clik.pw Open in urlscan Pro
2606:4700:3036::681f:5e04  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

• http://projectagoralibs.com/libs/projectagora.min.js HTTP 301
• https://projectagoralibs.com/libs/projectagora.min.js

Request Chain 35

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20uii.io&c7=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20uii.io&c7=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&c9=&cs_ak_ss=1

Request Chain 53

• http://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077 HTTP 307
• https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077

Request Chain 67

• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=r1u_cnv HTTP 302
• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=r1u_cnv&dcc=t

Request Chain 85

• http://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
• http://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

Request Chain 95

• http://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-LcnsP2mT5zeBcnyeGeavKNDZuBtRRiQE1&unload=-5013701607940725660@@38217817,4842748284199948831,100|1075|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||11|1 HTTP 307
• https://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-LcnsP2mT5zeBcnyeGeavKNDZuBtRRiQE1&unload=-5013701607940725660@@38217817,4842748284199948831,100|1075|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||11|1

Request Chain 96

• http://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||01|1 HTTP 307
• https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||01|1

Request Chain 97

• http://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_rBznXBjCfiuQyGD_Uoj4SFDoRbILqzpS_GUF24o_ZS0_uUO1FCbfMJu6bHrw2&adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0&rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2&rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20&rnd=657743489 HTTP 307
• https://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_rBznXBjCfiuQyGD_Uoj4SFDoRbILqzpS_GUF24o_ZS0_uUO1FCbfMJu6bHrw2&adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0&rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2&rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20&rnd=657743489

Request Chain 124

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
• https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXtCqEmcuDNoh9e-BK5cHI&google_cver=1

