clubtk.ru Open in urlscan Pro
2606:4700:3034::ac43:d66a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clubtk.ru/
Submission: On February 08 via manual (February 8th 2022, 6:25:15 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 74 IPs in 11 countries across 61 domains to perform 224 HTTP transactions. The main IP is 2606:4700:3034::ac43:d66a, located in United States and belongs to CLOUDFLARENET, US. The main domain is clubtk.ru.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time clubtk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3034::ac43:d66a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3031::6815:22c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	109.248.237.51 109.248.237.51	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
2 6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 2	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
6	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
6	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 10	88.212.252.22 88.212.252.22	7979 (SERVERS-COM) (SERVERS-COM)
1 2	116.202.236.171 116.202.236.171	24940 (HETZNER-AS) (HETZNER-AS)
1 2	154.47.36.88 154.47.36.88	174 (COGENT-174) (COGENT-174)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 14	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	80.64.106.153 80.64.106.153	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
4	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7 10	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 5	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2602:803:c004... 2602:803:c004:200::153	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 8	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e051	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:4df7:c950:c1aa:eb0e	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
2	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
8 8	18.157.193.122 18.157.193.122	16509 (AMAZON-02) (AMAZON-02)
1	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7 8	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
2 2	3.120.83.159 3.120.83.159	16509 (AMAZON-02) (AMAZON-02)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 9	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1 2	3.64.208.15 3.64.208.15	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
224	74

29 2606:4700:3034::ac43:d66a (United States)

ASN13335 (CLOUDFLARENET, US)

clubtk.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::6815:22c2 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.34 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.51 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

s.luxupcdnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.66.35 (Laren, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 88.212.252.22 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.236.171 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.171.236.202.116.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.88 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

luxupcdnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.87 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.153 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr8.rutarget.ru

prebid-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.85.93 (Osterhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

ssp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

alz-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.134.249 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.84.252 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad24.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e051 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:4df7:c950:c1aa:eb0e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.31 (Switzerland)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

tag.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.157.193.122 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-122.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.190.76.38 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.160 (Muehlheim am Main, Germany) 7 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.83.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Paris, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.208.15 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-208-15.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	clubtk.ru clubtk.ru	501 KB
21	rubiconproject.com 4 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 467 beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 12775 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel.rubiconproject.com — Cisco Umbrella Rank: 312 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741	40 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	98 KB
20	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	171 KB
19	yandex.ru 3 redirects yandex.ru — Cisco Umbrella Rank: 1452 mc.yandex.ru — Cisco Umbrella Rank: 2853 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 33454 an.yandex.ru — Cisco Umbrella Rank: 3286	122 KB
15	luxupcdnc.com 1 redirects s.luxupcdnc.com — Cisco Umbrella Rank: 174826 luxupcdnc.com — Cisco Umbrella Rank: 151405	61 KB
11	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818 cache.betweendigital.com — Cisco Umbrella Rank: 19174	8 KB
9	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1056	4 KB
9	mathtag.com 4 redirects tags.mathtag.com — Cisco Umbrella Rank: 3608 pixel.mathtag.com — Cisco Umbrella Rank: 1240 sync.mathtag.com — Cisco Umbrella Rank: 421	6 KB
9	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10227 ad.mail.ru — Cisco Umbrella Rank: 7967	17 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	4 KB
8	ad-srv.net 2 redirects ad.ad-srv.net — Cisco Umbrella Rank: 30986 ad24.ad-srv.net — Cisco Umbrella Rank: 193613	7 KB
8	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 acdn.adnxs.com — Cisco Umbrella Rank: 565	23 KB
6	yastatic.net 2 redirects yastatic.net — Cisco Umbrella Rank: 6518	154 KB
5	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 2736	3 KB
5	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 251467	22 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	118 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
4	otm-r.com ssp.otm-r.com — Cisco Umbrella Rank: 74138	1 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	7 KB
4	rutarget.ru prebid-bidder.rutarget.ru — Cisco Umbrella Rank: 156094 tag.rutarget.ru — Cisco Umbrella Rank: 70534 google-sync.rutarget.ru — Cisco Umbrella Rank: 119506	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
3	yahoo.com 2 redirects ads.yahoo.com — Cisco Umbrella Rank: 913 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	103 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	452 B
2	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 2434	950 B
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 10571	706 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3972	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12418	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690	1 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14385	1 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738
2	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 47781	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	57 KB
2	openx.net alz-d.openx.net — Cisco Umbrella Rank: 108118 u.openx.net — Cisco Umbrella Rank: 710	465 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	386 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 16026	712 B
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 25947	847 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 41736 clickiocdn.com — Cisco Umbrella Rank: 31095	151 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 5658	410 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702	779 B
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2318	75 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1700	235 B
1	mts.ru tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	653 B
1	sniperlog.ru sync3.sniperlog.ru — Cisco Umbrella Rank: 37090	516 B
1	adhigh.net px.adhigh.net — Cisco Umbrella Rank: 10726	78 B
1	kaspersky.com media.kaspersky.com — Cisco Umbrella Rank: 137138	125 KB
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 560	177 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1220	63 KB
1	adlmerge.com 1 redirects adlmerge.com — Cisco Umbrella Rank: 167542	149 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5034	792 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646	171 B
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2627	499 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1204	343 B
1	gstatic.com fonts.gstatic.com	94 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	80 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	31 KB
224	61

	Domain	Requested by
29	clubtk.ru	clubtk.ru
14	luxupcdnc.com	1 redirects s.luxupcdnc.com s.clickiocdn.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net clubtk.ru onetag-sys.com
10	ads.betweendigital.com	1 redirects yastatic.net s.clickiocdn.com ads.betweendigital.com tag.rutarget.ru onetag-sys.com
10	mc.yandex.ru	3 redirects clubtk.ru cdn.jsdelivr.net
9	onetag-sys.com	1 redirects cache.betweendigital.com onetag-sys.com
8	x.bidswitch.net	8 redirects
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
7	ib.adnxs.com	3 redirects s.clickiocdn.com googleads.g.doubleclick.net acdn.adnxs.com
6	eus.rubiconproject.com	clubtk.ru eus.rubiconproject.com s.clickiocdn.com cache.betweendigital.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net clubtk.ru
6	an.yandex.ru	yastatic.net tag.rutarget.ru
6	top-fwz1.mail.ru	clubtk.ru top-fwz1.mail.ru
6	yastatic.net	2 redirects yastatic.net
5	sync.bumlam.com	5 redirects
5	tags.mathtag.com	1 redirects clubtk.ru
5	newrrb.bid	clubtk.ru newrrb.bid
4	pixel.rubiconproject.com	clubtk.ru onetag-sys.com
4	ad24.ad-srv.net	ad.ad-srv.net
4	ad.ad-srv.net	2 redirects clubtk.ru ad.ad-srv.net
4	s0.2mdn.net	clubtk.ru s0.2mdn.net 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ssp.otm-r.com	s.clickiocdn.com
4	fastlane.rubiconproject.com	s.clickiocdn.com
3	sync.mathtag.com	3 redirects
3	match.adsrvr.org	2 redirects clubtk.ru
3	token.rubiconproject.com	3 redirects
3	www.googletagservices.com	s.luxupcdnc.com 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	ad.mail.ru	yastatic.net clubtk.ru tag.rutarget.ru
3	www.google-analytics.com	clubtk.ru www.google-analytics.com
2	pixel.advertising.com	1 redirects onetag-sys.com
2	dmp.adform.net	2 redirects
2	www.tns-counter.ru	1 redirects
2	pixel-eu.rubiconproject.com	eus.rubiconproject.com onetag-sys.com
2	x01.aidata.io	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync3.adsniper.ru	2 redirects
2	ap.lijit.com	2 redirects
2	tag.rutarget.ru	s.clickiocdn.com tag.rutarget.ru
2	www.awin1.com	1 redirects ad.ad-srv.net
2	id.rlcdn.com	clubtk.ru onetag-sys.com
2	cdn.contentspread.net	ad.ad-srv.net
2	gum.criteo.com	1 redirects static.criteo.net
2	googleads4.g.doubleclick.net	clubtk.ru
2	static.criteo.net	s.clickiocdn.com static.criteo.net
2	googleads.g.doubleclick.net	5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com clubtk.ru
2	www.google.com	tpc.googlesyndication.com 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
2	5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	clubtk.ru
2	mc.webvisor.org	1 redirects clubtk.ru
2	exchange.buzzoola.com	1 redirects clubtk.ru
2	connect.facebook.net	clubtk.ru connect.facebook.net
2	yandex.ru	clubtk.ru
1	t.adx.opera.com
1	p.rfihub.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	visitor.omnitagjs.com
1	secure-assets.rubiconproject.com	1 redirects
1	tech.rtb.mts.ru	tag.rutarget.ru
1	google-sync.rutarget.ru	tag.rutarget.ru
1	sync3.sniperlog.ru
1	cache.betweendigital.com	ads.betweendigital.com
1	px.adhigh.net	ads.betweendigital.com
1	acdn.adnxs.com	s.clickiocdn.com
1	u.openx.net	s.clickiocdn.com
1	media.kaspersky.com	ad.ad-srv.net
1	sync-tm.everesttech.net	clubtk.ru
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com	clubtk.ru
1	mug.criteo.com
1	code.createjs.com	s0.2mdn.net
1	pixel.mathtag.com	clubtk.ru
1	adlmerge.com	1 redirects
1	beacon-fra2.rubiconproject.com	clubtk.ru
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	prebid-eu.creativecdn.com	s.clickiocdn.com
1	alz-d.openx.net	s.clickiocdn.com
1	inv-nets.admixer.net	s.clickiocdn.com
1	bidder.criteo.com	s.clickiocdn.com
1	prebid.a-mo.net	s.clickiocdn.com
1	prebid-bidder.rutarget.ru	s.clickiocdn.com
1	matchid.adfox.yandex.ru	yastatic.net
1	fonts.gstatic.com	clubtk.ru
1	cdn.jsdelivr.net	clubtk.ru
1	clickiocdn.com	clubtk.ru
1	www.googletagmanager.com	clubtk.ru
1	s.luxupcdnc.com	clubtk.ru
1	s.clickiocdn.com	clubtk.ru
224	91

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
vk.com
ok.ru
tgclick.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
s.clickiocdn.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
s.luxupcdna.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
adlmerge.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-18` - `2022-02-16`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
*.a-mo.net R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-11` - `2022-06-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
ad-srv.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
contentspread.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
ltmse.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.rtb.mts.ru Thawte RSA CA 2018	`2021-12-21` - `2023-01-19`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://clubtk.ru/
Frame ID: ED1C18D3316C5F2D72CCE200BD5FA3DA
Requests: 117 HTTP requests in this frame

Frame: data://truncated
Frame ID: 744B6808FB7CC372BD1D8BB27E04DBD3
Requests: 1 HTTP requests in this frame

Frame: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1EE51419C3BBEE2274B2FD06B877F63C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C125159E76DE90864159988335D6CD1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3CF0729A185AD0677C2FD25B89BFAC4
Requests: 2 HTTP requests in this frame

