urlscan.io logo urlscan.io
SecurityTrails logo

clck.adskeeper.com Open in urlscan Pro
172.64.152.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040...
Submission: On December 30 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 172.64.152.106, located in United States and belongs to CLOUDFLARENET, US. The main domain is clck.adskeeper.com. The Cisco Umbrella rank of the primary domain is 126124.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2023. Valid for: a year.
This is the only time clck.adskeeper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 172.64.152.106 13335 (CLOUDFLAR...)
2 172.253.62.106 15169 (GOOGLE)
1 92.38.145.145 199524 (GCORE)
1 142.251.167.95 15169 (GOOGLE)
2 142.251.163.94 15169 (GOOGLE)
1 18.160.41.112 16509 (AMAZON-02)
3 172.253.63.94 15169 (GOOGLE)
2 99.84.191.77 16509 (AMAZON-02)
1 2 52.202.244.141 14618 (AMAZON-AES)
1 104.18.35.65 13335 (CLOUDFLAR...)
23 10
9    172.64.152.106 (United States)

ASN13335 (CLOUDFLARENET, US)
clck.adskeeper.com
cdn.adskeeper.com
2    172.253.62.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f106.1e100.net
www.google.com
1    92.38.145.145 (Atlanta, United States)

ASN199524 (GCORE, LU)
s-img.adskeeper.com
1    142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
2    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
1    18.160.41.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net
static.hotjar.com
3    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
2    99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net
script.hotjar.com
2    52.202.244.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-244-141.compute-1.amazonaws.com
adrta.com
ipds.adrta.com
1    104.18.35.65 (None, )

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.co.uk
Apex Domain
Subdomains		 Transfer
10 adskeeper.com
clck.adskeeper.com — Cisco Umbrella Rank: 126124
cdn.adskeeper.com — Cisco Umbrella Rank: 185585
s-img.adskeeper.com — Cisco Umbrella Rank: 24991
174 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
458 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
61 KB
2 adrta.com
adrta.com — Cisco Umbrella Rank: 2159
ipds.adrta.com — Cisco Umbrella Rank: 4414
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
1 adskeeper.co.uk
c.adskeeper.co.uk — Cisco Umbrella Rank: 70275
337 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
23 7
Domain Requested by
7 cdn.adskeeper.com clck.adskeeper.com
cdn.adskeeper.com
3 www.gstatic.com www.google.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com clck.adskeeper.com
www.gstatic.com
2 clck.adskeeper.com clck.adskeeper.com
1 c.adskeeper.co.uk
1 ipds.adrta.com clck.adskeeper.com
1 adrta.com 1 redirects
1 static.hotjar.com clck.adskeeper.com
1 fonts.googleapis.com cdn.adskeeper.com
1 s-img.adskeeper.com clck.adskeeper.com
23 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-26 -
2024-04-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
adskeeper.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Frame ID: 945FE9DEE1BB3BC55DC6942E4FFA29B4
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=bot&cb=pyht1xufk6dp
Frame ID: 800907392DFA8D6A184F68D77446A2BC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tara From Toronto Sent You Hot Videos. Want To Watch?