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set Yw1WX1 Show response clik.pw/u/	12 KB 6 KB	281ms 265ms	Document text/html	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11d7068fe7e4fb268eab229c730c4cd39b1f56189d2a31f4d0bb7d92de5c1874 Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Host clik.pw Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d93bf2002732d1e883982140045f99b231595514651; expires=Sat, 22-Aug-20 14:30:51 GMT; path=/; domain=.clik.pw; HttpOnly; SameSite=Lax AppSession=6f8efc0f42fb83179508013458acf94a; path=/u/; HttpOnly csrfToken=85d4b128ebf9f17cafde7d8767e1d326b909c445f1dabd1b1f528e5715e2fd0cc249cc6123b066d20ad1e8dd4018037408fec39b98341543beb1bf662a100336; path=/u/; HttpOnly Vary Accept-Encoding Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN X-Robots-Tag noindex, nofollow X-XSS-Protection 1; mode=block 1; mode=block X-Content-Type-Options nosniff nosniff X-Nginx-Cache-Status MISS X-Server-Powered-By Engintron CF-Cache-Status DYNAMIC cf-request-id 041dae9c110000dfcb86387200000001 Server cloudflare CF-RAY 5b761a0cec8adfcb-FRA Content-Encoding gzip
GET H/1.1	404 Not Found	fontawesome-webfont.woff2 clik.pw/new_theme/build/fonts/	0 0	294ms 285ms	Font text/html	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/new_theme/build/fonts/fontawesome-webfont.woff2 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Origin http://clik.pw Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status EXPIRED Server cloudflare X-Frame-Options SAMEORIGIN Content-Type text/html; charset=UTF-8 X-XSS-Protection 1; mode=block Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5b761a0ebcd5dfe7-FRA Vary Accept-Encoding cf-request-id 041dae9d300000dfe7200e4200000001
GET H/1.1	200 OK	link.css clik.pw/u/new_theme/build/css/	13 KB 4 KB	13ms 13ms	Stylesheet text/css	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/u/new_theme/build/css/link.css?ver=6.4.0 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0271f7641ccb317de80961459ec093d9d8140757a2e1403c7aa75b49301c450 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:51 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT Age 871832 Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Pragma public Last-Modified Mon, 13 Jan 2020 22:24:24 GMT Server cloudflare X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag W/"33bf76-35ba-59c0cf005b600" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 cf-request-id 041dae9d2a0000dfcb863a7200000001 CF-RAY 5b761a0ea952dfcb-FRA Expires Wed, 12 Aug 2020 12:20:18 GMT
GET H/1.1	200 OK	clik.pw.js Show response paslsa.com/c/	2 KB 2 KB	33ms 17ms	Script application/javascript	2606:4700:3037::681b:8fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://paslsa.com/c/clik.pw.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3037::681b:8fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d21dc5371289aeaf8a6e5d59456aec425ed50b51d465011c81ec09a335f9867 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:51 GMT Content-Encoding gzip CF-Cache-Status HIT Age 6063 CF-RAY 5b761a0eef78d725-FRA Connection keep-alive Content-Length 1025 x-amz-id-2 FpaMLJLEbuUwhyhWEj4czYoNsxCMHIt7vMFQLZWWPZ5hNc9XMOBngpE3rDaphDxpSp4AzlOXNUw= Last-Modified Thu, 23 Jul 2020 08:38:25 GMT Server cloudflare ETag "1e9a8481d428d243ade81b484468a240" Vary Accept-Encoding x-amz-request-id 83A0A163A157F953 Cache-Control max-age=14400 cf-request-id 041dae9d4c0000d725f697d200000001 Accept-Ranges bytes Content-Type application/javascript
GET H2	200	fuse.js Show response cdn.fuseplatform.net/publift/tags/2/2111/	46 KB 13 KB	24ms 6ms	Script application/javascript	2600:1901:0:14e5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/publift/tags/2/2111/fuse.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:14e5:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash cf1660612804744a0b2b12fd98145b6fdf455436393299db2cccd3543f254cfc Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:04:20 GMT content-encoding gzip age 1591 x-guploader-uploadid AAANsUmPyLOpFXQELiKzLJTwXs76IoVsZGNnXhs8Qx9K0R8dqOXVplEoibf_-AXNf2TPXLf6ngoTlKXddo_lRZ_LtHsP1OGFmA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 13297 last-modified Fri, 17 Jul 2020 05:58:06 GMT server UploadServer etag "31853e44ddb8f10c841edfd437cbf893" vary Accept-Encoding x-goog-hash crc32c=tkeuUw==, md5=MYU+RN248QyEHt/UN8v4kw== x-goog-generation 1594965486421259 cache-control public, max-age=1800 x-goog-stored-content-length 13297 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Thu, 23 Jul 2020 14:34:20 GMT
GET H2	200	uii.svg uii.io/new_theme/img/	2 KB 1 KB	87ms 35ms	Image image/svg+xml	2606:4700:3035::ac43:b3ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uii.io/new_theme/img/uii.svg Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b3ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0978aa0f509cce4732f1453bb4bfe67acc37bd9b402b35ea57dbcec559540811 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 872894 status 200 vary Accept-Encoding cf-request-id 041dae9d70000097600408a200000001 pragma public last-modified Mon, 13 Jan 2020 21:35:13 GMT server cloudflare etag W/"1df64b-89c-59c0c402ccde0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/svg+xml x-xss-protection 1; mode=block cache-control max-age=5184000 cf-ray 5b761a0f1a0f9760-FRA expires Fri, 11 Sep 2020 12:02:40 GMT
GET H/1.1	200 OK	/ Show response ads.projectagoraservices.com/	14 KB 14 KB	188ms 137ms	Script application/javascript	34.96.108.236 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://ads.projectagoraservices.com/?id=6452 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 34.96.108.236 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 01361b83ada4e1f9987c3be6d2536c954a2eedb5ba60820dd9888e8075aad837 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:52 GMT Via 1.1 google Expires -1 Cache-Control private, no-cache, no-store, must-revalidate Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	/ Show response ads.projectagoraservices.com/	14 KB 14 KB	182ms 134ms	Script application/javascript	34.96.108.236 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://ads.projectagoraservices.com/?id=8932 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 34.96.108.236 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash b8a0713eed3a7e8890e7496b5f39b2df891d24bd8f502723be0c188acc283f00 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:52 GMT Via 1.1 google Expires -1 Cache-Control private, no-cache, no-store, must-revalidate Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	ads.js Show response clik.pw/u/js/	191 B 776 B	18ms 12ms	Script application/javascript	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/u/js/ads.js?ver=6.4.0 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:51 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT Age 871832 Transfer-Encoding chunked Connection keep-alive cf-request-id 041dae9d410000dfcb863a9200000001 Pragma public Last-Modified Tue, 03 Sep 2019 05:24:48 GMT Server cloudflare X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag W/"31c284-bf-5919f4e988800" Vary Accept-Encoding Content-Type application/javascript X-XSS-Protection 1; mode=block Cache-Control max-age=2592000 CF-RAY 5b761a0ec9b0dfcb-FRA Expires Wed, 12 Aug 2020 12:20:18 GMT
GET H/1.1	200 OK	script.min.js Show response clik.pw/u/new_theme/build/js/	202 KB 60 KB	39ms 27ms	Script application/javascript	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/u/new_theme/build/js/script.min.js?ver=6.4.0 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:51 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT Age 871832 Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Pragma public Last-Modified Mon, 13 Jan 2020 21:36:39 GMT Server cloudflare X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag W/"33bf6a-32956-59c0c454147c0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 cf-request-id 041dae9d470000c2b3cf2e5200000001 CF-RAY 5b761a0ed817c2b3-FRA Expires Wed, 12 Aug 2020 12:20:18 GMT
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	742 B 563 B	20ms 15ms	Script text/javascript	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8ef8c1badab58d7d913f20bb41d9941190f3afd6bc7041734366b48098f492ae Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:51 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 471 x-xss-protection 1; mode=block expires Thu, 23 Jul 2020 14:30:51 GMT
GET H/1.1	200 OK	ga.js Show response clik.pw/js/	43 KB 18 KB	46ms 36ms	Script application/javascript	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/js/ga.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 717c8512d3ffcf76b5a0a39e49d572887b0e44e821a124722f71b34d3bdbc2a1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT Age 871842 Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block Pragma public Last-Modified Mon, 22 Jun 2020 21:06:28 GMT Server cloudflare X-Frame-Options SAMEORIGIN ETag W/"2003ab-adfe-5a8b29dcd3e00" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 cf-request-id 041dae9d4700009790e33c8200000001 CF-RAY 5b761a0ed8749790-FRA Expires Wed, 12 Aug 2020 12:20:09 GMT
GET H/1.1	403 Forbidden	invoke.js b02byun5xc3s.com/f4b1ca9d58a479bcfd46c3e000d1beb0/	0 0	305ms 241ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://b02byun5xc3s.com/f4b1ca9d58a479bcfd46c3e000d1beb0/invoke.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 23 Jul 2020 14:30:52 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	aomini.js Show response lv.adocean.pl/files/js/	8 KB 3 KB	114ms 72ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL http://lv.adocean.pl/files/js/aomini.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash c9d355e1a65a6bb97cd4af5a0fe10a9e0169fd568cd00a0f35a2bd82e8c4bb80 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Last-Modified Mon, 13 Jul 2020 10:59:27 GMT Server GAD ETag "00001E15458726DB" Vary Accept-Encoding,Origin P3P CP="NOI DSP COR NID PSAo OUR IND" Cache-Control public, must-revalidate, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=10 Content-Length 2986 Expires Fri, 24 Jul 2020 14:30:52 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 clik.pw/u/new_theme/build/fonts/	75 KB 76 KB	53ms 50ms	Font font/woff2	2606:4700:3036::681f:5e04 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clik.pw/u/new_theme/build/fonts/fontawesome-webfont.woff2 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700:3036::681f:5e04 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/new_theme/build/css/link.css?ver=6.4.0 Origin http://clik.pw Response headers Date Thu, 23 Jul 2020 14:30:52 GMT X-Content-Type-Options nosniff CF-Cache-Status HIT Age 871833 Connection keep-alive Content-Length 77160 cf-request-id 041dae9d440000c2c2f6159200000001 Pragma public Last-Modified Tue, 21 Jan 2020 21:01:00 GMT Server cloudflare X-Frame-Options SAMEORIGIN, SAMEORIGIN ETag "33bf70-12d68-59cacb47dbb00" Vary Accept-Encoding Content-Type font/woff2 X-XSS-Protection 1; mode=block Cache-Control max-age=5184000 Accept-Ranges bytes CF-RAY 5b761a0edcf9c2c2-FRA Expires Fri, 11 Sep 2020 12:20:19 GMT
