified: Wed, 26-Jan-2022 16:15:29 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clk.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 26-Jan-2022 16:15:29 GMT

POST
H2 200 74863930 Show response
mc.yandex.com/webvisor/ 43 B
73 B 39ms
39ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/74863930?wmode=0&wv-part=1&wv-hit=3645897&page-url=https%3A%2F%2Fclk.one%2FVjL0&rn=442025425&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1643213730%3Aw%3A1600x1200%3Av%3A740%3Az%3A0%3Ai%3A20220126161529%3Au%3A1643213727257702961%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643213730&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clk.one/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 16:15:29 GMT
last-modified: Wed, 26-Jan-2022 16:15:29 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clk.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 26-Jan-2022 16:15:29 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clk.one/	1970-01-20 00:27:00	Name: csrf_cookie_name Value: 5fb48f864fb091d8598807461b4cd386
clk.one/	1970-01-20 09:12:29	Name: user_token Value: 6129f9cf1c1b51b89c9bd6d5a2bdbbc8
.clk.one/	1970-01-20 17:58:05	Name: _ga Value: GA1.1.949429139.1643213725
.clk.one/	1970-01-20 09:48:29	Name: __gads Value: ID=fd371d0bce5b8a23-2299d4442bcd006d:T=1643213725:RT=1643213725:S=ALNI_MYDWhIjmqeKX_NfwYxvMDLAdyVkCw
.yadro.ru/	1970-01-20 09:11:20	Name: FTID Value: 1XyNET0be-uF1XyNET000Na5
.yadro.ru/	1970-01-20 09:11:20	Name: VID Value: 283JHX3ONyeF1XyNET000NhT
.doubleclick.net/	1970-01-20 09:48:29	Name: IDE Value: AHWqTUnnZWE4VPVGOTRwWspPc5xbyAfpr0vMuxGcsvYLDpuNpnYAMVeNzYdBYJ-bL1o
.clk.one/	1970-01-20 17:58:05	Name: _ga_B4WZF4B2EZ Value: GS1.1.1643213725.1.0.1643213726.0
.clk.one/	1970-01-20 09:12:29	Name: _ym_uid Value: 1643213727257702961
.clk.one/	1970-01-20 09:12:29	Name: _ym_d Value: 1643213727
.mc.yandex.com/	1970-01-20 00:26:54	Name: sync_cookie_csrf Value: 3810878205fake
.clk.one/	1970-01-20 00:28:05	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 00:26:54	Name: sync_cookie_csrf Value: 1333339127fake
.yandex.com/	1970-01-20 09:12:29	Name: yandexuid Value: 3275606701643213727
.yandex.com/	1970-01-20 09:12:29	Name: yuidss Value: 3275606701643213727
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 247193091643213727
.yandex.com/	1970-01-23 16:02:53	Name: i Value: 0Fz/HkCm8bg3fP9Gd9LmN1gkO85fmGT/ZV+mVlJ8XNJQBkBNwNDgFtmUSG55SfX88mBcP2xAkWTFjmwTCr/pXuhzkjM=
.yandex.com/	1970-01-20 09:12:29	Name: ymex Value: 1674749727.yrts.1643213727#1674749727.yrtsi.1643213727
.clk.one/	1970-01-20 00:26:55	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9530.B4orX8f6RCOm6EP_8uP4_D0XDlItDcWp63OUVwuOlD9TL63lf6HfOrVb0dJP4PVlUfJjXdt22xI1PAtoqLJdZg%2C%2C.7yFGYm3QW7UNZBjUtUSkCSlR7Y8%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
clk.one
code.jquery.com
counter.yadro.ru
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.184.226
178.250.2.135
178.250.2.148
178.250.2.150
2001:4de0:ac18::1:a:3a
2600:9000:224a:4a00:1e:a43d:b640:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:400f:800::2001
2a00:1450:400f:800::2002
2a00:1450:400f:80a::2004
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:6b8::1:119
81.177.136.29
88.212.201.210
00c00bce946136fab8d158c577e90217cef6345044d269d9e329177e6bae0b34
018b8e5d4b822f15aee18a1a2080da30feb3e6167c0e1299c57383b05ecbadd0
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0818640724abade6a0f283310ef2e9d03d7ca65e1280e496bae54eba7df28d35
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
173ac29a9d998299be052e273ad2283f1b91a0cd444a256446036dd22fe35320