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

698 kB
Transfer

1621 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252&publisherId=57843032&siteId=902824&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan&kv3=nbtA_n9itOan&kv4=-&kv5=-&kv6=afrd_click_Btrz&kv7=387295&kv11=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&kv12=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36 HTTP 302
  • https://ipds.adrta.com/i?__x=NKCLOCHMDGI@HBGJKHJMIQMKIQHOMMKJJBIMFHNKGJKIOHF@LKKJMLMNKMLJGMHHJJMBFNHIOHEMKFPJGAGMKINOHGLNHMIHKPIN@FOGHPKFKIFQIFBHAF@E&clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252&publisherId=57843032&siteId=902824&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan&kv3=nbtA_n9itOan&kv4=-&kv5=-&kv6=afrd_click_Btrz&kv7=387295&kv11=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&kv12=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1
clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bfc0273490d6a26820636e93d9a9d859ef3595a80ed4d59e67e2c542f95bc33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83d9725b380339e4-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 10:02:21 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex
desktop.css
cdn.adskeeper.com/css/tranzit/goods/adskeeper/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d2bc178cdc591c388013f6d07ae74c10cd78e1f77b75e2cc32a099dce245f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
QJ50RHYKK6GHNP6T
age
6295
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PltiQB5TgZsdm4S1dP85rE2+fhTgiqB9iEEES+GcNoItj2bD2QD6uTSUZpCCdtLU4JhxVuSyUqo=
last-modified
Mon, 28 Mar 2022 15:09:51 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1648480181/ctime:1648480181/gid:0/gname:root/md5:21c8f944b62b93b404ddcf3349a4346b/mode:33206/mtime:1648480181/uid:0/uname:root
etag
W/"21c8f944b62b93b404ddcf3349a4346b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
83d9725c18b239e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
jquery.min.js
cdn.adskeeper.com/js/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adskeeper.com/js/jquery.min.js
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
J4VPHGRPG9Q6083K
age
4583
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JYPIvAhAbmmIBpfIt78gaFmwhUunwVbYrbmekKpOxvCS+FXgryhgerC0NSijLf3paZMzT3yOgPs=
last-modified
Mon, 04 May 2020 12:18:10 GMT
server
cloudflare
etag
W/"a1a8cb16a060f6280a767187fd22e037"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83d9725c18b339e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
GSE /
Resource Hash
c3ccda574ee277064158d4f9ed78920e2b60e81f5a09de00c64d158c805f3429
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 30 Dec 2023 10:02:21 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU3Myx5XzU2NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMi8zN...
s-img.adskeeper.com/g/17183252/328x328/-/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/17183252/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU3Myx5XzU2NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMi8zNjQxODQvNDQ3ZjZhZGIxNGM4MTA4MjM3MWY0ZjA1ODE5OThkMGIuanBn.jpg?v=1703930541-gcczaYWnqNnIIhO48A4bdifzAETD_r6dd9mBbNp_R3s
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.38.145.145 Atlanta, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5020901eafaba3e40c2db448041567cd2d4709be459a5b015e2e42e14b073343