GET H2	200	projectagora.min.js Show response projectagoralibs.com/libs/ Redirect Chain http://projectagoralibs.com/libs/projectagora.min.js https://projectagoralibs.com/libs/projectagora.min.js	351 KB 100 KB	33ms 15ms	Script application/javascript	2606:4700:e4::ac40:ae1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/projectagora.min.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1659a020b95dcfc8b9486aa8a188fa567d8fbaaf12758653e18080bcece3ba2 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip cf-cache-status HIT age 4226 cf-ray 5b761a0f6cc896d4-FRA status 200 content-length 101512 x-amz-id-2 BGlZm4lbmrTSEpUi0a+yE2MCCgusctSd9ilvjsZoz+l7QPKwqqGQ2UGe/fqjgbOMlEqugMUq4Lk= last-modified Thu, 23 Jul 2020 07:20:20 GMT server cloudflare etag "04a7211fd4155f9292c110f2a63e8b35" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 7400D8460F61D6F4 cache-control max-age=14400 cf-request-id 041dae9da3000096d435b9c200000001 accept-ranges bytes content-type application/javascript Redirect headers Date Thu, 23 Jul 2020 14:30:52 GMT Server cloudflare Vary Accept-Encoding Location https://projectagoralibs.com/libs/projectagora.min.js Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 5b761a0f3ad2175e-FRA cf-request-id 041dae9d860000175ee4012200000001 Expires Thu, 23 Jul 2020 15:30:52 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/	6 KB 3 KB	42ms 19ms	XHR application/javascript	2600:9000:21f3:2e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/choice.js?timestamp=1595514652024 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2111/fuse.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b87e33c62b6f669bf677838c5d499ae74a6ce3509087585f46b9eed910b4f161 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 access-control-allow-origin http://clik.pw last-modified Tue, 07 Jul 2020 01:42:19 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript; charset=UTF-8 via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) access-control-allow-credentials true x-amz-cf-id 2ZT2Ta_ttBNBXzkeLYHrAu4Yz_KAvd87vh9u9PX3XJxzTkHNfFkLrg==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	49 KB 17 KB	247ms 86ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2111/fuse.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c42bbcaf1eddc49375380e56dfee62518899c4fa2fe1e40058b6a69533d1463 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "579 / 339 of 1000 / last-modified: 1595513485" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16727 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:52 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/	6 KB 2 KB	33ms 11ms	Script application/javascript	2600:9000:21f3:2e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/choice.js?timestamp=1595514652024 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2111/fuse.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b87e33c62b6f669bf677838c5d499ae74a6ce3509087585f46b9eed910b4f161 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip last-modified Tue, 07 Jul 2020 01:42:19 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 status 200 x-amz-cf-id cwUwpcbu7w33JaNfWdM0J1hXsmr1BynUmMThRFsFIw3e5ReCywB4dA== via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
GET H/1.1	200 OK	loader.js Show response cdn.taboola.com/libtrc/clikmena-f4737582/	60 KB 18 KB	92ms 64ms	Script application/javascript	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL http://cdn.taboola.com/libtrc/clikmena-f4737582/loader.js Requested by Host: projectagoralibs.com URL: https://projectagoralibs.com/libs/projectagora.min.js Protocol HTTP/1.1 Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 9f57d2afda406aa6a79e49f938aad9af54bc0d03bf6dfc7dd58d748acabc7af3 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id BA6W1shha8pfn8ugxCEJ8eOqo3V1YT8C Content-Encoding gzip ETag "3f33ec22b99d903a056cf242ae307350" Age 8803 X-Cache HIT Connection keep-alive Content-Length 17547 x-amz-id-2 1M24WvoLOLCVtyGtRKWSwy6hQOYLjabh9Q2d5IlmU70ZHgbD1dD5xi5TqMuhPrQ1Q0Pkm6E3t0s= X-Served-By cache-hhn4034-HHN Last-Modified Thu, 23 Jul 2020 12:04:01 GMT Server AmazonS3 X-Timer S1595514652.196916,VS0,VE0 Date Thu, 23 Jul 2020 14:30:52 GMT Vary Accept-Encoding x-amz-request-id 5C4676E9C4D2ED64 Via 1.1 varnish Cache-Control private,max-age=14401 Accept-Ranges bytes Content-Type application/javascript; charset=utf-8 abp 81 X-Cache-Hits 2
GET H2	200	cmp.js Show response quantcast.mgr.consensu.org/	257 KB 70 KB	8ms 8ms	Script text/javascript	2600:9000:21f3:2e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/cmp.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/choice.js?timestamp=1595514652024 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b80635d65f907b3eccd5b25b9ce269f3ea4ae3ff47ac34d59e533dc782aef80 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:17:04 GMT content-encoding gzip last-modified Thu, 09 Jul 2020 22:07:20 GMT server AmazonS3 age 828 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-meta-qc-ineu True x-amz-cf-pop FRA2-C2 x-amz-cf-id nAIkJonWfsYsGdeyRsrt2ClPXOoOwgJQoW3c_6NJ_dI5HClsGxST9w== via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
GET H2	200	cmp-3pc-check.html static.quantcast.mgr.consensu.org/v35/ Frame 4E0A	0 0	31ms 15ms	Document text/html	2600:9000:21f3:ec00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v35/cmp-3pc-check.html Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:ec00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority static.quantcast.mgr.consensu.org :scheme https :path /v35/cmp-3pc-check.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 content-type text/html content-length 645 last-modified Thu, 09 Jul 2020 22:07:14 GMT x-amz-server-side-encryption AES256 accept-ranges bytes server AmazonS3 date Thu, 23 Jul 2020 14:27:52 GMT etag "55b98270d639ef0c34781d9f03cce91f" x-cache Hit from cloudfront via 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id nCsQ3IrfQeAjV9pgFFiFEEDP5OyZdc_UZeYlO_5qqFys5lwbBSGWSg== age 181
GET H/1.1	200 OK	prebid.js Show response projectagora.net/libs/prebidv3/	269 KB 84 KB	36ms 23ms	Script application/javascript	2606:4700:3035::6812:3c5e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://projectagora.net/libs/prebidv3/prebid.js Requested by Host: ads.projectagoraservices.com URL: http://ads.projectagoraservices.com/?id=6452 Protocol HTTP/1.1 Server 2606:4700:3035::6812:3c5e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip CF-Cache-Status HIT Age 5113 Transfer-Encoding chunked Connection keep-alive x-amz-request-id D62FC4E58E2F2B98 x-amz-id-2 yWOiNejMRVbOvb186PZN80BzL6QMXDPMqwV2jSsNLx1gizhK//NQhUpNw6Sf+6xW6h6O+moWg10= Last-Modified Mon, 20 Jul 2020 09:30:50 GMT Server cloudflare ETag W/"0926c1cca7636a4e7a577e89f647addf" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=14400 cf-request-id 041dae9e450000dfcf3535f200000001 CF-RAY 5b761a106efedfcf-FRA
GET H2	200	mojio-js.min.js Show response www.displayvertising.com/	31 KB 9 KB	224ms 52ms	Script application/x-javascript	195.181.175.55 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.displayvertising.com/mojio-js.min.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4a542ab18920d3c41d0f1faa1e435eef273d099605314f11f74d8cc73240a59c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Origin http://clik.pw Response headers x-77-nzt AcO1rzWrZB39IGUAAA== date Thu, 23 Jul 2020 14:30:52 GMT content-encoding br server CDN77-Turbo link <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect x-edge-pop frankfurtDE status 200 x-cache HIT content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 x-edge-ip 195.181.175.53 x-age 25888 alt-svc quic=":443"; ma=2592000; v="44,43,39" expires Thu, 30 Jul 2020 07:19:24 GMT
GET H2	200	ad.js Show response lv.adocean.pl/_1595514652280/	59 KB 59 KB	155ms 47ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lv.adocean.pl/_1595514652280/ad.js?id=ISdH4K9JhzAkZctx3x.0DokNwnzwp545OD29P2a4JMn.87/x=1600/y=1200/nc=1 Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/js/aomini.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash 67df58378cc093c1faf96e71f145197a51ba9437d5eb932bc756234b329b36ac Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:52 GMT server GAD vary Origin p3p CP="NOI DSP COR NID PSAo OUR IND" status 200 cache-control no-store, no-cache, must-revalidate, max-age=0 accept-ranges none content-type application/x-javascript content-length 59923 expires Wed, 22 Jul 2020 14:30:52 GMT
GET H2	200	cmpui-banner.js Show response static.quantcast.mgr.consensu.org/v35/	250 KB 68 KB	16ms 16ms	Script text/javascript	2600:9000:21f3:ec00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:ec00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5473df52a14c0356aec01678c4eb7b16c1311a18519f7c1fc8d37bb7cafe9dda Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:17:57 GMT content-encoding gzip last-modified Thu, 09 Jul 2020 22:07:14 GMT server AmazonS3 age 776 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-cf-pop FRA2-C2 x-amz-cf-id mmbpYB66cPxBAxtsmezdng8UsfU2giYbGggSdtKsUclgN-weQozqIA== via 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/	330 KB 130 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 16:39:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Jul 2020 04:04:52 GMT server sffe age 251490 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133183 x-xss-protection 0 expires Tue, 20 Jul 2021 16:39:22 GMT
GET H/1.1	200 OK	collect www.google-analytics.com/r/	35 B 373 B	19ms 13ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1771875424&t=pageview&_s=1&dl=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20uii.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1111706552&gjid=1411204351&cid=781485868.1595514652&tid=UA-96442335-3&_gid=2000150725.1595514652&_r=1&z=487184665 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:52 GMT X-Content-Type-Options nosniff Last-Modified Sun, 17 May 1998 03:00:00 GMT Server Golfe2 Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Content-Length 35 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	impl.20200723-19-RELEASE.js Show response cdn.taboola.com/libtrc/	454 KB 129 KB	149ms 50ms	Script application/javascript	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200723-19-RELEASE.js Requested by Host: cdn.taboola.com URL: http://cdn.taboola.com/libtrc/clikmena-f4737582/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a11aabc33b9d89d1e6cf19e0813577f207e2b6dae895f1459f3bbac666db7e3e Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id ZBQ.GMAK5omIkILSezKZWH63tz_X7DlK content-encoding gzip etag "538466815b1b8b46e547462f0ea185eb" age 12483 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 131292 x-amz-id-2 pn+Z0D0thZ4tE5uu4WLD/RnetlzESignn3PHaSm788qDeSOgYPeiJEfLqo6tabgwIApLbxv9ZLc= x-served-by cache-hhn4076-HHN last-modified Thu, 23 Jul 2020 11:02:30 GMT server AmazonS3 x-timer S1595514652.435761,VS0,VE0 date Thu, 23 Jul 2020 14:30:52 GMT vary Accept-Encoding x-amz-request-id 8KAY8ZEN7PDH1XBJ via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 18 x-cache-hits 112158
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	149ms 46ms	Script application/x-javascript	23.203.68.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: http://cdn.taboola.com/libtrc/clikmena-f4737582/loader.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.203.68.192 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Fri, 24 Jul 2020 14:30:52 GMT
GET H2	200	integrator.js Show response adservice.google.pl/adsid/	109 B 829 B	60ms 15ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.pl/adsid/integrator.js?domain=clik.pw Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 168 B	16ms 15ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=clik.pw Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020072001.js Show response securepubads.g.doubleclick.net/gpt/	253 KB 89 KB	85ms 85ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:52 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Jul 2020 13:10:24 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91349 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:52 GMT
GET H2	200	vendorlist.json Show response vendorlist.consensu.org/	99 KB 18 KB	46ms 12ms	XHR application/json	2600:9000:20eb:200:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/vendorlist.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:200:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 77b7ecc7c4aa2db7a32cb9d4d8daea84888e126a02eb6d55d7884de2f3be9fa7 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 17 Jul 2020 13:43:09 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 521264 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 16 Jul 2020 16:00:42 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id mZpZhgvhYw41YwwZX9iFU1IoE2evD.ri via 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop FRA2-C1 content-type application/json; charset=utf-8 x-amz-cf-id EAQrstnYW1aOhCpIKvyQD3BNSxWeMLs1y7BvVUqtjVZ3cMkJ6SRrUQ==
GET H2	200	pubvendors.json Show response quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/.well-known/	7 KB 2 KB	10ms 7ms	XHR application/json	2600:9000:21f3:2e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/clik.pw/.well-known/pubvendors.json?timestamp=1595514652137 Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7e483398fb7f3e79a615012ad0eb47d5718e0123e5e3b2f7313606d1f98e9172 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:16:33 GMT content-encoding gzip vary Origin age 860 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 access-control-allow-origin http://clik.pw last-modified Tue, 07 Jul 2020 01:42:19 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/json;charset=UTF-8 via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) access-control-allow-credentials true x-amz-cf-pop FRA2-C2 x-amz-cf-id D2cQALJ0X-GTe5SP9GddwlZ34u6ZLoiSxRe9USWOyDx50K0rnxB0yQ==