Frame: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6BCE99C78EC5731D6E12A1B23605CE4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGL_o854BMAE&v=APEucNU7OIauMxwp6Epf4R54i5yk5GtJ-ei6Tp_f_YR7xQMyk9RH6BZH67W3Wd9-UWGphNMn4JjY7y6qxgKP1jSIGPt0ZzkUmWbmvxhe15-KkAvxBS0T4LUzLV6uW_x61Funkk9O4dubLcoc9cuOjiRKguOJnTGoVm8FJNlZTy84NsIzGa3yy1E
Frame ID: 09F7AF10F5DB8ED357C101BB9B639DB0
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve5Be8OvViPKuNMEANWegACTLs21JpXgfbzj-iJwM1uqcwr8pYglxSC_CsGS2tqJ4eYeSwUyzVzbwEyafI2_VTjNi25dnfJaelV9OI_xdpx8UdWRRSt8C7qYeBGNMCkTM6NqDg6ccY-R7o4XkRQNIxGk-oQGdW_yfXcgaZ3RXrPzau7W4pZDMBN85jAbRuKeMMctvOdBSgkXqcMv1DmQQchhoPSroH4vS_leaET3nW8NXw0LBqMN8qnSn7aBOd_0xa9Eni6P4C71nBKr4cv_MfDRjtGrV9kgt4M45LuyzGfbXCb219Pe3owUOtWNe6Cm7_ciM&sai=AMfl-YTn6jILxDIsGMgcuQZoY5OUe-GdhUjaDf7knIZmeXwArV-EtwJuwESgZ0e3RfrKizWZEZxxWr0OoOnZDsy-6DYkKewwsJwmbZ13coD-MTFxReXlkOhphNK8KcvdT4-T&sig=Cg0ArKJSzG5DzpklTKprEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 63EA6D91EC49847E1D803559152CA1EE
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html
Frame ID: 848F572A5B42859397153D50EFE3FD0A
Requests: 4 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Frame ID: 34C6C8FA7C9A307C7038995903418F7F
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1A902BC32B08BBA0F78C3B5283561492
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 258B368071A12594640B99F5FC83229B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=clubtk.ru
Frame ID: B77B170D577401191035A57ED94E37B4
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Frame ID: 4E49BCF80195FDCD2779DA00B29E2DAD
Requests: 6 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=559379&pv=1&pref1=55986800208258401649437011864024
Frame ID: 9E0B8FAA2BDFAB4ACA330A8E5D8EA31D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: AD2DB257C6937A1850082EF96BF113BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C035B50E8ED0A2C3BE9ADD035B23B58A
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 2B7ABFD27C3AFB1171E1C1AE87D75CB0
Requests: 5 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Frame ID: 287DED5E42138F012CF5355ACF77A206
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FF137A1773F8AC062A0F94551CBBDA10
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=568d0ffb-877f-5127-b031-f588d233400c&CACHEBUSTER=318211
Frame ID: C26F3080B87FF97DE0888475894B675F
Requests: 7 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Frame ID: 1D855BAC15DD1953032D70143D052458
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 1D9CE8E7BDFE8B5B217EBED16D1DB42B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: C0C708CA46F23472DD546762B85A5287
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Клуб кадровиков – КлубТК

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

224
Requests

83 %
HTTPS

36 %
IPv6

61
Domains

91
Subdomains

74
IPs

11
Countries

2201 kB
Transfer

5930 kB
Size

87
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/clubtkru/

Search URL Search Domain Scan URL

URL: https://vk.com/clubtk_ru

Search URL Search Domain Scan URL

URL: https://ok.ru/group/53125605949662

Search URL Search Domain Scan URL

URL: https://tgclick.com/clubtk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 38

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 41

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A0%3Als%3A991235763048%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A135770549%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Ast%3A1644344708&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A0%3Als%3A991235763048%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A135770549%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Ast%3A1644344708&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 42

https://mc.yandex.ru/watch/37512210?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A267444791443%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A477341109%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644344708%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/37512210/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A267444791443%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A477341109%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644344708%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 56

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 57

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9543.lx4L5cpX9x2JjsItGOthIE68BnqeCjwEhRLq28yeGINtYsfGFcLb4_aa3wQJsile.xKuRmXjk7mXIpkYbPvPMCPPr_dU%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9543.wuNPEZEW_rZrKm4GlbK4ToP5KlXjBU8CvEbvNMSkpHQ5FFuIH5sbm8mbDIrLddbATa4mn8jN0JGCStEvPy-vPhACnCCed8jvRRKfBJLClJI%2C.xyZsX-PzBFKRhUr_9_NkUNu8_YM%2C

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgK1hfHJ5uNcbSuGKpUpigAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBpGtbER-Aa9XrIm5oB-WG8&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5Mjc0NDQ3MjA5MjQ0ODAyMg%3D%3D

Request Chain 127

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWTJZellUVmxObVV0TmpVNE15MWlPVEE1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTgzODEzNzgwMjQ1NTM4NjAvNzUxNTc1NC81NjM3MjU0LzkvT2RjR1d2U1cyOUtHUzVEelNIekNUemtXMENwRmYyMUUwR1Y4d3hwbVlIOC8xLzkvMC8wLzExODM0NzcvMC8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU1ODM4MTM3ODAyNDU1Mzg2MC9hbXMvMC8yMDAwLzgwLzk5OS8yLzJhMDI6NmVhMDpjNzFiOjovMC4wMDAvMTY0NDM0NDcwOC8xNjQ0MzQ4MzA4LzkvMTk5NDQv/Fjys2Zjqmy4iA3ERok_xBzMs-dI&nodeid=3013&group=cdg&auctionid=8558381378024553860&shardkey=8558381378024553860&sid=5637254&cid=7515754&price=85366E6D32782861&bp=a_adgfdd&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.134.180 HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=8558381378024553860&node_id=3013&exch_id=9

Request Chain 129

https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04 HTTP 301
https://adlmerge.com/md/?mdback=https%3a%2f%2fluxupcdnc.com%2fnpm_show%2f%3frt%3d470973253%26dfp_mode%3d1%26policy%3dok%26first%3d1%26sds_id%3d7181257%26bid%3d0.04& HTTP 301
https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04&md=7062406749960490561

Request Chain 135

https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru HTTP 302
https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1

Request Chain 150

https://gum.criteo.com/sid/json?origin=publishertag&domain=clubtk.ru&sn=ChromeSyncframe&so=0&topUrl=clubtk.ru&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xowSXXw4cEsrVkl3a2orN01Idjd0TS8vOWMwWWJNVjlQbzE4VjFWMEVyRjFZaWNTd3hidlh6RE4wQUZNZWlGTFdrbjc1dlJqMUxvTng2ckZ0Z0FrYjNNcFVPNENlTGJvTkdZcFJhMGZhRXp1cjBkd1JVSDgxV01NNjZmdkMxN05XZHRyQjlIQVZiemk3STRYc2tVQUl0OTZwdnc1OEtkdnpDM1JqNUtDblB6UFpWKzExZXlYTSt5cnlvRXFiT1MvT0FFcStEOHFFYVRWOThyTG1vLzJhWW82L3FYcy9uU3NqV1IzbGg1S0V2TFJWNFNvZTZ5eDIrNHNBRmFaZHMwTTQrd2JCTElQdW15ZnIyZkt3R1daTXF2NkVZQT09fA&cppv=2

Request Chain 152

https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1

Request Chain 161

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEGDTKN-V-IKWG&sigv=1&esig=2~d3732fa28d55aeee6d51e45f8598537f8c012443

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBJX2X1ZjrQvx2Z4ayqQjSE&google_cver=1

Request Chain 164

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZewL9wz370q_pjyzZGqpmw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=995909765184762803

Request Chain 166

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFR0RUS04tVi1JS1dH

Request Chain 168

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ef316202-b585-4501-ac0e-10182752d94a&expires=28

Request Chain 169

https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=559379&pv=0&pref1=55986800208258401649437011864024 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-160x600.jpg

Request Chain 188

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=ef316202-b585-4501-ac0e-10182752d94a&expires=30&ssp=between&bsw_param=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0

Request Chain 190

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d2907f02dc475dadcb13b123

Request Chain 191

https://sync.bumlam.com/?src=bw1&uid=568d0ffb-877f-5127-b031-f588d233400c HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiI64qQBlIFvp7KygpiJDU2OGQwZmZiLTg3N2YtNTEyNy1iMDMxLWY1ODhkMjMzNDAwYw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiI64qQBlIFvp7KygpiJDU2OGQwZmZiLTg3N2YtNTEyNy1iMDMxLWY1ODhkMjMzNDAwY6IBEHQzaJSJDBHshuAAJZDAZHw* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiI64qQBmIkNTY4ZDBmZmItODc3Zi01MTI3LWIwMzEtZjU4OGQyMzM0MDBjogEQdDNolIkMEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiI64qQBmIkNTY4ZDBmZmItODc3Zi01MTI3LWIwMzEtZjU4OGQyMzM0MDBjogEQdDNolIkMEeyG4AAlkMBkfA** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=74336894-890c-11ec-86e0-002590c0647c

Request Chain 194

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=4778b7da-1824-41ce-b267-1c16c0915dc0 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=4778b7da-1824-41ce-b267-1c16c0915dc0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=ef64e5e5-8661-4acc-b3fa-1aa08cd530b4&ssp=between&expires=30&user_group=5&bsw_param=4778b7da-1824-41ce-b267-1c16c0915dc0 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0

Request Chain 196

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=74336894-890c-11ec-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=74336894-890c-11ec-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=Tg8x%2BLpNdnChLsCx6bC8iA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata&google_gid=CAESEKl3ci-_XCRcqjlXVS5OOZg&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=UExCelJWZXhyT0lx&google_ula=2046794&google_cm= HTTP 302
https://google-sync.rutarget.ru/sync?google_gid=CAESEMFkSakjMtHroKxGtfGeJ2o&google_cver=1&google_ula=2046794,2

Request Chain 203

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 206

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211

Request Chain 209

https://x.bidswitch.net/sync?dsp_id=429&user_id=568d0ffb-877f-5127-b031-f588d233400c&expires=60 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=4778b7da-1824-41ce-b267-1c16c0915dc0&name=BIDSWITCH

Request Chain 211

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/ef316202-b585-4501-ac0e-10182752d94a

Request Chain 213

https://dmp.adform.net/serving/cookie/match?party=1167&cid=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE HTTP 302
https://onetag-sys.com/sync/i,34/652836362703642446

Request Chain 214

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2492744472092448022

Request Chain 216

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 217

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABftqVIQXhCzikAiN-IqIzUmY-hpFJFvYlNA

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENzPdl0qrrTrzpl4Ko-Dodc&google_cver=1

Request Chain 221

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-.z_iDTlE2uEIr.vJi6QEfAy2Ckbdi6JDZhmBONE-~A

Request Chain 222

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=36800df7-5edd-46e9-a516-bfed3605c79f&ttl=1646936713

Request Chain 223

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433822579207305&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent=&us_privacy=

Request Chain 225

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F568d0ffb-877f-5127-b031-f588d233400c HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/568d0ffb-877f-5127-b031-f588d233400c

224 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
clubtk.ru/ 104 KB
20 KB 315ms
284ms Document
text/html 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

45fb3707bc38ec1e94d8121f573d35598f498e973b74bb404feb52eed1dca322

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 08 Feb 2022 18:25:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBxrzzXE4Oz1cWGkLWCAaBJjIWvlyIpGlfW%2FKnb8v1ugXHFOMJq7KUhn0K%2FuGxEhjXY8ThBe3OcxYDqiAA58CDkMYyI7lOUAZ5IkZVWV%2Fp4b1T2E96a5befRYHdph9Eqcj4IFOo8dco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6da6e6171f529295-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 q0ge.min.js Show response
newrrb.bid/ 66 KB
20 KB 68ms
22ms Script
text/javascript 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/q0ge.min.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223
duration: 295131
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Feb 2022 18:21:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BB%2BnQCcQZAGsTqugw8ldPV2KtrJdOJHZrPuDqdoThDGrCz5kb6U2oZr8%2FBaIxsjrpPJByQeXjNVK2zsV381fMbjUw7DEyZfwWM0FsjdXf2TjnDzxgD1hDhx1dPaDJkcsk9QD5AtJukkr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6da6e6194f339140-FRA
access-control-allow-headers: *
expires: Tue, 08-Feb-2022 20:26:25 EET