1f0a930d0679f03a247946aaf081964a4f9fad2f3eed2661f2e961a3e4932fc6
21b32da5a493de98d8be99537b8e9954ed7bcefa4d25781c79eed4e7334d2b96
2228489d445e26ee81f229ba4d44ca2c459984008880ce95e1189b8c18bf2fe6
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
35846c5410bd6fabd62978e1f35ad7ee1b4c5adc9580eb1dd0ef63d2405eba56
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
369081185de8c3ddc58ba1e4c57febecc919b3362125e2828cd5dc60813392e5
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
44b9056d2f11a99f0620425ce2fd995e140ffdb85b21b91be6c80edd2ee4e095
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
4a759bad0d83a1a084666b9527c793524985aafc93f6b0fdac82684efaa2ff6c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5b1e9caf53caf2dc5ce54b908f14604d42f8268bc6fe088e307e12e42d0e1a72
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6d32407e4cb85e78ee8d699e6ebdb358269450d334fbc0c2276a4877d2c91f32
6fe0b238d4cb2b9427bd85d905fac0b721b830d41a66937ca3f989cc1387b254
703a02a924e6bae2a356849868c07d91d4af77024ead832a2ff123dca5c28e7d
71da7ccfe95cab88ca7f022dd178c3d90e8389fffed5531df9d0538dfe5d6584
72a4dfde6d3492b33274b134ef7292c29faf9b8b2fb8a285d96404c64ef28848
7e01b409d8f39c13b70cf9286b9eb662c7451c363d2d955752675e15e73dceb5
8081c76de1493e67239a84553a77c274e740ef5dfffc875d12b94eafd6729d65
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84c823cc86e8388fdfd9f8653c994f67d06f9737a1154d64f9227c235e59b428
8ca0e54aca2b5a007af5440c5e615d6a8eaf5793a0de7b8080255b480b637347
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
921616499702db5de086f682ca043c515ed74c906c0b68f08ec138507aa8125a
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
94b11dcebc7b200b22b9561a3d0807bde8f84b2454063facd429ab5dc43d7b6a
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc3da2b4855a270b5305af3bb60c7e2581b4847da238a708d4cb343dcb5f0f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8081e7942505fe188f1992a3f5e24260e2ffd0c683c6d29d16891f7897f709f
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c2df3d1f095e6e3032a82b482dc6fa75b99121fa9eae1e1ddd3a94a77221a1cc
c49c9d9db189690471411cfb5ee4f94bae8c1629aa0938f8342eba674a5d6e1c
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
caacce1b26a81128f1cbb9ef7f92711e9e70de653379f625417e6ac0aab9c540
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
ce6fa80e877f7eeda29ecc39a47a45480aba5f8201e72e856d7d293d86e18562
d3f73f3a738acb53aeef9bddf825161b648134e370204b5aa0718e810929e0e5
d4d893d0f5f8808df0f2f22a2fc204d7ad3dff42257e7e290b63c16e26163577
d5d09edd0c71bb7b5fdf9c964e091df1c8df686c15a5dbaedb9658caa65c7f2b
da85d3209c497eb5eafc24f2e1aebe53eba2c094dbddfa702bb1dab9fb9cb22a
dae575c457d0c5b4ae7459cbb0ecacd38c3b5bf8c76698773176ee9978d42f2f
de27fed06d622cd9fe8109139e4213123d1cdcba1cd5c6f3231b38a630082c57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef0c651e9bc266224085cdb8afc97c1a5325274e35cd19033187465062cb84d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f640a79a69360bbbd918b1cd92a71f9c69f58578e2b8658023f4472a32ed5baa
fd186c86ecf9a5f94ab034208312159b1ca1cefd13042cf332d0119b172edc53
fd9ee778c3e6d10390af17394904cecfd284efc8b4a4e209f265928a62ef25db

clk.one Open in urlscan Pro 81.177.136.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

97 %HTTPS

74 %IPv6

18 Domains

24 Subdomains

24 IPs

6 Countries

845 kBTransfer

2119 kBSize

19 Cookies

1 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clk.one Open in urlscan Pro
81.177.136.29 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

97 %
HTTPS

74 %
IPv6

18
Domains

24
Subdomains

24
IPs

6
Countries

845 kB
Transfer

2119 kB
Size

19
Cookies

93 HTTP transactions
6 data transactions