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20... https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%2...	0 528 B	52ms 51ms	Image text/plain	23.203.68.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20uii.io&c7=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&c9=&cs_ak_ss=1 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.203.68.192 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:52 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1595514652467&ns_c=UTF-8&cv=3.5&c8=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20uii.io&c7=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&c9=&cs_ak_ss=1 Pragma no-cache Date Thu, 23 Jul 2020 14:30:52 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	sarg=NC adlv.hit.gemius.pl/_1595514652505/redot.js/id=d101LQbiVdI.il30ZZBCpsRpHQD_c7sh8sMHETxXs9T.a7/nc=1/stparam=obpnitoutk/fastid=ndygaokckcavtnjnzmztgvxihblu/	2 B 230 B	259ms 99ms	Other application/x-javascript	54.38.133.12 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/_1595514652505/redot.js/id=d101LQbiVdI.il30ZZBCpsRpHQD_c7sh8sMHETxXs9T.a7/nc=1/stparam=obpnitoutk/fastid=ndygaokckcavtnjnzmztgvxihblu/sarg=NC Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.12 , France, ASN16276 (OVH, FR), Reverse DNS Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:52 GMT server GHC status 200 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin http://clik.pw cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges none content-type application/x-javascript content-length 2 expires Wed, 22 Jul 2020 14:30:52 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame DA2A	0 0	25ms 25ms	Document text/html	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRySYUAAAAAGy5OtBN-HyYto7fF8nKcj2ExhKb&co=aHR0cDovL2NsaWsucHc6ODA.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=uqhhj6o3trei Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cKm9PzV0lL7s3ki//Z/B2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LeRySYUAAAAAGy5OtBN-HyYto7fF8nKcj2ExhKb&co=aHR0cDovL2NsaWsucHc6ODA.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=uqhhj6o3trei pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 23 Jul 2020 14:30:52 GMT content-security-policy script-src 'report-sample' 'nonce-cKm9PzV0lL7s3ki//Z/B2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10784 server GSE alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	ldt3Y37cfk_190527.js Show response lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ Frame E3F1	128 KB 31 KB	61ms 60ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL http://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash 4c19faac548c66e431ca0b853f5eaae2ce365c59ead1b9e009e1d60866ef4c48 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Last-Modified Mon, 27 May 2019 11:59:45 GMT Server GAD ETag "5CEBD1310001FF20E57E33AB" Vary Accept-Encoding,Origin P3P CP="NOI DSP COR NID PSAo OUR IND" Cache-Control public, must-revalidate, max-age=4320000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=10 Content-Length 31424 Expires Fri, 11 Sep 2020 14:30:52 GMT
GET H/1.1	200 OK	stpd190807.js Show response lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/ Frame E3F1	309 KB 98 KB	122ms 75ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS Software GAD / Resource Hash f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Last-Modified Wed, 07 Aug 2019 13:18:46 GMT Server GAD ETag "5D4ACFB60004D59FCCE94314" Vary Accept-Encoding,Origin P3P CP="NOI DSP COR NID PSAo OUR IND" Cache-Control public, must-revalidate, max-age=4320000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Keep-Alive timeout=10 Content-Length 99489 Expires Fri, 11 Sep 2020 14:30:52 GMT
GET H/1.1	200 OK	/ Show response c.adsco.re/	35 KB 13 KB	29ms 18ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/mojio-js.min.js Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip CF-Cache-Status HIT Age 1322488 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 041dae9fba0000e007ac9eb200000001 Server cloudflare ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Vary Accept-Encoding Content-Type text/html Cache-Control max-age=43200,public,immutable,no-transform CF-RAY 5b761a12ce98e007-FRA Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 08 Jul 2020 19:09:24 GMT
GET H/1.1	200 OK	p adsco.re/	0 323 B	116ms 67ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Max-Age 2592000 Cache-Control no-transform Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ 6.adsco.re/	0 657 B	45ms 38ms	Other text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5b761a12eef30742-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 041dae9fd00000074218bf4200000001
POST H/1.1	200 OK	p Show response adsco.re/	0 408 B	137ms 94ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://clik.pw Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 6.adsco.re/	53 B 670 B	39ms 33ms	XHR text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://clik.pw Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5b761a12f9ba97f0-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 041dae9fd7000097f0df03d200000001
GET H/1.1	200 OK	/ Show response 6tzmebbvglgo.l.adsco.re/	0 464 B	207ms 55ms	XHR text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://6tzmebbvglgo.l.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H/1.1	200 OK	/ Show response 6tzmebbvglgo.n.adsco.re/	0 464 B	565ms 126ms	XHR text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://6tzmebbvglgo.n.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:53 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET		/ 6tzmebbvglgo.s.adsco.re/	0 0
GET H/1.1	200 OK	/ c.adsco.re/ Frame 01AA	0 0	56ms 56ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://clik.pw/u/Yw1WX1 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers Date Thu, 23 Jul 2020 14:30:52 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=43200,public,immutable,no-transform Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 08 Jul 2020 19:09:24 GMT ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Content-Encoding gzip CF-Cache-Status HIT Age 1322488 cf-request-id 041dae9fd60000e007ac9ed200000001 Vary Accept-Encoding Server cloudflare CF-RAY 5b761a12ff17e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ Show response audit.quantcast.mgr.consensu.org/	80 B 487 B	286ms 176ms	XHR text/html	143.204.89.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit.quantcast.mgr.consensu.org/?log=;1595514652973;%5BCompany%20Name%5D;http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1;;;;;b,off,false,PRrmquD1Ggcb1,1,en,35,211,true,true,false;displayConsentUi:mandatory,;GDPR-1hoo4vbveanb0apu79fi Requested by Host: static.quantcast.mgr.consensu.org URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.89.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:16:36 GMT via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) vary Origin age 858 x-cache Hit from cloudfront status 200 content-length 80 last-modified Mon, 11 Jun 2018 22:07:34 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" access-control-max-age 3000 access-control-allow-methods GET content-type text/html access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id wixl4I9IyXVrJVvYjIAgLysr3yIy5oT7vIppwgUKTm6MSAt_xkF_Cg==
GET H/1.1	200 OK	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame E3F1	102 KB 27 KB	145ms 73ms	Script application/javascript	13.224.199.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:18:26 GMT Content-Encoding gzip Connection keep-alive Server Server Age 746 ETag b586b236f6b3db3c4ca9410451195336 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront) Cache-Control public, max-age=900 X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Timing-Allow-Origin * X-Amz-Cf-Id mQX_VXVMvp5eXAoydEtZj6VE2d_bH2wTNQBSqc8zqg0iYRy3ft2QvQ==
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame E3F1	19 B 702 B	98ms 65ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL http://ib.adnxs.com/ut/v3/prebid Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol HTTP/1.1 Server 37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:55 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80 AN-X-Request-Uuid 993c1573-720c-4ba0-a21f-b7199116bbaa Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin http://clik.pw Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/ Frame E3F1	0 160 B	199ms 65ms	XHR text/plain	185.184.8.30 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 23 Jul 2020 14:30:53 GMT access-control-allow-credentials true access-control-allow-origin http://clik.pw access-control-max-age 3600 access-control-allow-methods POST
POST H2	204	cdb Show response bidder.criteo.com/ Frame E3F1 Redirect Chain http://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077 https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077	0 126 B	202ms 63ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 204 date Thu, 23 Jul 2020 14:30:53 GMT access-control-allow-credentials true server Finatra access-control-allow-origin null timing-allow-origin * vary Origin Redirect headers date Thu, 23 Jul 2020 14:30:52 GMT server Finatra location https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=74686863077 vary Origin access-control-allow-origin http://clik.pw access-control-allow-credentials true timing-allow-origin * content-length 0
GET H/1.1	200 OK	/ Show response adx.adform.net/adx/ Frame E3F1	2 KB 2 KB	240ms 210ms	XHR application/json	37.157.6.245 ADFORM
General Check archive.org Show headers Download Go to Full URL http://adx.adform.net/adx/?rp=4&bWlkPTc1MzIyNCZ0cmFuc2FjdGlvbklkPWEwYmEyN2FiLTdlZDUtNGE0YS05YmQ4LTc0OTBmMmU5M2JhNg%3D%3D&pt=gross&stid=3aa497e0-772c-4443-97c1-0f51513e35cc&gdpr=true&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1 Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol HTTP/1.1 Server 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 9abe1937923a617dc0bb870eb3c2259d4583bc215ba7f040d0ba076e6dd79ddb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Thu, 23 Jul 2020 14:30:53 GMT Content-Encoding gzip Vary Accept-Encoding Transfer-Encoding chunked P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Max-Age 86400 Connection keep-alive Pragma no-cache Access-Control-Allow-Headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://clik.pw Cache-Control no-cache, no-store, must-revalidate, no-transform Access-Control-Allow-Credentials true Keep-Alive timeout=90 Expires -1
GET H/1.1	200 OK	gpt.js Show response www.googletagservices.com/tag/js/ Frame E3F1	49 KB 17 KB	28ms 21ms	Script text/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.googletagservices.com/tag/js/gpt.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d228e13145b6693a9fa17124a3a50f83fecf9d376be594bb663a7dd66844c0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:53 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server sffe ETag "579 / 395 of 1000 / last-modified: 1595513485" Vary Accept-Encoding Content-Type text/javascript Cache-Control private, max-age=900, stale-while-revalidate=3600 Timing-Allow-Origin * Content-Length 16727 X-XSS-Protection 0 Expires Thu, 23 Jul 2020 14:30:53 GMT