GET
H2 200 jquery.convform.min.css
clubtk.ru/asset/new/css/ 7 KB
2 KB 43ms
42ms Stylesheet
text/css 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/css/jquery.convform.min.css

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ba10ada0d166de676f1966d29d701b5060b5e51bf659639382e4b3f6bb993

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jul 2020 13:01:21 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AnD%2B2BIl0LqMVnP%2BMUe1LdVc2yNRN4Ol6HNwZoDUzwdKHAT2X%2Boh18stlgap5wYywoBoCpklviIxFQesXamy4EaBIlh%2FtUOS6kl4dkfGPnlCcyj%2FQJ1Q%2B0%2B87TsGFZi7qKx5vei%2Bu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190d8f9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
clubtk.ru/asset/new/css/ 282 KB
32 KB 33ms
31ms Stylesheet
text/css 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/css/style.css

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe275ee079f4b8c2c4a61a55ba67b3bb66f9a6f0487f88c91f927eb6f195eb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Jul 2021 14:51:39 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vb6pxmZptIaez7CdOLo08OkIlzMzuIvQYVzXUIk8XcLuOjKJemRR6wWZTq2ORn421vxr7nyxJFUMyB%2FDkoQAU2hz5T7GDVBKqhWLy2tzlMhn4qFLWl1xcTci2pDCuzgTn69bpZHjxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190d979295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styleupd.css
clubtk.ru/asset/new/css/ 301 KB
42 KB 48ms
47ms Stylesheet
text/css 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/css/styleupd.css

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3969119df1be46fcba3f684afa154825f82e2a98c9add1cf850f8f5a9be9b518

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 10:00:16 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Ag9UYL7gb7S1cevNNj83Yjip4imC6NrBV6%2BftaW9gRgCPAfCDc4xgiCRsQi6NPG15oIkDftu06FMyJUmLtRwfaoB1bb3Ihptfc8EdB12OpeOd4aMpFkC7XQdskciYKYU4vJHGAl1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190d999295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 profstandard.css
clubtk.ru/asset/new/css/ 14 KB
3 KB 28ms
26ms Stylesheet
text/css 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/css/profstandard.css

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc5eb9db448ea07eb5ad9e6a0f52c6bb3cedc7f73444fe513a5c6125fb3d864

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2018 09:17:48 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5khtLQShbA79uLNMwhTh%2BO%2FTVqpvgej5znWTz%2BhluaDuEqo7gC1Enq2QQJF8LbEL8aZZmlhrUrnAGmAa6vquCjLWzin%2BJG80UMThQWeATy4RsuRWn5VD%2FDYX%2FqKvzLdxkZCJOofcQxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190d9c9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
clubtk.ru/_lib/font-awesome-4.7.0/css/ 30 KB
7 KB 26ms
25ms Stylesheet
text/css 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/_lib/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Eoz7gngFPjeoLfnRkbVVAvsgaFQtndfvu6VeL%2FyYGLDPUdCLAYliRW7t7NFrlu57b4yAl1hDEKH66moa9JICainQv1bnXx4%2F5BR%2FLR%2FRlAOmjvq4loXPUEKIwlRyDmjd6yKzcipldc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190d9e9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.1.1.min.js Show response
clubtk.ru/_lib/js/ 85 KB
31 KB 31ms
29ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/_lib/js/jquery-3.1.1.min.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R38UPM25i555ZqGDihPkIWc1L49IG0dCuDqziiIIcaNsyC8iprpKxDbbKZAo%2FsVRCKGOXRo1uzloX4IHgNVxcwMt1xUCFQuVkngP1%2F5M2P39RPFglV8TPHe34jEwSP4vDjnAr5HEnJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190da09295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 autosize.min.js Show response
clubtk.ru/asset/new/js/ 3 KB
2 KB 28ms
27ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/js/autosize.min.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280df42702ec950d12b698c40b45c507fc362089f53eb8376d3152dc1d5898dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jul 2020 13:01:21 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEptOkPLKgB%2FJMHrpFtiKcAVO4XIGwgFy1q5%2FIJT2vqZJOLbPdBkwlDWDUbT3%2FHHS4loim4BZM%2Bk6PRmdwaDT611HSabZz%2BtAKN2zlnntf3JiZyERgzy2WRzNnq4TZvuEtsUXFJdbDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190da59295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.convform.min.js Show response
clubtk.ru/asset/new/js/ 11 KB
3 KB 24ms
24ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/js/jquery.convform.min.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d066642973cfd3fb512e9a8d4d5f66e4aeef9b7c57e444abd0519f990be895bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jul 2020 13:01:21 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqdDTVH6SXpUae0jKJF%2B3u%2FwAl9mQLwxJRtI5YcI8kDSmSf%2F%2Bk5Sojo9YKpFYQnTf2YKig5qQLFaMU8aFoPxjp%2BaiQb7qtVBqDR0OUVRg90xyiG3NCjEPdLAluxaKD3h7Zk9L23na0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190da89295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 scripts.js Show response
clubtk.ru/asset/new/js/ 17 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/js/scripts.js?v=23.11

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e0a81611dbd97453aa513f8bca64a259a09f9fef2e0e5a52e9ebd1c8680835

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Nov 2021 12:57:59 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkuXqvmvXaeGa4g3g9cvHNsmcqUAE0C%2FhJryDkOT0r10fkAywNAV5Xw13c91Lcretr2WRH3slD1sa6RI0jEiN20hTjUzTv9nBrXeyXcZj7fF%2FHGyNlkWNAiONIFaIgADKcuglJ9RvDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190dac9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 replacer.min.js Show response
clubtk.ru/asset/_vendor/textReplacer/dist/ 2 KB
1 KB 41ms
40ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/_vendor/textReplacer/dist/replacer.min.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb253b1a2ad563f95f955e58b510c4db563898f97f9f4b97394c3fb0712305d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Mar 2018 09:26:51 GMT
server: cloudflare
age: 1441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ForjD6Bu0q9Av7qGE8og%2BpRjtCf95rxcPl0bHOovKMIU5M79tAysy5JREy3DJ%2BdOdbbm1aS4krjVtvlJIX9s8u5S0fuZzsE4d4sBFs8TycXqXpm6ZLZo58uX%2FbqXE4dTnqxeBPIpuy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6190db09295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 360.js Show response
s.clickiocdn.com/t/217029/ 475 KB
151 KB 78ms
17ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/217029/360.js
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 0da2a536df41d0b4391251fb529172a0b80e5a91dfeb4f9dac82f527814381b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 09:16:40 GMT
server: nginx/1.16.0
etag: W/"620234f8-76ab1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: noneu
cache-control: max-age=1800
expires: Tue, 08 Feb 2022 18:55:08 GMT

GET
H2 200 common_402.js Show response
s.luxupcdnc.com/t/ 142 KB
59 KB 336ms
99ms Script
application/javascript 109.248.237.51
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.luxupcdnc.com/t/common_402.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.51 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

82d1c6ef57c714d658ae3d740e0313a0f957357895567b77d2623e6fa1abbd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jan 2022 14:09:50 GMT
server: nginx
etag: W/"61eeb32e-239ea"
strict-transport-security: max-age=0; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: noneu
cache-control: max-age=1800
expires: Tue, 08 Feb 2022 18:55:08 GMT

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

161 KB
43 KB

124ms
41ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d9b1a8482e3fc2b88c194ca315b565be318cbfd91430767caa0e6d026453baf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1644344708336747-12020057623121800274-man1-5103-0a8-man-l7-balancer-8080-BAL-3323
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 08 Feb 2022 19:25:08 GMT

Redirect headers

date: Tue, 08 Feb 2022 18:25:08 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H3 200 logo.png
clubtk.ru/asset/new/images/ 34 KB
35 KB 21ms
20ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/logo.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ddfbe11f183170816bb78fc786f134cf77fc27758fd1899c384ea3198ffa6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35029
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-88d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5Ov%2B0b%2FGuF2hmGdaGjvw1iRw%2FR15UHbMbUI8hW93YvbQUDOrl83SLbiVqHAqKZDsikWF2%2FeEI3XBOPoaOpoPX6T50UhCrgEI%2B2dNlxRB2LxcoVe7iQ6PCjMSK2LrRECTPGp%2FJ6X5X0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619afc1693a-FRA

GET
H3 200 Facebook.svg
clubtk.ru/asset/new/images/ 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/Facebook.svg

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7586f7ab804b8e4adb6eb507e45449323b757dcd51717ff27ffdf24efcba9f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1275
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 May 2017 10:51:22 GMT
server: cloudflare
etag: W/"5919882a-621"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piBKgjVdFn8HFLTyR8epDfdV%2FiSVSFTegiMEvd4EGqqB3vQhvGzgDELZBrBsfxzSVudfaOJU2%2BM%2BLBv20YTByNmL1wIz%2BQWaS%2BCCxfe2R6E6fs6Q%2FosaPXSxzqtdW6miQ3QriwVY8Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6da6e619afc4693a-FRA

GET
H3 200 VK.svg
clubtk.ru/asset/new/images/ 3 KB
2 KB 28ms
27ms Image
image/svg+xml 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/VK.svg

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a6ed55c9742395264cc45004e467a7c0dbac007b7436561f855747abe25b237

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1275
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 May 2017 10:51:22 GMT
server: cloudflare
etag: W/"5919882a-cb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ%2F3LI1ywb24Ul8XwXiWyCrfVwn23iIoy5DNqy4dm5TY1tcAsr2Eq6Wys%2FrbdymHdNNb1I51FiG9%2Fs1UJOJjQkdpmUXafCIBrTcuMAsn7SomCtV2NbCwzg5%2BnEzcvZKGfY4l%2FhzH5zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6da6e619afc5693a-FRA

GET
H3 200 OK.svg
clubtk.ru/asset/new/images/ 3 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/OK.svg

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4938e9f6d9110c8071ccfcce8d2cc55964f0e178fe415f9d6637c5b9bd20e567

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 May 2017 10:51:22 GMT
server: cloudflare
etag: W/"5919882a-a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNoZGKRswXzgAFWKLNYW1KEM4vgQtkO3oyGCgM2sSdrZutFtSzxBDO6MRoYd3IjBI%2Bm46rwN77aByz427vDg1WcGP2uppIXIzBbe7mnzgo59i0aRNq2eLYd%2FYqUa0cyQuHY9sAx0MyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6da6e619afc6693a-FRA

GET
H3 200 telegram.svg
clubtk.ru/asset/new/images/ 495 B
873 B 19ms
19ms Image
image/svg+xml 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/telegram.svg

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0cd58f6aa2f49130ec269a3a7063efb1f88f7ee033d44aa8c023c51e7cd4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Jun 2020 13:06:28 GMT
server: cloudflare
etag: W/"5ed8f1d4-1ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxlrESgibUf0JkYF3aWIJ7CKiWstxbbQCfe5AoKb36QgsO3RVk9kDASF0o762e0jyCQ5fHz1BP9n9emx6Cj%2BYcsxJI1bzW5322yNBmNxq6TBsdAyTv1Pxgxna%2FYN1y%2FjLIzVwU3vyfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6da6e619afc7693a-FRA

GET
H3 200 174medium.jpg
clubtk.ru/gallery/ 73 KB
74 KB 208ms
208ms Image
image/jpeg 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/gallery/174medium.jpg