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-id
td2-hw-edge-gc11
date
Sat, 30 Dec 2023 10:02:21 GMT
last-modified
Tue, 12 Sep 2023 21:48:42 GMT
server
nginx
x-mg-request-uuid
fcbff664-1922-40fa-8c25-ffb796163fb2
traceparent
00-4fbf98d37fca9070b0e1b8904cd95d8b-26510546d0824588-01
x-cached-since
2023-12-26T14:41:42+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT
x-id-fe
td2-hw-edge-gc11
accept-ranges
bytes
content-length
23008
img.png
cdn.adskeeper.com/images/tranzit/ 		68 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.com/images/tranzit/img.png
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
CT42BV5T2ZGC7EPH
age
3628
alt-svc
h3=":443"; ma=86400
content-length
68
x-amz-id-2
yKnLCBPlxkpL+046vcsrNKQJrO6DXGMZbf+RNGYzF0Ic2Ro39igojpzMyrjykKBfGP5ZgDUXPCU=
last-modified
Thu, 24 Mar 2022 17:14:24 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root
etag
"91e42db1c66c0b276abf6234dc50b2eb"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83d9725d099c39e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
tracking.js
cdn.adskeeper.com/transit/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adskeeper.com/transit/tracking.js?t=1703923200
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
644a816674cb9d071237948dba64a258e1f40adf1f5ff93f488f21e3fdb585be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9RZ5T7C44M4T8EGB
age
6856
alt-svc
h3=":443"; ma=86400
x-amz-id-2
mYT3cFBm7RSSHpPHvHBGKEoIPVUbejS/ZhpmyTYWBy5bMraQcZD+MzTzR84HMXi57CklfcSHRrc=
last-modified
Mon, 04 May 2020 12:18:45 GMT
server
cloudflare
etag
W/"1c5cadbe93778de01d8453e269cb0be3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83d9725c18b439e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
dojo-other.js
clck.adskeeper.com/build/ 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clck.adskeeper.com/build/dojo-other.js?t=163fd2a28bc54713873ec8ef380603ae
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66977c0b12d60608a3619c2fc9ce6b8d92a51b1ace2c8c5f1003fe5c58617d33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 10:36:42 GMT
server
cloudflare
etag
W/"6581723a-11744"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83d9725d29a839e4-YYZ
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,400
Requested by
Host: cdn.adskeeper.com
URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 10:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 10:02:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 10:02:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clck.adskeeper.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 04:35:26 GMT
x-content-type-options
nosniff
age
365215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 04:35:26 GMT
hotjar-2590724.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2590724.js?sv=6
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-112.iad55.r.cloudfront.net
Software
/
Resource Hash
77ef91edc1528d3d4f625f1c62395d8855296e82842243924092e4474f3fb678
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 30 Dec 2023 10:02:10 GMT
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
15
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/7780b062786e3fe2a19377a51a17a746
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
V4gUc3nrX_M107h5Lf3noN1QUhPcMSC9Q3KmpKTZ7GQvaXOCN7PE4w==
logo.jpg
cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/logo.jpg
Requested by
Host: cdn.adskeeper.com
URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e2fb81691b078adf0c32de390e623f5418af05e5a87428b922ac32a1eb342c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
F5QAAF6NX4THRR54
age
3628
alt-svc
h3=":443"; ma=86400
content-length
4474
x-amz-id-2
M01x6MxxkP0yDrvmwf6avtbls4SOyTOIFs3bJQ1yxyEHdKF55BsfWTv/sYY7SQqNLKyobZwPg24=
cf-bgj
h2pri
last-modified
Mon, 04 May 2020 12:16:32 GMT
server
cloudflare
etag
"867afcdca9dd5f705f6cc378071f8d37"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83d9725d29a939e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
disclamer.png
cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/disclamer.png
Requested by
Host: cdn.adskeeper.com
URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d7cf5ba17e853451bce8d65932c014d4213b749cc549812559994de13c6f49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
AD3GHG8JQB7QWW28
age
3628
alt-svc
h3=":443"; ma=86400
content-length
77914
x-amz-id-2
VKscBJWRa0arxz4pcig0UwyVVHydb+ckALkKvE8kweYsTx+iTCeTdRfThbRCb01AnhwkHrlsS3k=
last-modified
Mon, 04 May 2020 12:16:32 GMT
server
cloudflare
etag