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame 6BA6	0 0	78ms 15ms	Document text/html	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LeRySYUAAAAAGy5OtBN-HyYto7fF8nKcj2ExhKb&cb=qii99ih73qtu Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-c0rb8GNEEHTx4JYDNHUEWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LeRySYUAAAAAGy5OtBN-HyYto7fF8nKcj2ExhKb&cb=qii99ih73qtu pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 23 Jul 2020 14:30:53 GMT content-security-policy script-src 'report-sample' 'nonce-c0rb8GNEEHTx4JYDNHUEWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1176 server GSE alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame E3F1	109 B 168 B	50ms 48ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=clik.pw Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame E3F1	109 B 168 B	52ms 49ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=clik.pw Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020072001.js Show response securepubads.g.doubleclick.net/gpt/ Frame E3F1	253 KB 89 KB	89ms 87ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Jul 2020 13:10:24 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91349 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:53 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/ Frame E3F1	265 B 606 B	205ms 105ms	XHR text/javascript	13.224.199.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&pid=m8apQKmX0EZtq&cb=0&ws=728x150&v=7.52.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2Fclik.pw_728x90_anchor_desktop_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdprl=%7B%22status%22%3A%22cmp-success%22%2C%22rtimes%22%3A%5B1%5D%2C%22cc%22%3A%222%22%7D Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash a85f6c1ae30f57d3437c94f02ee495b8f672831f1b6521d134983093ea2dd3db Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip server Server x-amz-cf-pop FRA2-C1 status 200 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin http://clik.pw access-control-allow-credentials true timing-allow-origin * content-length 235 via 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront) x-amz-cf-id JDExH6Jdoz7LCDpgA_uZGZnBBnghOh9HU6EtNhV2heUxjzhF4Q_URA==
GET H/1.1	200 OK	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E3F1	6 KB 3 KB	105ms 70ms	XHR application/javascript	13.224.199.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Server 13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 00:28:04 GMT Content-Encoding gzip Vary Accept-Encoding,Origin Age 50570 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Tue, 23 Jun 2020 10:10:39 GMT Server AmazonS3 Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript Via 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 X-Amz-Cf-Pop FRA2-C1 X-Amz-Cf-Id eTB_kluPuVYKCWJoAQ0wzMFqqytyMRDl3lR8QRlhXM4bSRtGecLsWg==
POST H/1.1	200 OK	p Show response adsco.re/	364 B 841 B	84ms 84ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 8290cba0ba305a745b84078be70a67fc679572e346bba4306d16d165e8c5f9bf Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers AS-P-G OK Date Thu, 23 Jul 2020 14:30:53 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://clik.pw Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H/1.1	200 OK	xuI.htm Show response displayvertising.com/	0 272 B	206ms 175ms	Script application/javascript	216.59.56.9 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://displayvertising.com/xuI.htm?_=BAoAXxmfHQFfGZ8dgAGBAsAAIL_6VBqEl6faLhHru-34ZIBssed1qRTNbxEtJ7RhjR_6wQBHMEUCIQD5mmrAPY5rhHraIhqE4TODfexI01fq16sz7Z2Y_dZ_NgIgMBnwP9d7-q0VxxAebFJpu7yHsW2i7Bdb_lgNxOWyFCnCACAN6ywa0vbKJqpn6Sq8SwyYHJNtAiqZmqzHLD8yW1UpQsQAECoBBPgBklQUAAAAAAAAAALFABDapSc4ZZQ6oJ6dOKEYrXc8wwBIMEYCIQDpnbJsTNWRaL7yMlOS-o2cvKkONN8F3F40h7ThhKyi3wIhAM8evbjrEpdx_sO8c5t9L4weHhuHAG2hQIh9dUzh1iP0&v=4&ySCAniWe=2030163&minBid=&EdgHlpre=0,0&QYDWpbof=&drpnoSWc=&s=1600,1200,1,1600,1200,0 Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/mojio-js.min.js Protocol HTTP/1.1 Server 216.59.56.9 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:53 GMT ASF 9 Access-Control-Allow-Origin * Content-Type application/javascript PopAds-EC ASB Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 0 Expires Thu, 30 Jul 2020 14:30:53 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame E3F1	4 KB 3 KB	123ms 123ms	XHR text/plain	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2737729108512627&correlator=1402776713702461&output=ldjh&impl=fifs&adsid=NT&eid=21066800%2C21064370%2C21066720&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200723&iu_parts=147246189%2Cclik.pw_728x90_anchor_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_rf_ct%3D0%26hb_rf%3D0%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D966e87a572e1fd%26hb_bidder%3Dadform&eri=5&cookie_enabled=1&cdm=clik.pw&bc=23&abxe=1&dt=1595514653600&dlt=1595514652504&idt=936&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=0&adys=671&adks=702039472&ucis=o8hmicxfd8kv&ifi=1&ifk=2047846555&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=clik.pw&loc=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&top=clik.pw&dssz=10&icsg=8234&std=0&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x90&ga_vid=781485868.1595514652&ga_sid=1595514654&ga_hid=609100770&ga_fc=true&fws=256&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 02f0534ddd0b1d055c09c54fe4ba501a44c7718b46dfbaabcf964b445377cc9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2571 x-xss-protection 0 google-lineitem-id 323970629 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138303033275 content-type text/plain; charset=UTF-8 access-control-allow-origin http://clik.pw cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 73c1bfb4e09a133661fa0c8f3b4e4cbc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E3F1	0 0	61ms 14ms	Other text/html	2a00:1450:4001:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://73c1bfb4e09a133661fa0c8f3b4e4cbc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E3F1	0 0	6ms 5ms	Other text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	Cookie set iu3 aax-eu.amazon-adsystem.com/s/ Frame 9ED5 Redirect Chain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur... https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...	0 0	242ms 241ms	Document text/html	52.95.124.170 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=r1u_cnv&dcc=t Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Request headers Host aax-eu.amazon-adsystem.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://clik.pw/u/Yw1WX1 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie ad-id=A1Y1JlfjLEfKtjny-nReWqI|t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers Server Server Date Thu, 23 Jul 2020 14:30:54 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 186 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Set-Cookie ad-id=A1Y1JlfjLEfKtjny-nReWqI; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 14:30:53 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 14:30:54 GMT; Path=/; Secure; HttpOnly; SameSite=None Vary Accept-Encoding,User-Agent Content-Encoding gzip Redirect headers Server Server Date Thu, 23 Jul 2020 14:30:53 GMT Content-Length 0 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO3ADchO3ADchAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=r1u_cnv&dcc=t Set-Cookie ad-id=A1Y1JlfjLEfKtjny-nReWqI|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 14:30:53 GMT; Path=/; Secure; HttpOnly; SameSite=None Vary User-Agent
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 415C	0 0	111ms 110ms	Fetch image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst57Iayl2Jh1OI47tTDArMZd2qJiUefDZjTyYdGQYiYVsogImcAnnV92eNGOb0HWE8wRtqqE5BOJWmqNtm5xKkELyaIzl3bbYtbreho_CqCYP4yVLS0VnUhPfvNgLX_Tcxd85nzjOoUS6DL2upKi4JwKoo_uIgfTufVOkuOg8aKXHNInexw3gzoTo0BE1RaOMhSWgEreRJFmU4ES0OhJ7Hu08x_W2NjGIoasaA2uaMEm_nTMD5JvnpY3QF4p5KfzJgT54abE9YTHqDtlG6A1IoKM37D&sai=AMfl-YQy4mJZStu3o7fVk52lkbKvWT1Ur9apidcpPZeCDCs8B5hq7G_BE2sInmOxrN6qRQxOGwmvfyB6hfxZhg3MGW5mYUbg5rmg7kFYtQUj_E3gAOg_KQ6J_9RdHGWmnguo&sig=Cg0ArKJSzNfpf5vbIdF-EAE&urlfix=1&adurl= Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:53 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:53 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame E3F1	0 208 B	201ms 66ms	XHR text/html	85.206.143.247 TELIA-LIETUVA
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) status 200 access-control-allow-methods GET, POST content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-allow-headers X-Requested-With
GET H/1.1	200 OK	/ Show response track.adform.net/adfscript/ Frame 415C	20 KB 11 KB	112ms 83ms	Script text/javascript	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL http://track.adform.net/adfscript/?bn=38217817;rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20;rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2;csid=60970;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0; Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol HTTP/1.1 Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 1f43d17782d545c5b378ecaf3ff37b162bf307f3cff3b874d291b673348bafbe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:53 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Connection keep-alive P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, no-transform Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/javascript; charset=utf-8 Keep-Alive timeout=90 Content-Length 10616 Expires -1
GET H/1.1	200 OK	adx.js Show response s1.adform.net/banners/scripts/ Frame 415C	56 KB 23 KB	111ms 82ms	Script application/x-javascript	37.157.5.72 ADFORM
General Check archive.org Show headers Download Go to Full URL http://s1.adform.net/banners/scripts/adx.js Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol HTTP/1.1 Server 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8f798f45573cf5f3985aa6b482395729150031b06a47e513243dc20a7947eaad Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:53 GMT Content-Encoding gzip Last-Modified Thu, 09 Jul 2020 14:07:39 GMT Server nginx ETag W/"5f0724ab-e1cf" X-Cache-Status HIT Transfer-Encoding chunked P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=604800 Connection keep-alive Content-Type application/x-javascript Keep-Alive timeout=15
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 415C	73 KB 28 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:53 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame E3F1	72 KB 27 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27216 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:53 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame E3F1	7 KB 6 KB	18ms 17ms	XHR application/json	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b0f8059d03ea4159d7ce0ea98fc5499846b84527cd2196ce55205bc725007be8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5633 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame E3F1	14 KB 5 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js?21066800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Thu, 23 Jul 2020 14:30:53 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1797	0 0	6ms 6ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Thu, 23 Jul 2020 13:52:51 GMT expires Fri, 23 Jul 2021 13:52:51 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2282 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	bootstrap.js Show response s1.adform.net/stoat/620/s1.adform.net/ Frame 415C	33 KB 16 KB	76ms 56ms	Script text/javascript	37.157.5.72 ADFORM
General Check archive.org Show headers Download Go to Full URL http://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js Requested by Host: track.adform.net URL: http://track.adform.net/adfscript/?bn=38217817;rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20;rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2;csid=60970;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0; Protocol HTTP/1.1 Server 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash bf6f96985d9f9ab3332721601ff06191bfb8630e60fcf414cdde0cdf4e5eb811 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:53 GMT Content-Encoding gzip Last-Modified Thu, 09 Jul 2020 14:30:32 GMT Server nginx X-Cache-Status HIT Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=100000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=15 Expires Fri, 24 Jul 2020 17:18:58 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E3F1	0 55 B	39ms 38ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=2737729108512627&bg=!Hh2lHQVY5MmkpIeSb-cCAAAAV1IAAAANmQGNjUdBgC9gNCSacmdUaIYPqWt4MDjunVqMMacfOxANCvHaDy7siDhG3sHtOANHtIw4mBeo2Yq_ZUZdJEh3WruhDTGmuqurApOkgznSqgZ-OE661pmKB6br4a4AMwsNyTQfjLBYE6rmyyqAaPmoM_6Iep8sNduahCKx924hSJsgvo6Gx77kf2ug4DmeqKaooUqvj8KHTuqKhNKkP96P0mCEU7V7ibq4-Vq4haDaIY8wnbImnnU2Is-Fc5Ms7EUpyQgSGnACD0AoYtAEnzgptKU6odM2HmqJWD-RUZQwh-I63GM06KfiiPEqVRLSrOqNJMrb_Daj7CkfwFqdpT24yh_nBhABNnpFMaCt5NQJbGHIE-nxFCMxXhY_NYu_RXUcIQVarG-53x9L95TK38V11EdMGz7VoavERwY9L6kFp0AA82Af5Zk65isSeFq6ZyvAf7nKwhSYXEwnOLAuyVH4JySwOYw4dTZwpiSKo2Y-Npv3ck8FxvgIlnGcR0Shh8_R6aPmOD3jEozvqlJ2KD5cLg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRP... Frame 415C	7 KB 4 KB	59ms 58ms	Script text/javascript	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL http://track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY2JGqfstoDvuyPBDjaY2ftckuyPBB2SCX0iakJrNlXW.OELKCmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvxQs.BN1eN_DJZtJ9cSrWUdWUaIvqCSFQ_01kKJA237lY5BSmxGY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ1KMKNc0FAKXV4jMk.3Yb/adfserve/?bn=38217817;rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20;rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2;csid=60970;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0;;js=1;adfxid=1x;347;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|1;fd=0|2&CREFURL=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1 Requested by Host: s1.adform.net URL: http://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js Protocol HTTP/1.1 Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b70f20ada6abd13e499bf696b106b71be314c05354eed384e3e7e5ec05915dca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Connection keep-alive P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, no-transform Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/javascript; charset=utf-8 Keep-Alive timeout=90 Content-Length 3544 Expires -1