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b8d93c688351291387d93010a1233030b7375ab22b07824f51277aa303e6ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74844
last-modified: Fri, 11 May 2018 10:55:40 GMT
server: cloudflare
etag: "5af576ac-1245c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5QC6wpqiJ9V47kRZOv7VXmNsubygeR86P4i8SfYuZaoO0g0aAc36znYVAZbGY%2FXblZ1%2FIIzyWg0rTp4ni56WprE1eztwKxH0IXkOp2IArSdjAFisLz2yx6uNtfBAlC9so%2F95yud6kE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619afc8693a-FRA

GET
H3 200 kp-pop-predl.png
clubtk.ru/asset/new/images/banner/ 36 KB
37 KB 23ms
22ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/banner/kp-pop-predl.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e319817ee044ccf539f6e7e5ead2c0eec1a17b9deb35f9c0878638f8b591ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37240
last-modified: Tue, 30 Mar 2021 12:54:03 GMT
server: cloudflare
etag: "60631f6b-9178"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qS6pzgvIFzOFLIXppNtz8JGE7%2F9NdwhzO3kUvxwQ9V2A95hwStAAzBWDbyY4K7NJY1CS0llOPeKoZbF06NuQEG2lDIg%2BmadZtKMKx2Jb1%2F6f043JYWG%2Bthya4xF0TAuXFh3oRZcY6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619afca693a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 72ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV9662

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31dc46a0ea82a724497327cffbec0e225cdf696443ee8ba53b6300d2efba5702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31087
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H3 200 Dropdown-compiled.js Show response
clubtk.ru/asset/_lib/SealDropdown/dist/ 2 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/_lib/SealDropdown/dist/Dropdown-compiled.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86dbdb075ccfb70fa9e67fabbf7ca5171a9aa5edd4afed7525dbb2fb0d108c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2017 13:15:13 GMT
server: cloudflare
age: 1621
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qw1O10aNsEQHVeF6upFZLJ0%2FsqjiEsVSejmsrhLWHvTXn0fgtC8wa7SOUu75lS8qbn5lpoGUls3oBCWeonxOIQY1uKsEBRI3r4GlMo%2B8zF7%2BsrqqJXqHaaJL13Cs60yiMtE3a%2BBLMd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=604800
cf-ray: 6da6e6195eeb693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 744B 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 24 B
150 B 61ms
17ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?f=__clADF__&rt=1644344708103&site_id=217029&title=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&r=
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: a5575f951eff80612d43a449ff223040bf3e0aafa3978ecfde8bc744199d4a89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: noneu
content-encoding: gzip
server: nginx/1.16.0
date: Tue, 08 Feb 2022 18:25:08 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 200 KB
80 KB 72ms
36ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87672f11c81113f1c7a429fddfe2fd1d1ade61da71e70574dc446ae09ca654c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32036
x-jsd-version: 1.220.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31f47-p4CQJCLZk0taHb211KPhupP4zw0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6da6e619efa45bfd-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3014
date: Tue, 08 Feb 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 08 Feb 2022 19:34:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxP.ttf
fonts.gstatic.com/s/roboto/v27/ 152 KB
94 KB 47ms
10ms Font
font/ttf 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu5mxP.ttf

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa2bd97f68c6cb9da0c5a212fcc0247d8a4f5757b276595ea1a3cce552937b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clubtk.ru/
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95631
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 20:31:27 GMT

GET
H3 200 bg-hr-council.png
clubtk.ru/asset/new/images/ 44 KB
45 KB 120ms
119ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/bg-hr-council.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/styleupd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9161d0351147df80eb95c13bf607df0d7fce53d4ee4688e4e84322721c529d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/asset/new/css/styleupd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45554
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-b1f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biu2xLw%2BIbaXp3TOHWWwwBLCL4nrmzUGC7xwLWRNAeuuXf3H4g94uaXpYeIHa240pTdvxMWUIxzU4CK2PNYXJuqqrGNCQJbUh6%2Fm0wk62hTT%2BD6ORDkSLv8O7SCiKGGz41ZwO%2FRLhu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619bffe693a-FRA

GET
H3 200 HelveticaNeueCyr-Medium.otf
clubtk.ru/asset/new/fonts/ 26 KB
26 KB 22ms
22ms Font
application/octet-stream 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/fonts/HelveticaNeueCyr-Medium.otf

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b29256b6298af6198217f3a09f724fcdcb6216cc25a355052c663647bd8fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://clubtk.ru/asset/new/css/style.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26204
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-665c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S%2FDlrLu5%2FT5P3Lf0LnNgEFbtH0nUhA2G9VOZWzCW1Mlp7CpEGgI5Lk%2BjZ9xwRi6%2FwyPOm3sw3BGdMlgkEK%2BndfPtrl7SB8%2Bvk1VkjY8RZlvc8bII8rgWb09G9BmiWkosPLJ4b6R4Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619b804693a-FRA

GET
H3 200 fontawesome-webfont.woff2
clubtk.ru/_lib/font-awesome-4.7.0/fonts/ 75 KB
76 KB 29ms
29ms Font
application/octet-stream 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/_lib/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/_lib/font-awesome-4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://clubtk.ru/_lib/font-awesome-4.7.0/css/font-awesome.min.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkW0BZhB00DIMsOnuBrlKO7G3dy7NaLJnFMX1poCyM5QGWKvEBPNnIkPp0OdmcqjshxSUBUlkNxKK3kdTmNarndavmocOQ%2B%2FTKCk3mjXrf28R3Ay3%2B6mueecFwSXx%2BGtNSulseIbhHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619b807693a-FRA

GET
H3 404 HelveticaNeueCyr-Bold.woff
clubtk.ru/asset/_src/ip/tinkoff/fonts/ 0
0 134ms
134ms Font
text/html 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clubtk.ru/asset/_src/ip/tinkoff/fonts/HelveticaNeueCyr-Bold.woff
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/profstandard.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://clubtk.ru/asset/new/css/profstandard.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl73LtwNfLBZ0DPAGBGvodIjSp5UUuv3dmawKx0BWdxRdgOe3cnZ9YDBfX9My7IZ%2B48NkiZbffB5Z64BFdyMHrqowIjzXA7F%2Burd67302TaGRqQJFti2eecMGngzLIUhUpp5eNKc87s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 6da6e619b80b693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 HelveticaNeueCyr-Light.otf
clubtk.ru/asset/new/fonts/ 25 KB
26 KB 41ms
40ms Font
application/octet-stream 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/fonts/HelveticaNeueCyr-Light.otf

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86b3c1d90ceeabf22a57bf6a6b2acf0fa5003942f1745fbf84f7a51bf86725d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://clubtk.ru/asset/new/css/style.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26060
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-65cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmrTaEPw72Y1SPeW%2BnFg6NTwFtIfeWgz5JHfZmWY%2FuCTsAAHegpCdvleZ0mCept0khIGad%2BiRCpi6l7TtELrrZ7etaZK%2BiY037C35GY53ZElwGeZPJ4xwm%2BXu3nUZdDIARtWthFFgVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e619b80e693a-FRA

GET
H3 200 icon-form-expert-3.png
clubtk.ru/asset/new/images/ 540 B
1 KB 24ms
21ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/icon-form-expert-3.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/styleupd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648c2b6b4a2b1fa4bfac1a285e322794fc438557b6c7370badff4bedb37ce80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/asset/new/css/styleupd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 540
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-21c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpn3j6wkS7J9HtQBlR172ARsWB1t9RPMcy2wqu0TCsICZXjx0Zf0IrwSxayxwB67h9Da0f1tfQOy1%2BA1hNCWlIMAdpKD1TNdY%2F8RWWQrXDf8sRY5GZowfoORD9GXo3mzt8skDOuQwPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e61a28ea693a-FRA

GET
H3 200 icon-form-expert-2.png
clubtk.ru/asset/new/images/ 382 B
938 B 18ms
15ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/icon-form-expert-2.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/styleupd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3d313793a337db14530a06cd3b3b3ddfb5019bf325ade31f997764aef9e91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/asset/new/css/styleupd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-17e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hixOtV8VOyUGiKyg8cKe933PlQbsRJv6daYkoDdhX9Xd9%2BNOVPIMgnDAXsGQCNjGEtYAC8v2w9wJdXQEU2y4TbIs%2FH8Cu29etReHXjRb96TxbvA55QLHXs%2BGUFkbIFzBjTtZTl2LeH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e61a28ed693a-FRA

GET
H3 200 icon-form-expert-1.png
clubtk.ru/asset/new/images/ 414 B
971 B 22ms
19ms Image
image/png 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clubtk.ru/asset/new/images/icon-form-expert-1.png

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/styleupd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8406e5b18a2648d1fe474b7238b2b26fbb69c4ef3100916d4de3a7b6cf3c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/asset/new/css/styleupd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 414
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-19e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLHcIGibd3G1EGp6qgx0e%2Bb17lrtt670lNXl9OAY3Mog%2F0YN7cTxUyvCaS77UhOiOcfYtmWFiqdYeUGmMlxKx%2BQiaj8uPzMjNu9P28FjTGj8FxUgYwLmXl86Cyj5qL84%2B%2FrT5dBUskc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e61a28ee693a-FRA

POST
H3 200 q0ge.json Show response
newrrb.bid/ 59 B
563 B 86ms
69ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/q0ge.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/q0ge.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65b56681a9507cb73275cb51d3dc9be1bf82644282f07d8a1da1699b5ae2638

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OXNdExxWYzcWywHl9xxBya1zB%2FX17OGt%2F5%2BwXr6B78%2BUfNVpbdwFKYSEfa6DYwHGFMjSjXI6g1BGc881hg8fET4IFU3gTE8OogcqlmHxWfeMSHBzirB3ZPLXaIVeZEQT4xQeE1wpLI2"}],"group":"cf-nel","max_age":604800}
cf-ray: 6da6e61a5ef35bed-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 q0ge.json Show response
newrrb.bid/ 289 B
711 B 75ms
64ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/q0ge.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/q0ge.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7471ff8cdba5f40fa9613a15200afc75f8a92c1a1ee1d427ee8e9ba3ae4a7168

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46gKKZdTsYkkT0PXaZoHpQ4d8yEEowTf4JiCh3OrI%2BnYLOH5FmVwGQ0%2Ffw8IXdAdTdjpDhPBb1kbcbLUaNKtnwwLPr3AWrUUh3S48zkjBUr9aDxhqbsvQSQqc2qqVq65I3EuXQ1I776L"}],"group":"cf-nel","max_age":604800}
cf-ray: 6da6e61a5ef55bed-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

275 KB
75 KB

61ms
43ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d953b6056c1a91f47af210182f497c4820c053af484aa4c393b89c7032123a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1644344708337048-4782854825876574509-man1-5103-0a8-man-l7-balancer-8080-BAL-1090
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 08 Feb 2022 19:25:08 GMT

Redirect headers

date: Tue, 08 Feb 2022 18:25:08 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=7792979&t=pageview&_s=1&dl=https%3A%2F%2Fclubtk.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1297246340&gjid=412481195&cid=572091537.1644344708&tid=UA-78165731-1&_gid=197868988.1644344708&_r=1&_slc=1&z=411358107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=7792979&t=pageview&_s=1&dl=https%3A%2F%2Fclubtk.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=722491813&gjid=634408069&cid=572091537.1644344708&tid=UA-56589716-2&_gid=197868988.1644344708&_r=1&_slc=1&z=270393940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

167 B
202 B

34ms
33ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A0%3Als%3A991235763048%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A135770549%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Ast%3A1644344708&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

850b9430a248bbefc7affe93336158e1dd4b6c7c206595952efd09216b7d47cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 08-Feb-2022 18:25:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
last-modified: Tue, 08-Feb-2022 18:25:08 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A0%3Als%3A991235763048%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A135770549%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Ast%3A1644344708&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:08 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/37512210/
Redirect Chain

https://mc.yandex.ru/watch/37512210?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/37512210/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