"45ddcc0543fdb888bccdb7203e60676e"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83d9725d29aa39e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
bg_arrow.jpg
cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/bg_arrow.jpg
Requested by
Host: cdn.adskeeper.com
URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3421e6bf3e6446408f5bb1a825399edd7f9e8eb615fbdabe4bb3dbcbc211ec5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1703923200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:21 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
VAJAN8R2FDD6XKN3
age
3628
alt-svc
h3=":443"; ma=86400
content-length
2535
x-amz-id-2
4Gr/AGOiGmOI6SzykC80cKD1aTlGPJ7ShBOdrR7zBxIgYuZE9T5Xzqd2CmFloYJ/VcBMha3y3vw=
cf-bgj
h2pri
last-modified
Mon, 04 May 2020 12:16:32 GMT
server
cloudflare
etag
"7a0c1287fbcba248930edb1f0a41395f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83d9725d29ab39e4-YYZ
expires
Sat, 30 Dec 2023 14:02:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clck.adskeeper.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:18:29 GMT
x-content-type-options
nosniff
age
2632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 09:18:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clck.adskeeper.com/
Origin
https://clck.adskeeper.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 08:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 08:49:32 GMT
modules.618aa075c4d9b6424e07.js
script.hotjar.com/ 		220 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-77.iad89.r.cloudfront.net
Software
/
Resource Hash
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4b0f0fc4315eea23426f6074a7254a8c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
777135
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55689
last-modified
Thu, 21 Dec 2023 10:09:33 GMT
etag
"6ed2c6300d63320c76677ced187741fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
2cZSOXhRWSqO8723MGCZsMFxVHBsoewXK9egkQBmQu_rowDuBx_NjQ==
i
ipds.adrta.com/
Redirect Chain
  • https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252&publisherId=57843032&siteId=902824&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGW...
  • https://ipds.adrta.com/i?__x=NKCLOCHMDGI@HBGJKHJMIQMKIQHOMMKJJBIMFHNKGJKIOHF@LKKJMLMNKMLJGMHHJJMBFNHIOHEMKFPJGAGMKINOHGLNHMIHKPIN@FOGHPKFKIFQIFBHAF@E&clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipds.adrta.com/i?__x=NKCLOCHMDGI@HBGJKHJMIQMKIQHOMMKJJBIMFHNKGJKIOHF@LKKJMLMNKMLJGMHHJJMBFNHIOHEMKFPJGAGMKINOHGLNHMIHKPIN@FOGHPKFKIFQIFBHAF@E&clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252&publisherId=57843032&siteId=902824&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan&kv3=nbtA_n9itOan&kv4=-&kv5=-&kv6=afrd_click_Btrz&kv7=387295&kv11=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&kv12=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36
Requested by
Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan
Protocol
H2
Server
52.202.244.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-244-141.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 30 Dec 2023 10:02:21 GMT
cache-control
no-cache
server
nginx
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ipds.adrta.com/i?__x=NKCLOCHMDGI@HBGJKHJMIQMKIQHOMMKJJBIMFHNKGJKIOHF@LKKJMLMNKMLJGMHHJJMBFNHIOHEMKFPJGAGMKINOHGLNHMIHKPIN@FOGHPKFKIFQIFBHAF@E&clid=mgid&paid=mgid&avid=-&caid=-&plid=17183252&publisherId=57843032&siteId=902824&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/17183252/i/57843032/2/pp/1/1?h=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&rid=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&ts=aniwave.to&tt=Referral&att=4&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&st=-240&mp4=1&h2=JgHHU1P5pLao990tjiwY4wY-tACKmUxKwoNTvkg-iew*&k=1511332fc*f!fY294-msfY2wLHVQffMTUy*Dk2f!f!ff!ffMzAw*DIwMA%3D%3DffffQf3faHR0cHM6Ly9hbml3YXZlLnRvL3dhdGNoL3NoaW5nZWtpLW5vLWt5b2lqbi10aGUtZmluYWwtc2Vhc29uLWthbmtldHN1LWhlbi1rb3VoZW4ucmxvN20vZXAtMQ%3D%AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4%241maW5hbC1zZWFzb24ta2Fua2V0c3UtaGVuLWtvdWhlbi5ybG83b%249lcC0xfKysvd2F0Y2gvc3dvcmQtYXJ0LW9ubGluZ%241wcm9ncmVzc2l2Z%241zY2hlcnpvLW9mLWRlZXAtbmlnaHQuODAwMW4vZXAtMQ%3D%3DfLfMTUy*Dk2*DE1MHwwfNDQ%3Df%2C*f!fcfMjAw*DMwMHww*DA%3DfeAfQ8fY294-tHf!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEyMC4wLjAuMCBTYWZhcmkvNTM3LjM2fUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGfCfV2luMzI%3DfLTI0MA%3D%3DfMXwxMDA%3DfMTkyMHwxMDQwfdW5rbm93bnw0Z3wwf!f!fQfsmR2Pf*f*(TKOEJ%3A&crst=1703924726&wrst=1703930524&muid=nbtA_n9itOan&kv3=nbtA_n9itOan&kv4=-&kv5=-&kv6=afrd_click_Btrz&kv7=387295&kv11=HLrkQOZV8KZrGWeVmcbLhRdgHOpDKNyhHdPvhCv1_k47ta4kz8eKX4ZY040CiRWBX9v_a8Uz0FEB6gPQd35DPg**&kv12=f98d529c-a6ec-11ee-b74b-c84bd6836d7e&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36