GET H2	200	inv track.adform.net/serving/ Frame 415C	35 B 250 B	425ms 313ms	Image image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/serving/inv Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:54 GMT server nginx status 200 strict-transport-security max-age=31536000; includeSubDomains p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control private content-type image/gif
GET DATA	200 OK	truncated / Frame 415C	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f4b0666cf1b29d9fa2c5903b59f6f2839c05664432c4106a3e8e3c69aca9420 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	Standard Show response s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.190/e/.wSBgiD/i/vCAv.IAAAAFAAA/r:AdConstructor:contents/HTML:types/ Frame 415C	89 KB 39 KB	64ms 64ms	Script text/javascript	37.157.5.72 ADFORM
General Check archive.org Show headers Download Go to Full URL http://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.190/e/.wSBgiD/i/vCAv.IAAAAFAAA/r:AdConstructor:contents/HTML:types/Standard Requested by Host: s1.adform.net URL: http://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js Protocol HTTP/1.1 Server 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 31f14d476f00f561b40eaa467c71aeeb5fcdebd2b9f09128ae16b3f536b333b8 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip Last-Modified Thu, 09 Jul 2020 14:30:32 GMT Server nginx X-Cache-Status MISS Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=100000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=15 Expires Fri, 24 Jul 2020 18:17:34 GMT
POST H/1.1	200 OK	/ track.adform.net/csimpr/ Frame 415C	35 B 703 B	55ms 55ms	Other image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL http://track.adform.net/csimpr/?bn=38217817&csi=ZuYE0XdYUnBk7ZEj6r40JR9i084YJFQpvRav4WXtmqM7QBUW9FNNcfvRiDt8eAf4CyzzGaTuIHviR3xC_s34CurHU619YUFbg67zctjt7CqHxKVq1blycQ2 Requested by Host: s1.adform.net URL: http://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js Protocol HTTP/1.1 Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Connection keep-alive Pragma no-cache Access-Control-Allow-Headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST Content-Type image/gif Access-Control-Allow-Origin http://clik.pw Cache-Control no-cache, no-store, must-revalidate, no-transform Access-Control-Allow-Credentials true Keep-Alive timeout=90 Expires -1
GET H/1.1	200 OK	8325952.js Show response s1.adform.net/Banners/Elements/Files/261166/8325952/ Frame 25F4	2 KB 1 KB	166ms 166ms	Script application/x-javascript	37.157.5.72 ADFORM
General Check archive.org Show headers Download Go to Full URL http://s1.adform.net/Banners/Elements/Files/261166/8325952/8325952.js?ADFassetID=8325952&bv=260 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 7cab898ece12d98301943ade105cc92b6a6278d3e15126fedffe7d3b851bb9f6 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip Last-Modified Thu, 09 Jul 2020 14:26:31 GMT Server nginx ETag W/"5f072917-9de" X-Cache-Status MISS Strict-Transport-Security max-age=0 P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=604800 Transfer-Encoding chunked Connection keep-alive Content-Type application/x-javascript Keep-Alive timeout=15
GET H/1.1	200 OK	Adform.DHTML.js Show response s1.adform.net/banners/scripts/rmb/ Frame 25F4 Redirect Chain http://track.adform.net/banners/scripts/rmb/Adform.DHTML.js http://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js	30 KB 13 KB	55ms 55ms	Script application/x-javascript	37.157.5.72 ADFORM
General Check archive.org Show headers Download Go to Full URL http://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 09367caa70514803713fced8ee4ac247e1fbefe5fb13502fb24f20b46804d826 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip Last-Modified Mon, 18 May 2020 16:13:27 GMT Server nginx ETag W/"5ec2b427-7875" X-Cache-Status HIT Transfer-Encoding chunked P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=604800 Connection keep-alive Content-Type application/x-javascript Keep-Alive timeout=15 Redirect headers Date Thu, 23 Jul 2020 14:30:54 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/html Location http://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=90
GET H/1.1	200 OK	5f07291632b286106895de89 Show response cdn.bannerflow.com/bf-placements/ Frame 25F4	5 KB 3 KB	85ms 78ms	Script application/javascript	2606:4700::6810:aabc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.bannerflow.com/bf-placements/5f07291632b286106895de89?targetwindow=_blank&targeturl=http%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38217817%3Bcrtbwp%3DIYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20%3Bcrtbdata%3D1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2%3Bccsid%3D60970%3Badfibeg%3D0%3Bcdata%3D51T8EBELokyOL1GIe_8B4-sbc21jSMSdLu97MXqcnYdn8YeCYVTKVZ3mOh4MPoxi2iKGFnsb5BdzSPc9cjXTexqbXvKfhoT3NuIPPSLW3AItD4vr4ECO7NFwbLzjX8AldKkGhmNPl4Co4rrZGgFXhv_XRKoKYKbZUPLENYiDvO-79AbpI5Lh1fXCPgJJtiLAvIUm_VM4iuhwMANJtfLnCdPXoiYHdPGsrFjE73MzwZcvUCtfHLqYE33cKXZcYD44MpgWmUB42HdDVznheGu89nr7qwIaZlXkOQ8M2RSgXev-xFbKZbkcAjuax-jUtlLY4gWz_qpOxkDB81ifIhuSCSt2V8RpIoyaw3iI60gHGBc1%3B%3BCREFURL%3Dhttp%253a%252f%252fclik.pw%252fu%252fYw1WX1%3BC%3D1&targetwindow=_blank Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol HTTP/1.1 Server 2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bff3a7022822d8e05a6a25c39df022050f12714c682e91035ea47821d51499b5 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip CF-Cache-Status MISS Content-MD5 RrTiPd5mqr3s3OuJYJiqmA== Transfer-Encoding chunked Connection keep-alive cf-request-id 041daea7160000c2b8d231d200000001 x-ms-lease-state available x-ms-lease-status unlocked Last-Modified Thu, 09 Jul 2020 14:26:30 GMT Server cloudflare ETag W/"0x8D8241412817362" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * x-ms-request-id 345dec8c-801e-0084-67fd-60979b000000 Cache-Control public,max-age=900 x-ms-version 2014-02-14 CF-RAY 5b761a1e8897c2b8-FRA
GET H/1.1	200 OK	render.min.js Show response cdn.bannerflow.com/scripts/1.5.17/ Frame 25F4	27 KB 10 KB	12ms 11ms	Script application/javascript	2606:4700::6810:aabc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.bannerflow.com/scripts/1.5.17/render.min.js Requested by Host: cdn.bannerflow.com URL: http://cdn.bannerflow.com/bf-placements/5f07291632b286106895de89?targetwindow=_blank&targeturl=http%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38217817%3Bcrtbwp%3DIYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20%3Bcrtbdata%3D1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2%3Bccsid%3D60970%3Badfibeg%3D0%3Bcdata%3D51T8EBELokyOL1GIe_8B4-sbc21jSMSdLu97MXqcnYdn8YeCYVTKVZ3mOh4MPoxi2iKGFnsb5BdzSPc9cjXTexqbXvKfhoT3NuIPPSLW3AItD4vr4ECO7NFwbLzjX8AldKkGhmNPl4Co4rrZGgFXhv_XRKoKYKbZUPLENYiDvO-79AbpI5Lh1fXCPgJJtiLAvIUm_VM4iuhwMANJtfLnCdPXoiYHdPGsrFjE73MzwZcvUCtfHLqYE33cKXZcYD44MpgWmUB42HdDVznheGu89nr7qwIaZlXkOQ8M2RSgXev-xFbKZbkcAjuax-jUtlLY4gWz_qpOxkDB81ifIhuSCSt2V8RpIoyaw3iI60gHGBc1%3B%3BCREFURL%3Dhttp%253a%252f%252fclik.pw%252fu%252fYw1WX1%3BC%3D1&targetwindow=_blank Protocol HTTP/1.1 Server 2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46ab19458f30ef96463fbabfff680bcf0f5f582ca7190652c15476eef60654e4 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Thu, 23 Jul 2020 14:30:54 GMT Content-Encoding gzip CF-Cache-Status HIT Content-MD5 HDirVHlqpy/3JGeewr9WFw== Age 553 Transfer-Encoding chunked Connection keep-alive cf-request-id 041daea7660000c2b8d2321200000001 x-ms-lease-state available x-ms-lease-status unlocked Last-Modified Mon, 13 Jan 2020 13:59:49 GMT Server cloudflare ETag W/"0x8D79830DAEE6783" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * x-ms-request-id c85624f1-401e-001a-0fd2-caeedc000000 Cache-Control public, max-age=31530000 x-ms-version 2014-02-14 CF-RAY 5b761a1f09a8c2b8-FRA
GET H/1.1	200 OK	Cookie set 5f06f91932b286106895bf6a.n56LeGKK2azX.html cdn.bannerflow.com/bf-banners/ Frame 6CAF	0 0	132ms 131ms	Document text/html	2606:4700::6810:aabc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.bannerflow.com/bf-banners/5f06f91932b286106895bf6a.n56LeGKK2azX.html?cb=637298898326928283&clickpixel=%2F%2F5c6fc6046deb10506c51954d.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522sts%2522%252C%2522brand%2522%253A%25225c6fc6046deb10506c51954d%2522%252C%2522placement%2522%253A%25225f07291632b286106895de89%2522%252C%2522ad%2522%253A%25225f06f91932b286106895bf6b%2522%252C%2522bannerset%2522%253A%25225f06f8ea32b286106895bf58%2522%252C%2522banner%2522%253A%25225f06f91932b286106895bf6a%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225f06f91932b286106895bf6a%2522%257D&targeturl=http%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38217817%3Bcrtbwp%3DIYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20%3Bcrtbdata%3D1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2%3Bccsid%3D60970%3Badfibeg%3D0%3Bcdata%3D51T8EBELokyOL1GIe_8B4-sbc21jSMSdLu97MXqcnYdn8YeCYVTKVZ3mOh4MPoxi2iKGFnsb5BdzSPc9cjXTexqbXvKfhoT3NuIPPSLW3AItD4vr4ECO7NFwbLzjX8AldKkGhmNPl4Co4rrZGgFXhv_XRKoKYKbZUPLENYiDvO-79AbpI5Lh1fXCPgJJtiLAvIUm_VM4iuhwMANJtfLnCdPXoiYHdPGsrFjE73MzwZcvUCtfHLqYE33cKXZcYD44MpgWmUB42HdDVznheGu89nr7qwIaZlXkOQ8M2RSgXev-xFbKZbkcAjuax-jUtlLY4gWz_qpOxkDB81ifIhuSCSt2V8RpIoyaw3iI60gHGBc1%3B%3BCREFURL%3Dhttp%253a%252f%252fclik.pw%252fu%252fYw1WX1%3BC%3D1&targetwindow=_blank&ref=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1 Requested by Host: cdn.bannerflow.com URL: http://cdn.bannerflow.com/scripts/1.5.17/render.min.js Protocol HTTP/1.1 Server 2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host cdn.bannerflow.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://clik.pw/u/Yw1WX1 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d5ba645662a577cbab377a7e1751511651595514654; expires=Sat, 22-Aug-20 14:30:54 GMT; path=/; domain=.bannerflow.com; HttpOnly; SameSite=Lax Cache-Control public,max-age=900 Content-MD5 jEQhsPGLs1ZIK4ERHbzMqA== Last-Modified Thu, 09 Jul 2020 11:10:32 GMT x-ms-request-id 63b09d89-a01e-0114-1cfd-604482000000 x-ms-version 2014-02-14 x-ms-lease-status unlocked x-ms-lease-state available x-ms-blob-type BlockBlob Access-Control-Allow-Origin * CF-Cache-Status MISS cf-request-id 041daea77e0000c2b8d2323200000001 Vary Accept-Encoding Server cloudflare CF-RAY 5b761a1f39fbc2b8-FRA Content-Encoding gzip