385 B
467 B

33ms
33ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37512210/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A267444791443%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A477341109%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644344708%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ddec94c56881fbb4b535dab2bc3b68aa9925144c64fdbee65c14a5d85190a2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 08-Feb-2022 18:25:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 385
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
last-modified: Tue, 08-Feb-2022 18:25:08 GMT
location: /watch/37512210/1?wmode=7&page-url=https%3A%2F%2Fclubtk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A267444791443%3Ahid%3A212069101%3Az%3A0%3Ai%3A20220208182508%3Aet%3A1644344708%3Ac%3A1%3Arn%3A477341109%3Arqn%3A1%3Au%3A164434470857487272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644344707659%3Ads%3A11%2C20%2C284%2C51%2C0%2C0%2C%2C158%2C0%2C%2C%2C%2C525%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644344708%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:08 GMT

GET
H3 404 HelveticaNeueCyr-Bold.ttf
clubtk.ru/asset/_src/ip/tinkoff/fonts/ 0
0 134ms
133ms Font
text/html 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clubtk.ru/asset/_src/ip/tinkoff/fonts/HelveticaNeueCyr-Bold.ttf
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/profstandard.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://clubtk.ru/asset/new/css/profstandard.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMq3E6tu9EcjCTwiwb6ha0NQlT%2Bez6wbaIcbvRUdRklxlPG5hfvVeArTa%2FW1INhJi3Rs85WDuJQzsuYGpfUdg7ve7U6nHdjTx%2FgYQkhAAMXXV8ABg%2BPjvuhOaPZvUvfgJTpIzUIGHyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 6da6e61ada84693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
185 B 84ms
34ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
last-modified: Mon, 07 Feb 2022 09:29:50 GMT
etag: "6200bc5e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 19:25:08 GMT

POST
H3 200 q0ge.json Show response
newrrb.bid/ 59 B
563 B 67ms
67ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/q0ge.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/q0ge.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ce4e45e190285912fb654c7a5bba594e3559b5c50b43298a4e6784d4e80734

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htEE1CsFa1dPpqfduX9U3eRVFUZJjkzsGUG1Y0tJkvls%2Bb55DbwzDnqrj%2Frjpf8XLHYqxGEUJQyGzWLr3eJrcWQ8zTf7u2pJF%2FOBK6%2FeTiAM3xmlKPb1Q1W%2Bw8lrfnr5p0IqZG14HwSN"}],"group":"cf-nel","max_age":604800}
cf-ray: 6da6e61af8875bed-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 215ms
84ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 08 Feb 2022 19:25:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: T9wBoALsooenM5p+AcMJAXadq7jZSnkDJL69n5cGnSTUeg96UdB6HpDCOCnhB2edjngZ8pYxcsCLU97tPeXOoQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 08 Feb 2022 18:25:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 530356483828553 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 74ms
64ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/530356483828553?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c927cda8b9e349d6ce8fde18756926485248ddfb99e097438289d44d15b196f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: yHrZIJALCPoXgvtR5y1CL7txKz34HLKS5E5TI4PWHnVFbvLZSQ1nPkSsJvUeHdWCuHafuNVciiiXMPdARZDX5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 08 Feb 2022 18:25:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
271 B 318ms
47ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

20f775a7967786392f3627dbc255ba2e57fd96194e6836a4b7adef370b2ad7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://clubtk.ru
date: Tue, 08 Feb 2022 18:25:08 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 165ms
53ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53694&event=called

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 168ms
58ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53694&event=sent&bidder=mytarget

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
332 B 272ms
78ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Feb 2022 18:25:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 164ms
55ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53694&event=sent&bidder=betweendigital

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
914 B 384ms
215ms XHR
application/json 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 167ms
59ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?headerBidding=53694&event=sent&bidder=buzzoola

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
313 B

53ms
53ms

XHR
text/plain

116.202.236.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Server: 116.202.236.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.171.236.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Tue, 08 Feb 2022 18:25:08 GMT
server: nginx
access-control-allow-origin: https://clubtk.ru
etag: W/"81ee1a620595a27ff964a42b533cb5619cc465f20d31edaebb85007d67b1239a"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9543.lx4L5cpX9x2JjsItGOthIE68BnqeCjwEhRLq28yeGINtYsfGFcLb4_aa3wQJsile.xKuRmXjk7mXIpkYbPvPMCPPr_dU%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9543.wuNPEZEW_rZrKm4GlbK4ToP5KlXjBU8CvEbvNMSkpHQ5FFuIH5sbm8mbDIrLddbATa4mn8jN0JGCStEvPy-vPhACnCCed8jvRRKfBJLClJI%2C.xyZsX-PzBFKRhUr_9_NkUNu8_Y...

43 B
359 B

61ms
61ms

Image
image/gif

154.47.36.88
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9543.wuNPEZEW_rZrKm4GlbK4ToP5KlXjBU8CvEbvNMSkpHQ5FFuIH5sbm8mbDIrLddbATa4mn8jN0JGCStEvPy-vPhACnCCed8jvRRKfBJLClJI%2C.xyZsX-PzBFKRhUr_9_NkUNu8_YM%2C

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

154.47.36.88 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9543.wuNPEZEW_rZrKm4GlbK4ToP5KlXjBU8CvEbvNMSkpHQ5FFuIH5sbm8mbDIrLddbATa4mn8jN0JGCStEvPy-vPhACnCCed8jvRRKfBJLClJI%2C.xyZsX-PzBFKRhUr_9_NkUNu8_YM%2C
date: Tue, 08 Feb 2022 18:25:08 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 HelveticaNeueCyr-Bold.otf
clubtk.ru/asset/new/fonts/ 26 KB
26 KB 16ms
15ms Font
application/octet-stream 2606:4700:3034::ac43:d66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clubtk.ru/asset/new/fonts/HelveticaNeueCyr-Bold.otf

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/asset/new/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:d66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c7858253e18f868366e2c2ef98f5cb941e920626ecab52588a5d33f12dc068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://clubtk.ru/asset/new/css/style.css
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26420
last-modified: Tue, 31 Jan 2017 13:58:43 GMT
server: cloudflare
etag: "58909813-6734"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfKbol7jB0JUH3RLU%2BKV89HF7k1vSZ9Si7GxvUwNOGSvCbQ9SBp5YUj%2B4FEHiAz4lODbAFgdxCAFHOqwtXcFQYslZDIFEnxpTgK4dXpg%2Boevn3YCgy%2BUUWjHuZfAkacgG6v2yqDCLHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6da6e61bcce0693a-FRA

GET
H2 200 8d017de069edfdf02468.js Show response
yastatic.net/partner-code-bundles/53786/ 13 KB
5 KB 117ms
50ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53786/8d017de069edfdf02468.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e9ccae21c9c786ab22e6d80ec4e8d777851bb2d2c10ddbcbd2ad4889acea5408

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://clubtk.ru/
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4458
last-modified: Mon, 07 Feb 2022 17:20:04 GMT
server: nginx/1.17.9
etag: "7210deabf7694583d29cd38d9cffbd4d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2052 01:00:31 GMT

GET
H2 200 2c01675ff9d918a8b4ec.js Show response
yastatic.net/partner-code-bundles/53786/ 80 KB
17 KB 142ms
75ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53786/2c01675ff9d918a8b4ec.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9e7e0770ee26ec372a696e60a1af8cd8f2bccfd7ad058f46d8cb23bda184da35

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://clubtk.ru/
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16996
last-modified: Mon, 07 Feb 2022 17:20:04 GMT
server: nginx/1.17.9
etag: "cc93d045ea553c02ea2c89712ebda30b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2052 01:00:32 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 196ms
130ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://clubtk.ru/
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2052 00:59:44 GMT

GET
H2 200 e9d33d26532a0ab86f13.js Show response
yastatic.net/partner-code-bundles/53786/ 596 KB
122 KB 156ms
94ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53786/e9d33d26532a0ab86f13.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e4f39bd4612a53530524a8ffeb5aea002e599904546a257be7a38fb407300f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://clubtk.ru/
Origin: https://clubtk.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 123850
last-modified: Mon, 07 Feb 2022 17:20:05 GMT
server: nginx/1.17.9
etag: "4f5df42bde59a330190ca6291c9b6760"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2052 01:00:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 32ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=530356483828553&ev=PageView&dl=https%3A%2F%2Fclubtk.ru%2F&rl=&if=false&ts=1644344708493&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644344708492.828432591&it=1644344708366&coo=false&rqm=GET

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b127650c9dc78b2499a880e60ef12f01885334a15c0d67f2e00ba9a3f13e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
server: sffe
etag: "1125 / 376 of 1000 / last-modified: 1644340328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H2 200 / Show response
luxupcdnc.com/hbadx/ 46 B
157 B 157ms
45ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/hbadx/?ex=1&f=__lxG__.tmp.pol_2ii35eqiz4fwfvbt&rt=470861088&site_id=217029&title=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A&l=https%3A%2F%2Fclubtk.ru%2F
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: bcf27f275181b4c4a2addf9b5e5a0f29d196a59a3d50cdfa91c64667e4ec92fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=ISO-8859-1

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
995 B 40ms
40ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2809594;u=https%3A//clubtk.ru/;st=1644344708184;title=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=1c9ac5894e03e7b2;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1644344708678%3A1644344708688%3A1%3A2f3975396592b0369a3400d1ed95f44c;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.6955757589245419

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://clubtk.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://clubtk.ru
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
996 B 40ms
40ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2809594;u=https%3A//clubtk.ru/;st=1644344708184;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=1c9ac5894e03e7b2;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1644344708678%3A1644344708692%3A2%3A2f3975396592b0369a3400d1ed95f44c;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.24380831462787755;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://clubtk.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://clubtk.ru
access-control-allow-headers: *

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
995 B 41ms
41ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3084080;u=https%3A//clubtk.ru/;st=1644344708184;title=%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=1c9ac5894e03e7b2;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1644344708678%3A1644344708694%3A3%3A2f3975396592b0369a3400d1ed95f44c;opts=sec%2Cdl%2Cjst-gtag-ga-ym;visible=true;_=0.8128212703975481

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://clubtk.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://clubtk.ru
access-control-allow-headers: *

GET
H/1.1 200
OK /
ad.mail.ru/retarget/ 43 B
384 B 60ms
52ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/retarget/?counter=2809594&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.9241293911654325
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:08 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
H2 200 pubads_impl_2022020301.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
120 KB 55ms
9ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 16:24:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122037
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 16:24:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
701 B 58ms
14ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=clubtk.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

68935f9901e7d3657cf5ae1e4767f363ce5efcb91c5e4223b8a05c4424e61f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
174 B 47ms
46ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=0&ses_id=0o01p99sbkjonwz470859461&area_id=665310&type=base&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470874568
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e424d01a06d493c4849aa260ebb24b85414ff9f294ddd8853b1961a338f104d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
176 B 46ms
44ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=0&ses_id=0o01p99sbkjonwz470859461&area_id=665399&type=base&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470874518
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fb87c8e0905fae9f6853ab31adf82aefa8e1764280368a03dcbaaa23c6663552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
174 B 46ms
45ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=1&ses_id=0o01p99sbkjonwz470859461&area_id=685197&type=dfp&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470874523
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dda3cf062e7c8b44b9b3496bf9b154fc0f5dd8050d36502bbed7370e46f50007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
174 B 46ms
45ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=1&ses_id=0o01p99sbkjonwz470859461&area_id=685196&type=dfp&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470874569
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b19ea76154ac139f43a9965a0fa8851715dd2ecb834f74c4b0395c99b368b6fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: nginx
content-type: text/html