date
Sat, 30 Dec 2023 10:02:21 GMT
server
nginx
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame 8009 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=bot&cb=pyht1xufk6dp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
GSE /
Resource Hash
30e922ae10206342ed4cc73fab2610cfa878011841746bd254898d05434cf0d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eMkdieXWdzNKJQchFQzYrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clck.adskeeper.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eMkdieXWdzNKJQchFQzYrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 10:02:21 GMT
expires
Sat, 30 Dec 2023 10:02:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
browser-perf.28a8c6b22b3c0474c577.js
script.hotjar.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-77.iad89.r.cloudfront.net
Software
/
Resource Hash
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4b0f0fc4315eea23426f6074a7254a8c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
4923495
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1589
last-modified
Fri, 03 Nov 2023 10:23:46 GMT
etag
"d065ec1659ab8dbb93042fdf9a225634"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
pF-q6phHyRS0eH3IUXxbopjK0P8lbd8NWcd6VRIVxtUWz18EzWdpuw==
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8009 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=bot&cb=pyht1xufk6dp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 04:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 04:41:51 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8009 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&sa=bot&cb=pyht1xufk6dp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 08:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Dec 2024 08:49:32 GMT
metric
c.adskeeper.co.uk/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHBzOi8vY2xjay5hZHNrZWVwZXIuY29tL2doaXRzLzE3MTgzMjUyL2kvNTc4NDMwMzIvMi9wcC8xLzE/aD1ITHJrUU9aVjhLWnJHV2VWbWNiTGhSZGdIT3BES055aEhkUHZoQ3YxX2s0N3RhNGt6OGVLWDRaWTA0MENpUldCWDl2X2E4VXowRkVCNmdQUWQzNURQZyoqJnJpZD1mOThkNTI5Yy1hNmVjLTExZWUtYjc0Yi1jODRiZDY4MzZkN2UmdHM9YW5pd2F2ZS50byZ0dD1SZWZlcnJhbCZhdHQ9NCZjcG09MSZhYmQ9MSZpdj0xMSZjdD0xJmdkcHJBcHBsaWVzPTAmc3Q9LTI0MCZtcDQ9MSZoMj1KZ0hIVTFQNXBMYW85OTB0aml3WTR3WS10QUNLbVV4S3dvTlR2a2ctaWV3KiZrPTE1MTEzMzJmYypmIWZZMjk0LW1zZlkyd0xIVlFmZk1UVXkqRGsyZiFmIWZmIWZmTXpBdypESXdNQSUzRCUzRGZmZmZRZjNmYUhSMGNITTZMeTloYm1sM1lYWmxMblJ2TDNkaGRHTm9MM05vYVc1blpXdHBMVzV2TFd0NWIybHFiaTEwYUdVdFptbHVZV3d0YzJWaGMyOXVMV3RoYm10bGRITjFMV2hsYmkxcmIzVm9aVzR1Y214dk4yMHZaWEF0TVElM0QlQWNMU0ZOaXZHWG81RG5vUHFBZFZ4SEI3cVFyVXZ4amdYeG1yR2hFRkg2djQlMjQxbWFXNWhiQzF6WldGemIyNHRhMkZ1YTJWMGMzVXRhR1Z1TFd0dmRXaGxiaTV5Ykc4M2IlMjQ5bGNDMHhmS3lzdmQyRjBZMmd2YzNkdmNtUXRZWEowTFc5dWJHbHVaJTI0MXdjbTluY21WemMybDJaJTI0MXpZMmhsY25wdkxXOW1MV1JsWlhBdGJtbG5hSFF1T0RBd01XNHZaWEF0TVElM0QlM0RmTGZNVFV5KkRrMipERTFNSHd3Zk5EUSUzRGYlMkMqZiFmY2ZNakF3KkRNd01Id3cqREElM0RmZUFmUThmWTI5NC10SGYhZlRXOTZhV3hzWSUyNDgxTGpBZ0tGZHBibVJ2ZDNNZ1RsUWdNVEF1TURzZ1YybHVOalE3SUhnMk5Da2dRWEJ3YkdWWFpXSkxhWFF2TlRNM0xqTTJJQ2hMJTI0RlJOVEN3Z2JHbHJaJTI0QkhaV05yYnlrZ1EyaHliMjFsTHpFeU1DNHdMakF1TUNCVFlXWmhjbWt2TlRNM0xqTTJmVUVSR1ZtbGxkMlZ5KkVOb2NtOXRaVkJFUmxacFpYZGxjbnhEYUhKdmJXbDFiVkJFUmxacFpYZGxjbnhOYVdOeWIzTnZablJGWkdkbFVFUkdWbWxsZDJWeSpGZGxZa3RwZEdKMWFXeDBMV2x1VUVSR2ZDZlYybHVNekklM0RmTFRJME1BJTNEJTNEZk1Yd3hNREElM0RmTVRreU1Id3hNRFF3ZmRXNXJibTkzYm53MFozd3dmIWYhZlFmc21SMlBmKmYqKFRLT0VKJTNBJmNyc3Q9MTcwMzkyNDcyNiZ3cnN0PTE3MDM5MzA1MjQmbXVpZD1uYnRBX245aXRPYW4ifSwidGFncyI6WyJ0cmFuc2l0LXRlbXBsYXRlOi9ob21lL3d3dy90cmFuc2l0L2FwcC9jb25maWcvLi4vdmlld3MvcGFydGlhbHMvZ29vZHMvbWV0cmljcy5waHRtbCIsInRyYW5zaXQtZGV2aWNlOmRlc2t0b3AiLCJ0cmFuc2l0LXR5cGU6Z29vZHMiXSwicGVyZm9ybWFuY2UiOnsiY29ubmVjdFRpbWUiOjAuMTMzLCJkb21Db21wbGV0ZSI6MS4wNTYsInBhZ2VMb2FkVGltZSI6MS4wNTcsInJlcXVlc3RTdGFydFRpbWUiOjAuMDQ4LCJyZXNwb25zZUVuZFRpbWUiOjAuMTgxfX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clck.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:22 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6e06a2c9-e6a6-426c-bbde-e21551ac51fc
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
cf-ray
83d97263accaa214-YYZ
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, User-Agent, Referer
alt-svc
h3=":443"; ma=86400
access-control-allow-method
HEAD, OPTIONS, POST