GET H/1.1	200 OK	Cookie set 5f06f91932b286106895bf6a.html cdn.bannerflow.com/bf-banners/ Frame 4A5B	0 0	195ms 189ms	Document text/html	2606:4700::6810:aabc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.bannerflow.com/bf-banners/5f06f91932b286106895bf6a.html?cb=637298898308802578&clickpixel=%2F%2F5c6fc6046deb10506c51954d.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522sts%2522%252C%2522brand%2522%253A%25225c6fc6046deb10506c51954d%2522%252C%2522placement%2522%253A%25225f07291632b286106895de89%2522%252C%2522ad%2522%253A%25225f06f91932b286106895bf6b%2522%252C%2522bannerset%2522%253A%25225f06f8ea32b286106895bf58%2522%252C%2522banner%2522%253A%25225f06f91932b286106895bf6a%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225f06f91932b286106895bf6a%2522%257D&targeturl=http%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38217817%3Bcrtbwp%3DIYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20%3Bcrtbdata%3D1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2%3Bccsid%3D60970%3Badfibeg%3D0%3Bcdata%3D51T8EBELokyOL1GIe_8B4-sbc21jSMSdLu97MXqcnYdn8YeCYVTKVZ3mOh4MPoxi2iKGFnsb5BdzSPc9cjXTexqbXvKfhoT3NuIPPSLW3AItD4vr4ECO7NFwbLzjX8AldKkGhmNPl4Co4rrZGgFXhv_XRKoKYKbZUPLENYiDvO-79AbpI5Lh1fXCPgJJtiLAvIUm_VM4iuhwMANJtfLnCdPXoiYHdPGsrFjE73MzwZcvUCtfHLqYE33cKXZcYD44MpgWmUB42HdDVznheGu89nr7qwIaZlXkOQ8M2RSgXev-xFbKZbkcAjuax-jUtlLY4gWz_qpOxkDB81ifIhuSCSt2V8RpIoyaw3iI60gHGBc1%3B%3BCREFURL%3Dhttp%253a%252f%252fclik.pw%252fu%252fYw1WX1%3BC%3D1&targetwindow=_blank&ref=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1 Requested by Host: cdn.bannerflow.com URL: http://cdn.bannerflow.com/scripts/1.5.17/render.min.js Protocol HTTP/1.1 Server 2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host cdn.bannerflow.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://clik.pw/u/Yw1WX1 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers Date Thu, 23 Jul 2020 14:30:54 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dfe7d2702d5a22f85f94a0c27dda3f6631595514654; expires=Sat, 22-Aug-20 14:30:54 GMT; path=/; domain=.bannerflow.com; HttpOnly; SameSite=Lax Cache-Control public,max-age=900 Content-MD5 s3DxDagBXOYdJlc7IFe7wA== Last-Modified Thu, 09 Jul 2020 11:10:30 GMT x-ms-request-id 3b9aaf99-401e-00ff-38fd-60fc2b000000 x-ms-version 2014-02-14 x-ms-lease-status unlocked x-ms-lease-state available x-ms-blob-type BlockBlob Access-Control-Allow-Origin * CF-Cache-Status MISS cf-request-id 041daea7830000178252960200000001 Vary Accept-Encoding Server cloudflare CF-RAY 5b761a1f3cf01782-FRA Content-Encoding gzip
GET H2	200	pixel Show response 5c6fc6046deb10506c51954d.tracker.bannerflow.com/api/tr/v1/ Frame 25F4	43 B 350 B	282ms 65ms	XHR image/gif	13.69.228.5 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://5c6fc6046deb10506c51954d.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0200%22%2C%22r%22%3A%22http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1%22%2C%22s%22%3A%221595514654586_4712%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.17%22%2C%22a%22%3A%22sts%22%2C%22br%22%3A%225c6fc6046deb10506c51954d%22%2C%22c%22%3A%225f06f8ea32b286106895bf58%22%2C%22ad%22%3A%225f06f91932b286106895bf6b%22%2C%22p%22%3A%225f07291632b286106895de89%22%2C%22b%22%3A%225f06f91932b286106895bf6a%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%225c6fc6046deb10506c519560%22%2C%22t%22%3A%225f06f8ea32b286106895bf5c%22%2C%22l%22%3A%225c6fc6046deb10506c51954c%22%2C%22bf%22%3A%225f06f91832b286106895bf68%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1595514654586%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D Requested by Host: cdn.bannerflow.com URL: http://cdn.bannerflow.com/scripts/1.5.17/render.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.228.5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Kestrel / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:54 GMT server Kestrel status 200 content-type image/gif access-control-allow-origin http://clik.pw cache-control no-store, must-revalidate, no-cache access-control-allow-credentials true request-context appId=cid-v1:411ecfa0-8763-4905-b925-e77f35ced1b5
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 415C	0 54 B	111ms 111ms	Image image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzJNaC4KKljHNmJckfMErn-QXKgUnl-I5_3wvCdFBWMlsEeTmzREVSqKP5nc2ft_KivqgDSTC58fVYqP2uCrX5J4rt6EW7nz0c42ibPgBqlRpcD2et57XFd3YPKMeYLobHWiWcxdKjSDFmFy0IU0FGFu-H6gAFmg2qZl-8COaYjMbEjORdKMK78V0GaGqrFEplLtxlfS4IgkLAeXPkUDoHD5vH3m6adEAfwaxI-tJ8eKZkWkVqRZSfkoCbH-whjHGSJwjPgd9bymIhc24cpt6M3UKG1PI&sai=AMfl-YTWV27L7NF6Tk9wmOTwsPyzCWU9PmLBWlrCyhD5FmD1pk28Oe2NKdd02b_LuSZKwd1O1Qaazn3Rptx9Qn2TDPzhviIw_71hESEuhT224PGRlSbvKgQxj7lGZo2yxgTf&sig=Cg0ArKJSzDHHfKldVkqkEAE&urlfix=1&adurl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:30:55 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 OK	/ adx.adform.net/adx/unload/ Frame 415C	35 B 379 B	58ms 57ms	Image image/gif	37.157.6.245 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL http://adx.adform.net/adx/unload/?eyJjIjoiIiwidCI6bnVsbCwiZ2RwciI6dHJ1ZSwiZ2Rwcl9jb25zZW50IjoiQk8zQURjaE8zQURjaEFLQUJCRU5DVC1BQUFBbmQ3X19fX19fXzlfX19fX185dXpfT3Zfdl9mX18zM2U4N185dl9sXzdfLV9fX3VfLTN6ZDQtXzF2Zjk5eWZtMS03ZXRyM3RwXzg3dWVzMl9YdXJfXzU5X18zejNfOXBoUHJzazg5cjYzMzdBIiwidSI6W3sidiI6IjlPMS0yenZhQzZBcUhNTHNJMFhPSFkyS3hmemEyOXFyYWJMV3p1dGlxOW80d3FYVldGbXFWSlQ3V1hKZzM1bVQzM3BCckxfWkJlMlQzakZuY1p2VVB5dGpNdXZLTTdHZXFueE95SHZoa3VkeXM1N2tWOXVyMnRmeVp5NjJ2RzBoaFNFQmV1ZWpqcTZkUjNCX0VUeG04S3NTNEljRTBjSlFPWWhOQ0FTWXZhOXNCaUs4a1pIdmUyTUlSMlVwcE9ubjZWMlRQeURicVJIZW01M1hJVXg3VE1XakFleE55TE9WMCIsInAiOnsibWMiOjAsIm10IjowLCJ2cCI6MTAwLCJ2dCI6MTAwMCwiciI6MCwiYSI6dHJ1ZSwidHQiOjB9fV19 Protocol HTTP/1.1 Server 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:55 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate, no-transform Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=90 Expires -1
GET H/1.1	200 OK	/ adx.adform.net/adx/unload/	35 B 379 B	117ms 89ms	Image image/gif	37.157.6.245 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL http://adx.adform.net/adx/unload/?eyJjIjoiIiwidCI6bnVsbCwiZ2RwciI6dHJ1ZSwiZ2Rwcl9jb25zZW50IjoiQk8zQURjaE8zQURjaEFLQUJCRU5DVC1BQUFBbmQ3X19fX19fXzlfX19fX185dXpfT3Zfdl9mX18zM2U4N185dl9sXzdfLV9fX3VfLTN6ZDQtXzF2Zjk5eWZtMS03ZXRyM3RwXzg3dWVzMl9YdXJfXzU5X18zejNfOXBoUHJzazg5cjYzMzdBIiwidSI6W3sidiI6IjlPMS0yenZhQzZBcUhNTHNJMFhPSFkyS3hmemEyOXFyYWJMV3p1dGlxOW80d3FYVldGbXFWSlQ3V1hKZzM1bVQzM3BCckxfWkJlMlQzakZuY1p2VVB5dGpNdXZLTTdHZXFueE95SHZoa3VkeXM1N2tWOXVyMnRmeVp5NjJ2RzBoaFNFQmV1ZWpqcTZkUjNCX0VUeG04S3NTNEljRTBjSlFPWWhOQ0FTWXZhOXNCaUs4a1pIdmUyTUlSMlVwcE9ubjZWMlRQeURicVJIZW01M1hJVXg3VE1XakFleE55TE9WMCIsInAiOnsibWMiOjAsIm10IjowLCJ2cCI6MTAwLCJ2dCI6MTAwMCwiciI6MCwiYSI6dHJ1ZSwidHQiOjB9fV19 Protocol HTTP/1.1 Server 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:30:55 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate, no-transform Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=90 Expires -1
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 415C	42 B 112 B	39ms 39ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubaQzUxodz6mcSk5q-7dnANeFFDIX01TmLjn_acN7MaF6ywib01ovq3ALAS-NgnooZ1nDMt0TaTgbPMbjjMOAOrglGN14rIrNCDcdmNQ4&sig=Cg0ArKJSzJak8_3m8KR-EAE&adk=702039472&tt=-1&bs=1600%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=0,0,90,728&mcvt=1012&rs=3&ht=0&tfs=941&tls=1953&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595514653752&dlt&rpt=302&isd=0&msd&ext&xdi=0&ps=1600%2C641&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-7-10-10-0-0-0&tvt=1948&is=728%2C90&iframe_loc=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200722 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ track.adform.net/serving/unload/ Frame 415C Redirect Chain http://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-Lcn... https://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-Lc...	35 B 455 B	56ms 55ms	Other image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-LcnsP2mT5zeBcnyeGeavKNDZuBtRRiQE1&unload=-5013701607940725660@@38217817,4842748284199948831,100|1075|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||11|1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:56 GMT server nginx status 200 access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin null cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1 Redirect headers Location https://track.adform.net/serving/unload/?version=15&pud=Ki6qX63PqJTHEV7fOJhyEh406BlvFNhVHrB1VZom2ad1TWnpyRnMF24GpciYWdN5Jhc6YMwOw0LAlDDYz5YffCYKpys5667Xen1e4He4AK432s3UuajBxLbQSbINxcbI0_g89pQfuv-LcnsP2mT5zeBcnyeGeavKNDZuBtRRiQE1&unload=-5013701607940725660@@38217817,4842748284199948831,100|1075|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||11|1 Non-Authoritative-Reason HSTS Access-Control-Allow-Credentials true Access-Control-Allow-Origin http://clik.pw
POST H2	200	/ track.adform.net/serving/unload/ Frame 415C Redirect Chain http://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14f... https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14...	35 B 455 B	56ms 55ms	Other image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||01|1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:56 GMT server nginx status 200 access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin null cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1 Redirect headers Location https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|1076|0|0|0|0|0|0|0||37|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||01|1 Non-Authoritative-Reason HSTS Access-Control-Allow-Credentials true Access-Control-Allow-Origin http://clik.pw
GET H2	200	/ track.adform.net/Serving/Event/ Frame 415C Redirect Chain http://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_rB... https://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_r...	35 B 303 B	56ms 55ms	Image image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_rBznXBjCfiuQyGD_Uoj4SFDoRbILqzpS_GUF24o_ZS0_uUO1FCbfMJu6bHrw2&adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0&rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2&rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20&rnd=657743489 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:56 GMT server nginx status 200 strict-transport-security max-age=31536000; includeSubDomains p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-type image/gif expires -1 Redirect headers Location https://track.adform.net/Serving/Event/?bn=38217817&event=178&time=2&baid=39188591&name=Viewable%20impressions&imprid=4842748284199948831&icid=-5013701607940725660&eData=ZuYE0XdYUnCJZfCiZWJM6jP1t_rBznXBjCfiuQyGD_Uoj4SFDoRbILqzpS_GUF24o_ZS0_uUO1FCbfMJu6bHrw2&adxvars=9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0&rtbdata=1VjzTUzdbUlWR6WU9acx7oWFjnuDcL3JcGAgT2H6500ItnPPpI3W-Y3RWQmeHCKjhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQ2vy6GNwWLvbH7pv5yto8xtZw1u2Vx3Ps-YSXVvJ5C80yp0N_tVkMAsAOSQlap1Ta3Z1NzML2oHb2yoAvgPBdz6PjqD9AL5jfrp0B8JcEZYPXPRQWRw2PMYEkV0oPTennh-26oCjOxNdF3aOtWCZld9KoxLV3c0t1iYeZg48ypsMqc-OCvXU2I87jDc9y8mV64rroR7OVkK8dVVm7rqfd7rvMS0Suvl9GojbDAjp3f5vqY2txj9cUCztjj5bLskNwxwOjLHpByOHRnNmybwy7QntiaZ94XuixIRVW_RM2UOuTnoxnjtjzHAJ2lddXjKP8kYyX9ZAWt6SX0HEcMWAW6w2&rtbwp=IYXu6lEqVrBirQRqKmS3IkOZ5ysc03F20&rnd=657743489 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame E3F1	72 KB 22 KB	28ms 14ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL http://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: lv.adocean.pl URL: http://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js Protocol HTTP/1.1 Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:56 GMT content-encoding gzip last-modified Wed, 01 Jul 2020 10:37:51 GMT server nginx etag W/"5efc677f-12154" transfer-encoding chunked content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Fri, 24 Jul 2020 14:30:56 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame E3F1	72 KB 22 KB	60ms 23ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: http://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:30:56 GMT content-encoding gzip last-modified Wed, 01 Jul 2020 10:37:51 GMT server nginx etag W/"5efc677f-12154" status 200 content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Fri, 24 Jul 2020 14:30:56 GMT
POST H/1.1	200 OK	/ track.adform.net/serving/unload/ Frame 415C	35 B 703 B	285ms 284ms	Other image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL http://track.adform.net/serving/unload/?version=15&unload=-5013701607940725660@@38217817,4842748284199948831,100|4175|0|0|0|0|0|0|0||142|0|1484|68dc3d9742294ee998a214bed9aa9164-1-1484_24a6238f75f14ff0b1e5760e631ee11a|||1|0|0|4yf8c89dYP-BfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|9O1-2zvaC6AqHMLsI0XOHY2Kxfza29qrabLWzutiq9o4wqXVWFmqVJT7WXJg35mT33pBrL_ZBe2T3jFncZvUPytjMuvKM7GeqnxOyHvhkudys57kV9ur2tfyZy62vG0hhSEBeuejjq6dR3B_ETxm8KsS4IcE0cJQOYhNCASYva9sBiK8kZHve2MIR2UppOnn6V2TPyDbqRHem53XIUx7TMWjAexNyLOV0||01|1 Requested by Host: s1.adform.net URL: http://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js Protocol HTTP/1.1 Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 23 Jul 2020 14:30:59 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked P3P CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" Connection keep-alive Pragma no-cache Access-Control-Allow-Headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST Content-Type image/gif Access-Control-Allow-Origin http://clik.pw Cache-Control no-cache, no-store, must-revalidate, no-transform Access-Control-Allow-Credentials true Keep-Alive timeout=90 Expires -1