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
693 B 68ms
19ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:08 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7fdfcbf6-0c6e-4eca-a556-1b061f069057
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 171ms
132ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1217840&size_id=9&rp_schain=1.0,1!clickio.com,141408,1,,,&rf=https%3A%2F%2Fclubtk.ru%2F&tk_flint=pbjs_lite_v4.43.0&x_source.tid=aec54504-ebee-4f4a-abd7-e57dff33656c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34443785731915333
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9c03062ad374cdb8ca61fd233149376328ea9d5d679f5897ed45188134166c01

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:08 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 1769
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 135ms
96ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1217840&size_id=9&rp_schain=1.0,1!clickio.com,141408,1,,,&rf=https%3A%2F%2Fclubtk.ru%2F&tk_flint=pbjs_lite_v4.43.0&x_source.tid=66115e62-8848-4547-b777-120ff6dd1394&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7598407311564719
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 779248262daaa5e5089d1a492f0dcfa889c9f5ee6432c891e45c509f51e8179f

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 107ms
69ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1217840&size_id=9&rp_schain=1.0,1!clickio.com,141408,1,,,&rf=https%3A%2F%2Fclubtk.ru%2F&tk_flint=pbjs_lite_v4.43.0&x_source.tid=4b7f8759-cc6a-454e-b671-0c0ea11eee41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3225990274157531
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e190709cbfb1fcaa70c65984687a19dc3dd6deccc92184e78ca09f47966fc225

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 140ms
102ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1217840&size_id=9&rp_schain=1.0,1!clickio.com,141408,1,,,&rf=https%3A%2F%2Fclubtk.ru%2F&tk_flint=pbjs_lite_v4.43.0&x_source.tid=9ce33a00-b5f0-49e1-a9f7-f1a987d998ec&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6857891379015504
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9bc6d68e05d2566edbff83588163e9dd1b21d8b048d98271bf11ca5234a39988

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://clubtk.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
prebid-bidder.rutarget.ru/ 11 B
720 B 364ms
96ms XHR
application/json 80.64.106.153
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-bidder.rutarget.ru/bid
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.153 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr8.rutarget.ru
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: https://clubtk.ru
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name,Authorization
Content-Length: 11

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
905 B 168ms
167ms XHR
application/json 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
343 B 360ms
97ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clubtk.ru
date: Tue, 08 Feb 2022 18:25:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 53ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=86943362062

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://clubtk.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
499 B 40ms
11ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2224acaaff-9ab4-4a15-bc48-ebbb62521b34%22},%22__sds_id__%22:%22fatwenac0w%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[160,600]]}},%22adUnitCode%22:%22/45470634,22475814518/clickio_area_685197_160x600__0__ovjtayu234duhw8%22,%22transactionId%22:%22aec54504-ebee-4f4a-abd7-e57dff33656c%22,%22sizes%22:[[160,600]],%22bidId%22:%222934715e5b1491e%22,%22bidderRequestId%22:%22286203bd0e698cc%22,%22auctionId%22:%229e92d0eb-bf97-4ca1-8a51-00583ab6624f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22141408%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%22175266D9-3D75-4E39-BF34-591AE4674EBB%22},%22__sds_id__%22:%22bgesi1dbvk%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[160,600]]}},%22adUnitCode%22:%22/45470634,22475814518/clickio_area_685197_160x600__2__ovjtayu234duhw8%22,%22transactionId%22:%2266115e62-8848-4547-b777-120ff6dd1394%22,%22sizes%22:[[160,600]],%22bidId%22:%2230e819357cd7fa3%22,%22bidderRequestId%22:%22286203bd0e698cc%22,%22auctionId%22:%229e92d0eb-bf97-4ca1-8a51-00583ab6624f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22141408%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2246D3D88F-E2A8-41CA-A0F2-71F19239693C%22},%22__sds_id__%22:%22yyzbxr20kw%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[160,600]]}},%22adUnitCode%22:%22/45470634,22475814518/clickio_area_685197_160x600__3__ovjtayu234duhw8%22,%22transactionId%22:%224b7f8759-cc6a-454e-b671-0c0ea11eee41%22,%22sizes%22:[[160,600]],%22bidId%22:%2231d26e9c1c0d326%22,%22bidderRequestId%22:%22286203bd0e698cc%22,%22auctionId%22:%229e92d0eb-bf97-4ca1-8a51-00583ab6624f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22141408%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2273352D50-9C38-4E1C-8A5F-2A07D1C52AD3%22},%22__sds_id__%22:%22enbl0djngw%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[160,600]]}},%22adUnitCode%22:%22/45470634,22475814518/clickio_area_685197_160x600__4__ovjtayu234duhw8%22,%22transactionId%22:%229ce33a00-b5f0-49e1-a9f7-f1a987d998ec%22,%22sizes%22:[[160,600]],%22bidId%22:%22322b1dd822d4d89%22,%22bidderRequestId%22:%22286203bd0e698cc%22,%22auctionId%22:%229e92d0eb-bf97-4ca1-8a51-00583ab6624f%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22141408%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fclubtk.ru%2F%22}

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Feb 2022 18:25:08 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://clubtk.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
297 B 272ms
13ms XHR
application/javascript 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=0&w=160&h=600&s=261&bidid=34c9a067a676cea&transactionid=aec54504-ebee-4f4a-abd7-e57dff33656c&auctionid=9e92d0eb-bf97-4ca1-8a51-00583ab6624f&bidfloor=0
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: nginx/1.17.10
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
296 B 285ms
25ms XHR
application/javascript 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=0&w=160&h=600&s=261&bidid=357f28cd0e1c063&transactionid=66115e62-8848-4547-b777-120ff6dd1394&auctionid=9e92d0eb-bf97-4ca1-8a51-00583ab6624f&bidfloor=0
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: nginx/1.17.10
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
297 B 272ms
13ms XHR
application/javascript 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=0&w=160&h=600&s=261&bidid=36c29670e83d023&transactionid=4b7f8759-cc6a-454e-b671-0c0ea11eee41&auctionid=9e92d0eb-bf97-4ca1-8a51-00583ab6624f&bidfloor=0
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: nginx/1.17.10
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
296 B 284ms
26ms XHR
application/javascript 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=0&w=160&h=600&s=261&bidid=3708d1ad6ade9cc&transactionid=9ce33a00-b5f0-49e1-a9f7-f1a987d998ec&auctionid=9e92d0eb-bf97-4ca1-8a51-00583ab6624f&bidfloor=0
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: nginx/1.17.10
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2 200 arj Show response
alz-d.openx.net/w/1.0/ 72 B
374 B 76ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://alz-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fclubtk.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aec54504-ebee-4f4a-abd7-e57dff33656c%2C66115e62-8848-4547-b777-120ff6dd1394%2C4b7f8759-cc6a-454e-b671-0c0ea11eee41%2C9ce33a00-b5f0-49e1-a9f7-f1a987d998ec&nocache=1644344708802&schain=1.0%2C1!clickio.com%2C141408%2C1%2C%2C%2C&aus=160x600%7C160x600%7C160x600%7C160x600&divids=%252F45470634%252C22475814518%252Fclickio_area_685197_160x600__0__ovjtayu234duhw8%2C%252F45470634%252C22475814518%252Fclickio_area_685197_160x600__2__ovjtayu234duhw8%2C%252F45470634%252C22475814518%252Fclickio_area_685197_160x600__3__ovjtayu234duhw8%2C%252F45470634%252C22475814518%252Fclickio_area_685197_160x600__4__ovjtayu234duhw8&aucs=%2C%2C%2C&auid=541122777%2C541122777%2C541122777%2C541122777
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 201d44608008afec1bd94c726d1e4b03125dd1314a3cbf0aa68377fe03930948

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://clubtk.ru
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 56ms
26ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clubtk.ru
date: Tue, 08 Feb 2022 18:25:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3 200 q0ge.json Show response
newrrb.bid/ 59 B
565 B 84ms
84ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/q0ge.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/q0ge.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed0030282d1c136850c25c421a2f06705b8f61140d84d9d35a47004fef4ac9b

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n46XVr1cQJNYGhknaF8p6vabBBCSu5AkUvVEfeBKqYg8%2F%2FosLTY4tQ%2BuwsUIUknEMQmciL9cea5KFt7nGRz1%2BkGtoQRpdZOTCIcMT6KwPUzrXSaB%2BB%2FoaYwt0whDNKo7P%2B9bRDt6zEFY"}],"group":"cf-nel","max_age":604800}
cf-ray: 6da6e61e89b65bed-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
909 B 40ms
40ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2809594;u=https%3A//clubtk.ru/;st=1644344708184;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=1c9ac5894e03e7b2;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1644344707659/////0/1/11/11/31/18/31/315/366/318/525/525/525/1219/1219/;ni=10//4g/0/0/;lvid=1644344708678%3A1644344708880%3A4%3A2f3975396592b0369a3400d1ed95f44c;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.14039855998002881;e=RT/load;et=1644344708879

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://clubtk.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://clubtk.ru
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
910 B 40ms
40ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3084080;u=https%3A//clubtk.ru/;st=1644344708184;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=1c9ac5894e03e7b2;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1644344707659/////0/1/11/11/31/18/31/315/366/318/525/525/525/1219/1219/;ni=10//4g/0/0/;lvid=1644344708678%3A1644344708881%3A5%3A2f3975396592b0369a3400d1ed95f44c;opts=sec%2Cdl%2Cjst-gtag-ga-ym;visible=true;_=0.9504245129648112;e=RT/load;et=1644344708879

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 18:25:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://clubtk.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://clubtk.ru
access-control-allow-headers: *

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 80ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=clubtk.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=clubtk.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 505ms
484ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=826903163449548&correlator=351006999035819&output=ldjh&impl=fif&eid=31061167&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=45470634%3A22475814518%2Cclickio_area_685197_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&prev_scp=autorefresh%3D30_sec%26hb_adid%3D484e73d57d2f3ba%26hb_pb%3D0.02%26smart_position%3D1%26unit_type%3Dsticky%26ar_imp%3D0&cust_params=adm_lazy_load%3D0%26adm_lazy_load_var%3D0%26adm_lazy_load_dev%3D0d&cookie_enabled=1&bc=31&abxe=1&dt=1644344709187&lmt=1644344709&dlt=1644344707977&idt=888&frm=20&biw=1600&bih=1200&oid=2&adxs=114&adys=20&adks=413566079&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fclubtk.ru%2F&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&ga_vid=572091537.1644344708&ga_sid=1644344709&ga_hid=7792979&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3784d9ef8be9443daebcbfd5e292b4760b4fadd6620f1364fc15acef35aab73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8597
x-xss-protection: 0
google-lineitem-id: 4585344376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138228464781
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 261ms
241ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=826903163449548&correlator=351006999035819&output=ldjh&impl=fif&eid=31061167&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=45470634%3A22475814518%2Cclickio_area_685197_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&prev_scp=autorefresh%3D30_sec%26smart_position%3D2%26unit_type%3Dsticky%26ar_imp%3D0&cust_params=adm_lazy_load%3D0%26adm_lazy_load_var%3D0%26adm_lazy_load_dev%3D0d&cookie_enabled=1&bc=31&abxe=1&dt=1644344709193&lmt=1644344709&dlt=1644344707977&idt=888&frm=20&biw=1600&bih=1200&oid=2&adxs=1326&adys=20&adks=2309556866&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fclubtk.ru%2F&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&ga_vid=572091537.1644344708&ga_sid=1644344709&ga_hid=7792979&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

11af8efe38f23019be40d67ecf68dc13846e9ec90a3c9ac19efd8fd7e9b1fb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8245
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://clubtk.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 76ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaba650ae333c365907d7c87c3e08430f81c24ea4dd7a2718ae36762daca38e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9966
x-xss-protection: 0