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery number| _mgExternalLinkChanger string| compositeId object| s1 number| transitType object| transitThrownParams function| onLoadAfRecaptcha function| onRcResponse string| grResponse function| start function| addEvent function| mgidHP object| _mgtq object| loadOptions function| hj object| _hjSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| bindAfParams object| recaptcha object| closure_lm_97541

7 Cookies

Domain/Path Name / Value
.adskeeper.com/ Name: muidn
Value: nbtA_n9itOan
clck.adskeeper.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22206%22%3A%7B%7D%7D
.adskeeper.com/ Name: _hjSessionUser_2590724
Value: eyJpZCI6ImM4NGE4OTdhLWE3NmQtNWJhNi04MzNjLWUzOWZhYTczNzE4ZCIsImNyZWF0ZWQiOjE3MDM5MzA1NDIwMjgsImV4aXN0aW5nIjpmYWxzZX0=
.adskeeper.com/ Name: _hjFirstSeen
Value: 1
.adskeeper.com/ Name: _hjIncludedInSessionSample_2590724
Value: 0
.adskeeper.com/ Name: _hjSession_2590724
Value: eyJpZCI6IjRjZDE4NTJlLTc3MjAtNGVkMC1hNjY3LTFlMzhmMThlM2QyYSIsImMiOjE3MDM5MzA1NDIwMzQsInMiOjAsInIiOjAsInNiIjowfQ==
.adskeeper.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
c.adskeeper.co.uk
cdn.adskeeper.com
clck.adskeeper.com
fonts.googleapis.com
fonts.gstatic.com
ipds.adrta.com
s-img.adskeeper.com
script.hotjar.com
static.hotjar.com
www.google.com
www.gstatic.com
104.18.35.65
142.251.163.94
142.251.167.95
172.253.62.106
172.253.63.94
172.64.152.106
18.160.41.112
52.202.244.141
92.38.145.145
99.84.191.77
12d7cf5ba17e853451bce8d65932c014d4213b749cc549812559994de13c6f49
30e922ae10206342ed4cc73fab2610cfa878011841746bd254898d05434cf0d4
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
49e2fb81691b078adf0c32de390e623f5418af05e5a87428b922ac32a1eb342c
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
5020901eafaba3e40c2db448041567cd2d4709be459a5b015e2e42e14b073343
5bfc0273490d6a26820636e93d9a9d859ef3595a80ed4d59e67e2c542f95bc33
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
644a816674cb9d071237948dba64a258e1f40adf1f5ff93f488f21e3fdb585be
66977c0b12d60608a3619c2fc9ce6b8d92a51b1ace2c8c5f1003fe5c58617d33
77ef91edc1528d3d4f625f1c62395d8855296e82842243924092e4474f3fb678
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9d2bc178cdc591c388013f6d07ae74c10cd78e1f77b75e2cc32a099dce245f9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c3ccda574ee277064158d4f9ed78920e2b60e81f5a09de00c64d158c805f3429
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f3421e6bf3e6446408f5bb1a825399edd7f9e8eb615fbdabe4bb3dbcbc211ec5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615