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/	172 B 553 B	266ms 93ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=b7593dc2-dc27-4ed3-a400-5f3d738d4fae&nocache=1595514660338&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!projectagora.com%2C103705%2C1%2C%2C%2C&aus=300x250&divIds=18068544_clik.pw_ros_300x250&auid=540952448 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.190.0 / Resource Hash 559feee2c18e4747d5cd82e8bb2c6bf527aaee686823dd6c08acdad6d1d07c62 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip server OXGW/16.190.0 status 200 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin http://clik.pw cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	284 B 1 KB	275ms 78ms	XHR application/json	213.19.162.21 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=302314&zone_id=1519608&size_id=15&gdpr=0&rp_schain=1.0,1!projectagora.com,103705,1,,,&rf=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&tk_flint=pbjs_lite_v3.25.0&x_source.tid=b7593dc2-dc27-4ed3-a400-5f3d738d4fae&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5942928773625908 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash dd045ab9a1dfc84310deb4b8e28261b301cb7a695ce1455f7f6f590ee098dc83 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:31:00 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://clik.pw Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 284 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 136 B	63ms 63ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=92&profileId=185&av=32&wv=3.25.0&cb=83835307892 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 23 Jul 2020 14:30:59 GMT access-control-allow-credentials true server Finatra access-control-allow-origin http://clik.pw timing-allow-origin * vary Origin
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	244ms 123ms	XHR application/json	185.86.137.43 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 Jul 2020 14:30:59 GMT x-smrt-d 3%3b16%3b129 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin http://clik.pw cache-control no-cache,no-store access-control-allow-credentials true content-type application/json content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 702 B	168ms 49ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:31:02 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.252:80 AN-X-Request-Uuid ea5ce3c5-02be-4781-8bc4-6039429b5b01 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin http://clik.pw Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/	5 B 443 B	209ms 98ms	XHR application/json	37.157.6.245 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTc1OTUxMSZ0cmFuc2FjdGlvbklkPWI3NTkzZGMyLWRjMjctNGVkMy1hNDAwLTVmM2Q3MzhkNGZhZQ%3D%3D&pt=gross&stid=d8615d02-b36d-4868-9a4a-87ec27269d89&gdpr=0&gdpr_consent=undefined&fd=1 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 Jul 2020 14:31:00 GMT server nginx status 200 access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin http://clik.pw cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=utf-8 access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With content-length 5 expires -1
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 1 KB	177ms 60ms	XHR application/json	185.86.137.43 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 Jul 2020 14:31:00 GMT x-smrt-d 3%3b19%3b124 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin http://clik.pw cache-control no-cache,no-store access-control-allow-credentials true content-type application/json content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 701 B	167ms 52ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 23 Jul 2020 14:31:02 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80 AN-X-Request-Uuid 8724420e-ed2b-406a-9db4-716dfcf82dd6 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin http://clik.pw Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame 102F	4 KB 1 KB	11ms 10ms	Script application/javascript	2606:4700:e4::ac40:ae1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: http://ads.projectagoraservices.com/?id=8932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02982aa504693a4c1b48b93cc1fcea8d8b4a1a77a4e0b5195e1c8cab85e61041 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip cf-cache-status HIT age 3325 status 200 x-amz-request-id 9D0F80878FCF6F00 x-amz-id-2 /Ej/Eg0mJri1NTn3f5CJkxVfednC5+fRoa3/0q+69NtBnnir5tgHrIK5sM8DOlJNg1O1oL462gs= last-modified Thu, 18 Jun 2020 07:01:51 GMT server cloudflare etag W/"31eee3d47245dd006556fc43df423f82" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-request-id 041daebf02000096d435972200000001 cf-ray 5b761a44dbb196d4-FRA
GET H/1.1	200 OK	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 102F	87 KB 32 KB	25ms 18ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.projectagoraservices.com URL: http://ads.projectagoraservices.com/?id=8932 Protocol HTTP/1.1 Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 87c011182947569e61f4488ddd3bd9a4116c04dc32da5f42eeace220072d7dec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Timing-Allow-Origin * Date Thu, 23 Jul 2020 14:31:00 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 13695027355047153343 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 32003 X-XSS-Protection 0 Expires Thu, 23 Jul 2020 14:31:00 GMT
GET H/1.1	204 No Content	/ projectagora-483829-hdb.adomik.com/	0 103 B	336ms 68ms	Image text/plain	34.249.139.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOTY1OGMwZWYtODQ2YS00MTE3LTkwZjEtOWUxMDEyNDgwYzBlIiwiaG9zdG5hbWUiOiJjbGlrLnB3IiwiZXZlbnRzQnlQbGFjZW1lbnRDb2RlIjpbeyJzaXplcyI6W10sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W3siYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=9658c0ef-846a-4117-90f1-9e1012480c0e&part=0&on=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.139.113 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Date Thu, 23 Jul 2020 14:31:00 GMT Server nginx
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 102F	109 B 168 B	15ms 14ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=clik.pw Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 102F	109 B 168 B	16ms 16ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=clik.pw Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/ Frame 102F	221 KB 83 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e7a125075982c170a49c47ebb2b9555adb86850698315933a5b99a7aaf155a03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 84891 x-xss-protection 0 server cafe etag 4313660936326301695 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 23 Jul 2020 14:31:00 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20200721/r20190131/ Frame 202A	0 0	7ms 6ms	Document text/html	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20200721/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20200721/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Tue, 21 Jul 2020 20:57:48 GMT expires Tue, 04 Aug 2020 20:57:48 GMT content-type text/html; charset=UTF-8 etag 1809543571055990350 x-content-type-options nosniff content-encoding gzip server cafe content-length 4277 x-xss-protection 0 cache-control public, max-age=1209600 age 149592 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	403	ads googleads.g.doubleclick.net/pagead/ Frame 0DD9	0 0	55ms 55ms	Document text/html	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500372977609723&output=html&h=90&slotname=5105505430%2Fclik.pw%2F18933725_clik.pw_ros_728x90&adk=3642223292&adf=287865386&w=728&lmt=1595514660&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&ea=0&flash=0&wgl=1&adsid=NT&dt=1595514660645&bpp=23&bdt=8427&idt=63&shv=r20200721&cbv=r20190131&ptt=5&saldr=sa&correlator=6250734807935&frm=23&ife=1&pv=2&ga_vid=326620265.1595514661&ga_sid=1595514661&ga_hid=1002786682&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=346&biw=1600&bih=1200&isw=728&ish=90&ifk=2940963555&scr_x=0&scr_y=0&eid=21066649&oid=3&pvsid=3699465580735500&pem=73&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.jlugvsiwrmsv&fsb=1&dtd=80 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2500372977609723&output=html&h=90&slotname=5105505430%2Fclik.pw%2F18933725_clik.pw_ros_728x90&adk=3642223292&adf=287865386&w=728&lmt=1595514660&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fclik.pw%2Fu%2FYw1WX1&ea=0&flash=0&wgl=1&adsid=NT&dt=1595514660645&bpp=23&bdt=8427&idt=63&shv=r20200721&cbv=r20190131&ptt=5&saldr=sa&correlator=6250734807935&frm=23&ife=1&pv=2&ga_vid=326620265.1595514661&ga_sid=1595514661&ga_hid=1002786682&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=7&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=346&biw=1600&bih=1200&isw=728&ish=90&ifk=2940963555&scr_x=0&scr_y=0&eid=21066649&oid=3&pvsid=3699465580735500&pem=73&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.jlugvsiwrmsv&fsb=1&dtd=80 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 23 Jul 2020 14:31:00 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 23-Jul-2020 14:46:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 102F	72 KB 27 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27216 x-xss-protection 0 expires Thu, 23 Jul 2020 14:31:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 102F	7 KB 6 KB	19ms 18ms	XHR application/json	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200721&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ae982ecc81b4125a781b3e3369f10d20561a27627f14c330be90fc8e037640d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5666 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 102F	14 KB 5 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200721/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:31:00 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Thu, 23 Jul 2020 14:31:00 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8DDC	0 0	6ms 6ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://clik.pw/u/Yw1WX1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clik.pw/u/Yw1WX1 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Thu, 23 Jul 2020 13:52:51 GMT expires Fri, 23 Jul 2021 13:52:51 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2289 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 102F	0 55 B	39ms 39ms	Image image/gif	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200721&jk=3699465580735500&bg=!MTKlMipYRYmHyhL07EQCAAAARFIAAAAMmQGNSnfA9dNYLVsdXNbnkHV8FSRbG_kkFnsBX1c4_eesBLzsWNwdqsCglQzpulBCMcvoC5GJKbWwjdUGCE1_Fagh3tzV9aZqIpzke1GufOEUQG_Rft5MmM7mCVdJgLh0c411S03wExCQ8TWYS41hwDbEXm6j1IAC4MCRttIZmFy2DiFmqZgYHAo_m0nHLUK2YVm7jX49ohPVIZImEAZDOSwKFvcFoBS_OXcnn4C-jikh54BkFQImCf42ejahVoBIhBd_b3LJssvtgn5FldRISHMX-CPRZxVz4q6b3W_sb5bZzzk-7hiBRD22tAvzYiyCSCtr46XQZQQ1Az-U-WrOFO7mSY9lqC-yUhD5coYeJz07GKL6iex8Hxzj6ubRIjHzAR8CWhVP895m2Z68tB6JzGLycMgb4ozpv6Naquv43KHLD9njdjFgxWkR11-pSkBsyJB8Kljtbl03Di7ytOm2E_JRLed7HPJ9PlgER5Z5x9eKY3QjQrsg8oT6yfx54Ir1WA6XXsgTq7NAQCYGITs3_g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jul 2020 14:31:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	72 KB 22 KB	43ms 15ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: projectagora.net URL: http://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 14:31:02 GMT content-encoding gzip last-modified Wed, 01 Jul 2020 10:37:51 GMT server nginx etag W/"5efc677f-12154" status 200 content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Fri, 24 Jul 2020 14:31:02 GMT
POST H2	204	csm bidder.criteo.com/	0 136 B	65ms 64ms	Other text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm?ptv=92&profileId=185&av=32&wv=3.25.0 Requested by Host: clik.pw URL: http://clik.pw/u/Yw1WX1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://clik.pw/u/Yw1WX1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 204 date Thu, 23 Jul 2020 14:31:02 GMT access-control-allow-credentials true server Finatra access-control-allow-origin http://clik.pw timing-allow-origin * vary Origin
GET		sd us-u.openx.net/w/1.0/ Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXtCqEmcuDNoh9e-BK5cHI&google_cver=1	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6tzmebbvglgo.s.adsco.re

URL

https://6tzmebbvglgo.s.adsco.re/

Domain

us-u.openx.net

URL

https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEXtCqEmcuDNoh9e-BK5cHI&google_cver=1