GET
H2 200 container.html Show response
5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1EE5 6 KB
4 KB 82ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Feb 2022 18:25:09 GMT
expires: Wed, 08 Feb 2023 18:25:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
176 B 46ms
46ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=2&ses_id=0o01p99sbkjonwz470859461&area_id=685197&policy=ok&sub_id=1&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470920734
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b2ca6ebe1d10aeb3383716f6ea2baff44e87cb7caacce3071f0049dcf7cc2764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/ 83 B
174 B 44ms
43ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/?step=2&ses_id=0o01p99sbkjonwz470859461&area_id=685197&policy=ok&sub_id=2&f=__lxG__.tmp.rot_fp5si4zhgwg069gz&rt=470920727
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 49b465b279760df3bdd9793bb87112114c113cef7af5aa91cddf0686779f4ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 123ms
83ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C125 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 15:04:06 GMT
expires: Wed, 08 Feb 2023 15:04:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 12063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E3CF 783 B
1 KB 39ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

871ad2791ccea800ce4a58f0bd150b98b6aeeb1020c405db58e91d8198e19b84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-12mFS905SaV7yuyCCsgkCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Feb 2022 18:25:09 GMT
date: Tue, 08 Feb 2022 18:25:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-12mFS905SaV7yuyCCsgkCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js Show response
pagead2.googlesyndication.com/bg/ Frame C125 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:38:43 GMT

GET
H3 200 container.html Show response
5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6BC 6 KB
3 KB 34ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 18:25:09 GMT
expires: Wed, 08 Feb 2023 18:25:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E3CF 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=826903163449548&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 09F7 624 B
746 B 20ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGL_o854BMAE&v=APEucNU7OIauMxwp6Epf4R54i5yk5GtJ-ei6Tp_f_YR7xQMyk9RH6BZH67W3Wd9-UWGphNMn4JjY7y6qxgKP1jSIGPt0ZzkUmWbmvxhe15-KkAvxBS0T4LUzLV6uW_x61Funkk9O4dubLcoc9cuOjiRKguOJnTGoVm8FJNlZTy84NsIzGa3yy1E

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 08 Feb 2022 18:25:09 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F6BC 74 KB
32 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5rX_6RuSSfGKlJzVa_XrNG_FLqTznT863tJQmzdGKpI-h_tT5UXbVzQdjqGZXVxH5jb8urd5BlKlMp8ZlNeSnKTyTz6TwjyIyvKNOJ84dgCsSi4IMguH7yYw7kUd4x_lYfGRKiLR_kpK8nNqr91xWTTPPjg&dbm_d=AKAmf-Ai_ljsr2FRQev9qha0sla1FX5bR-8ZV2IUqiXLPlekTyJjxtlnm7zNA-GYhbfFaj4eoXTesnCtwGr4hmj9hHuOZEpP-bmFtDgQilQ8XSYfBgHNi7Vok_PbWp886ibU6LF4rfJfCQSZw1vY67pxmuGIWS62To4rtXr0Y85qUX5UOlo_13lX2EJvnf_HKglzgGJ_-yRd2NLB5A1rPu5_dkBr3hOY762I4HKvGe_q84aYnyAVm3Bg9TdFjyXCrpMdWEGuY4aBaDYwvGQDBwzYNxB2LLU-y8ef7FwUJ3EvSk6ntkCCcLDtPOkb4E7QhOrSE3ZAg0Yu0TXqv35sf6E-Fdr2qnRCg6a3h1NmNtUUWJ7W0MjL8Jji5lsFjG0MciK88K7NYAzPhTxzVkh9Upcl-N7TnpU3i9L3yu61bsG5hScJ9CTRwfp0d7wbmEcO2Ebrj3ze2J1h1y3U8iDdOIYJUqOoiOXNr0w0BEe17CMr46gslP-AUIdZf3E91k91Pv3viYP_c8Fa8qa98rlbKEEH8BN7579KxCMoxXsU32Mzs1em4gBUT-EOts7rMJHl4KHdTFDyWKSbxcZGFSRFRfLaoU8peIZzIX37LiaFwEDAB18Az2rvPF7Y0zJgUxo_0VbRWoHgpWYsuSXhqoiriW-BQzrkt2hY9uB1pUtc3CE925DoLTnCzM6rFCG69CQPneb5eWfsAFgEsnzMNHw2TIL6qtn4ATJvT5C4mnaOcxcEL6bHbkA-iwHA53sTmjO5aNis5KmKmm4pK6jwC3nBGCuxRD3xkLPX8O6uZDrR5L0BgHTJdwtBoMKfPn8c-duYaFUoyoGfAdf25dduPlSoPnnkswXsl7er_oi7L_9mXJz_ABsElWLioaPDr7CNrcfgqgDttSJMFLdRpkgcdc3nydGPJyv2YBEtZx61tDCJseKNR8cMREcnu1sPyPrPuYYiaH0TSP_PK1kNrF1MMyUO-VbnaBPV188txX-KXAwvzBmxye3GvYMYXZGExVp3EjwBXvLFf83ddcSBLHJv3r239-TB8PMKarp803wPuEjEpdJRNlmQ4vvn6hEmY7eF6ZEUqmjI9pwjEUdEs0Fei36f_Kq8CEb-YKRyRKBmgVik0Na3iQAoz3ZsNhOm9lxZk3V36t9Ie8BpN4BNf6kF4qwk36HFIWqSc9Bdr5f9P3NjEjs75nSFJ7Ujn8pynWee7mVuwFTiepQJDadT3FvJNas3wLHtz6geq84Dxm0Q6PZsJcW3wkFEM2QVqacRfu_-03rQU6jkeQ4cHc25ieSROmJ-F0PUc0tlO6dOkhxAaB5a_ylkyhGA75hRf-hXynLtpXTvYN1h6t6QdFNI_HpJOBE4VTJF2EBNzaZnMLqxv9QEGyGggAW4X1iZ9gbvAAZygNOp0YYRGFBo8CKECw3mVOlDnqeoqvU-441xGKg2moVwI-3Cm2QUoxkfT7pQu4gm2ZyghSJ68RSiu43ZOjt0aZS2-Psrbkv8_BzTj7UyL-scMaoZfaDak_Yif2XCVpd4gceHLqWY2z4pYqyMSErVDegoX41WeLYwocPLsCkbnDk_MsJ0p8PS3eahAjwpIEI9aBhkFI6eLWz2sJmm6c_e3D5iE0PDkLyJUtNoGqvJoayQYTKED8j7G3YICJOOg3Tq1cHr8f3w5UgpRcC7b1-mXvCswtrpodLzdVnk0P9e14Jrt-Wr0nG4Ug5BfU7asM88i1ruslxtasOvOtD9-IiHtCDFVL-ocBQe2KgPG0OKBFe6gWHOuXNzsQ58u_ZwuIzGmJ4NhApWWtKKNWpVJ3k3KLMD4A6-Qsjx-x4VQE1SiZvN1Hy8tWip3pUD4vKCrO1VBotwrziCPuG8hdffeBYttoC_X7YJ25zTjZKCEnRTv_uswZXQvpu0I0_CkQtwYleNaClEtlmvytW0H4CoA0nUw0p2452Zo0qHb6xj4RKVgUKWKiO4e_4pSr8RmRFh9LRCFz6o9TohnxIaQF7jp3Pdoy7P8h2HXRwkwqfZpi2XalUNJxEiwisPydtcC84NL0vOwqleuFx-jHCS0xW69lPa8x6Fp3FIdS3x2tMGfHw0rWkubxGc5ECUmhIjhgcuTz-sWy6NTRde9YX61CDSjkA-NGT8qoHZ2efXRfhsdMYkD7wMz0u9xcSli3Sfgv2y_dG9w0U52Ii4hUTMQcd6tMKhwIocUHPF65XFUkpVIfINbsbduTJ0Fo7ksV3b1q3TLAzyLQYf1pxZ3VxO7EiGe7E_HFmpyhDjqhU9eHVrDq52npC73Gj6BR7yfY_f0HCNthQmw13XR4UQ56X9OBXJPrgJlW5HXFqS3o9UhLwaMecFlFGnnhD2DAq0gWvICP6GPRRIupHWntuU04xxRSOeCrWjoLU_AO-vGRiFCYcxgcyyMZ7JyptfuMna3CpUP3EpOTpdo3D48SRhYXvLz2MkQe1KwSB1xH354jb44GTxapwsjzuQRvZBWLuH8cBUWejpw2NwQkS-jA1wuHTtOCSQj8QmfCVLdJvIy9oHuhdJMhBdVEu7oqwhBatJ7SwZywh-HO4e8DRuTSfltbELHXgQ-oh29FWTvOn_V6LROiHMnhnqFON_uJdErRnSRtyAGfAWiDvE7ba8wjh8HPvKjOScsR7-poJHzUpRGCAkEdow-NCDtD9NBpBF1gsBspJuh_u9ZcdHF9LMU4zx-yn53mulBnxVkywVgZ06ckSXJxkrsdWJAmcAuoHqSuQKWpSGu3CRyUkFhYx6yKof7p2TJEDpr6N_0dNKfwEO6Bk2V1ioHVtCpQEQrrJipkMpqc2Vzu0ORIMic0moNPkWeHuY1xLwidQCRAgCaIWlljalaaME7ea9MbwGKpygh3LIqv2Yrtn1r4E0wcDtqp1nHXrgLkLuauqFDyUKhCl7No7z6Lnet8EsWgnZXruOfP6BjxkNDasA2-MqUl3HrTH2x-7p5A0S7wqe7JafWQUmTItqZR4yM1es_TsGjV5prsjGWolustVdMU3_T5u05R5hrSJxS-6G4gE6pOZagqOS9ZMJbNFuQ_fkihFMSPun3A446ZVmzbBUtFTW6qzW6an7ezHRTm1HijNSE5rK_4nidxraCTatfSjkt_u4-y_aKq67t1m1Ahx5Koj5FHxm8Kyh-1-k0GcVQxmTIR7KE0Nfo3mk-x80rUAffBCrNl9zm7XCQ22w5umjLc9xt6zkngyEaApINrBQvJykTSumXkS9CV5-9Zb-9xErSaIInsFOEloedK_Cn8ve3b4UnkcBSupMAu3lnkY5-TAeYYvlQ4VBsXtElMskxP4aZPwH_s1NSgQjPtXF2b6IqjTG76v_u96yKPLtKGoxt3VABkKuOgNg5on6o3LOAubxuKXWbBmhXzF3ad7qE-7amrvfvzE9Cy9Vq7VXR7VtwD6pcUtlaJo7B5CtvGui3TyFNaoU0ZfC6TixX5wnHJ6p2mCQ0LYqgfXrwtiVQWlwssOCXTns3lp-GjUtqUMUFw&cid=CAASFeRoyo__ey7l5D_PNiKJeOj9kbzTTw&rfl=1%2Chttps%253A%252F%252Fclubtk.ru%252F%240

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

436e56c5ac0202deba850646ad67e923f9af10888234766e89f00880489accf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6BC 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaCBrP0JACP0i-dM7pKxhch2q2ywl7bg_3S8nX4Ck4kr5wXZXGPo4yeoaGN_CjDxsJFrB1LlrE9LrwI24fONWOljHvFmfdO2tFjWRQHTOxpsTOk0k

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame F6BC 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 18:24:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6BC 124 KB
38 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame F6BC 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6201
x-xss-protection: 0
server: cafe
etag: 16063203490821389409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 18:21:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F6BC 0
0 36ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXmh0n7YqaVxlzHf5-VoTdmHslfV9FOazksj0xvEJamktT-1wRQ47O37ecmy3wQi-7mTX8lhCdj65qRnK5e-KfppWEYA
Requested by: Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1

43 B
1014 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGL_o854BMAE&v=APEucNU7OIauMxwp6Epf4R54i5yk5GtJ-ei6Tp_f_YR7xQMyk9RH6BZH67W3Wd9-UWGphNMn4JjY7y6qxgKP1jSIGPt0ZzkUmWbmvxhe15-KkAvxBS0T4LUzLV6uW_x61Funkk9O4dubLcoc9cuOjiRKguOJnTGoVm8FJNlZTy84NsIzGa3yy1E
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 18:25:09 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09F7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgK1hfHJ5uNcbSuGKpUpigAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1

43 B
894 B

49ms
48ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGL_o854BMAE&v=APEucNU7OIauMxwp6Epf4R54i5yk5GtJ-ei6Tp_f_YR7xQMyk9RH6BZH67W3Wd9-UWGphNMn4JjY7y6qxgKP1jSIGPt0ZzkUmWbmvxhe15-KkAvxBS0T4LUzLV6uW_x61Funkk9O4dubLcoc9cuOjiRKguOJnTGoVm8FJNlZTy84NsIzGa3yy1E
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 18:25:09 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGi-uiVOR-uoQQtkUqKl5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 09F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBpGtbER-Aa9XrIm5oB-WG8&google_cver=1

43 B
1006 B

44ms
44ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBpGtbER-Aa9XrIm5oB-WG8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGL_o854BMAE&v=APEucNU7OIauMxwp6Epf4R54i5yk5GtJ-ei6Tp_f_YR7xQMyk9RH6BZH67W3Wd9-UWGphNMn4JjY7y6qxgKP1jSIGPt0ZzkUmWbmvxhe15-KkAvxBS0T4LUzLV6uW_x61Funkk9O4dubLcoc9cuOjiRKguOJnTGoVm8FJNlZTy84NsIzGa3yy1E

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:09 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 22c6d50a-5377-4d7e-a1d1-2bb6325cb492
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBpGtbER-Aa9XrIm5oB-WG8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09F7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5Mjc0NDQ3MjA5MjQ0ODAyMg%3D%3D

170 B
188 B

47ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5Mjc0NDQ3MjA5MjQ0ODAyMg%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:09 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ee6fd30d-70d9-417a-bc3d-e1d9808c2f0c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5Mjc0NDQ3MjA5MjQ0ODAyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F6BC 106 KB
38 KB 66ms
8ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
Origin: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 21:36:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/elements/html/ Frame F6BC 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5rX_6RuSSfGKlJzVa_XrNG_FLqTznT863tJQmzdGKpI-h_tT5UXbVzQdjqGZXVxH5jb8urd5BlKlMp8ZlNeSnKTyTz6TwjyIyvKNOJ84dgCsSi4IMguH7yYw7kUd4x_lYfGRKiLR_kpK8nNqr91xWTTPPjg&dbm_d=AKAmf-Ai_ljsr2FRQev9qha0sla1FX5bR-8ZV2IUqiXLPlekTyJjxtlnm7zNA-GYhbfFaj4eoXTesnCtwGr4hmj9hHuOZEpP-bmFtDgQilQ8XSYfBgHNi7Vok_PbWp886ibU6LF4rfJfCQSZw1vY67pxmuGIWS62To4rtXr0Y85qUX5UOlo_13lX2EJvnf_HKglzgGJ_-yRd2NLB5A1rPu5_dkBr3hOY762I4HKvGe_q84aYnyAVm3Bg9TdFjyXCrpMdWEGuY4aBaDYwvGQDBwzYNxB2LLU-y8ef7FwUJ3EvSk6ntkCCcLDtPOkb4E7QhOrSE3ZAg0Yu0TXqv35sf6E-Fdr2qnRCg6a3h1NmNtUUWJ7W0MjL8Jji5lsFjG0MciK88K7NYAzPhTxzVkh9Upcl-N7TnpU3i9L3yu61bsG5hScJ9CTRwfp0d7wbmEcO2Ebrj3ze2J1h1y3U8iDdOIYJUqOoiOXNr0w0BEe17CMr46gslP-AUIdZf3E91k91Pv3viYP_c8Fa8qa98rlbKEEH8BN7579KxCMoxXsU32Mzs1em4gBUT-EOts7rMJHl4KHdTFDyWKSbxcZGFSRFRfLaoU8peIZzIX37LiaFwEDAB18Az2rvPF7Y0zJgUxo_0VbRWoHgpWYsuSXhqoiriW-BQzrkt2hY9uB1pUtc3CE925DoLTnCzM6rFCG69CQPneb5eWfsAFgEsnzMNHw2TIL6qtn4ATJvT5C4mnaOcxcEL6bHbkA-iwHA53sTmjO5aNis5KmKmm4pK6jwC3nBGCuxRD3xkLPX8O6uZDrR5L0BgHTJdwtBoMKfPn8c-duYaFUoyoGfAdf25dduPlSoPnnkswXsl7er_oi7L_9mXJz_ABsElWLioaPDr7CNrcfgqgDttSJMFLdRpkgcdc3nydGPJyv2YBEtZx61tDCJseKNR8cMREcnu1sPyPrPuYYiaH0TSP_PK1kNrF1MMyUO-VbnaBPV188txX-KXAwvzBmxye3GvYMYXZGExVp3EjwBXvLFf83ddcSBLHJv3r239-TB8PMKarp803wPuEjEpdJRNlmQ4vvn6hEmY7eF6ZEUqmjI9pwjEUdEs0Fei36f_Kq8CEb-YKRyRKBmgVik0Na3iQAoz3ZsNhOm9lxZk3V36t9Ie8BpN4BNf6kF4qwk36HFIWqSc9Bdr5f9P3NjEjs75nSFJ7Ujn8pynWee7mVuwFTiepQJDadT3FvJNas3wLHtz6geq84Dxm0Q6PZsJcW3wkFEM2QVqacRfu_-03rQU6jkeQ4cHc25ieSROmJ-F0PUc0tlO6dOkhxAaB5a_ylkyhGA75hRf-hXynLtpXTvYN1h6t6QdFNI_HpJOBE4VTJF2EBNzaZnMLqxv9QEGyGggAW4X1iZ9gbvAAZygNOp0YYRGFBo8CKECw3mVOlDnqeoqvU-441xGKg2moVwI-3Cm2QUoxkfT7pQu4gm2ZyghSJ68RSiu43ZOjt0aZS2-Psrbkv8_BzTj7UyL-scMaoZfaDak_Yif2XCVpd4gceHLqWY2z4pYqyMSErVDegoX41WeLYwocPLsCkbnDk_MsJ0p8PS3eahAjwpIEI9aBhkFI6eLWz2sJmm6c_e3D5iE0PDkLyJUtNoGqvJoayQYTKED8j7G3YICJOOg3Tq1cHr8f3w5UgpRcC7b1-mXvCswtrpodLzdVnk0P9e14Jrt-Wr0nG4Ug5BfU7asM88i1ruslxtasOvOtD9-IiHtCDFVL-ocBQe2KgPG0OKBFe6gWHOuXNzsQ58u_ZwuIzGmJ4NhApWWtKKNWpVJ3k3KLMD4A6-Qsjx-x4VQE1SiZvN1Hy8tWip3pUD4vKCrO1VBotwrziCPuG8hdffeBYttoC_X7YJ25zTjZKCEnRTv_uswZXQvpu0I0_CkQtwYleNaClEtlmvytW0H4CoA0nUw0p2452Zo0qHb6xj4RKVgUKWKiO4e_4pSr8RmRFh9LRCFz6o9TohnxIaQF7jp3Pdoy7P8h2HXRwkwqfZpi2XalUNJxEiwisPydtcC84NL0vOwqleuFx-jHCS0xW69lPa8x6Fp3FIdS3x2tMGfHw0rWkubxGc5ECUmhIjhgcuTz-sWy6NTRde9YX61CDSjkA-NGT8qoHZ2efXRfhsdMYkD7wMz0u9xcSli3Sfgv2y_dG9w0U52Ii4hUTMQcd6tMKhwIocUHPF65XFUkpVIfINbsbduTJ0Fo7ksV3b1q3TLAzyLQYf1pxZ3VxO7EiGe7E_HFmpyhDjqhU9eHVrDq52npC73Gj6BR7yfY_f0HCNthQmw13XR4UQ56X9OBXJPrgJlW5HXFqS3o9UhLwaMecFlFGnnhD2DAq0gWvICP6GPRRIupHWntuU04xxRSOeCrWjoLU_AO-vGRiFCYcxgcyyMZ7JyptfuMna3CpUP3EpOTpdo3D48SRhYXvLz2MkQe1KwSB1xH354jb44GTxapwsjzuQRvZBWLuH8cBUWejpw2NwQkS-jA1wuHTtOCSQj8QmfCVLdJvIy9oHuhdJMhBdVEu7oqwhBatJ7SwZywh-HO4e8DRuTSfltbELHXgQ-oh29FWTvOn_V6LROiHMnhnqFON_uJdErRnSRtyAGfAWiDvE7ba8wjh8HPvKjOScsR7-poJHzUpRGCAkEdow-NCDtD9NBpBF1gsBspJuh_u9ZcdHF9LMU4zx-yn53mulBnxVkywVgZ06ckSXJxkrsdWJAmcAuoHqSuQKWpSGu3CRyUkFhYx6yKof7p2TJEDpr6N_0dNKfwEO6Bk2V1ioHVtCpQEQrrJipkMpqc2Vzu0ORIMic0moNPkWeHuY1xLwidQCRAgCaIWlljalaaME7ea9MbwGKpygh3LIqv2Yrtn1r4E0wcDtqp1nHXrgLkLuauqFDyUKhCl7No7z6Lnet8EsWgnZXruOfP6BjxkNDasA2-MqUl3HrTH2x-7p5A0S7wqe7JafWQUmTItqZR4yM1es_TsGjV5prsjGWolustVdMU3_T5u05R5hrSJxS-6G4gE6pOZagqOS9ZMJbNFuQ_fkihFMSPun3A446ZVmzbBUtFTW6qzW6an7ezHRTm1HijNSE5rK_4nidxraCTatfSjkt_u4-y_aKq67t1m1Ahx5Koj5FHxm8Kyh-1-k0GcVQxmTIR7KE0Nfo3mk-x80rUAffBCrNl9zm7XCQ22w5umjLc9xt6zkngyEaApINrBQvJykTSumXkS9CV5-9Zb-9xErSaIInsFOEloedK_Cn8ve3b4UnkcBSupMAu3lnkY5-TAeYYvlQ4VBsXtElMskxP4aZPwH_s1NSgQjPtXF2b6IqjTG76v_u96yKPLtKGoxt3VABkKuOgNg5on6o3LOAubxuKXWbBmhXzF3ad7qE-7amrvfvzE9Cy9Vq7VXR7VtwD6pcUtlaJo7B5CtvGui3TyFNaoU0ZfC6TixX5wnHJ6p2mCQ0LYqgfXrwtiVQWlwssOCXTns3lp-GjUtqUMUFw&cid=CAASFeRoyo__ey7l5D_PNiKJeOj9kbzTTw&rfl=1%2Chttps%253A%252F%252Fclubtk.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 18:20:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame F6BC 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 17799145174670003773
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 18:21:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C125 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sM1FRw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63EA 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve5Be8OvViPKuNMEANWegACTLs21JpXgfbzj-iJwM1uqcwr8pYglxSC_CsGS2tqJ4eYeSwUyzVzbwEyafI2_VTjNi25dnfJaelV9OI_xdpx8UdWRRSt8C7qYeBGNMCkTM6NqDg6ccY-R7o4XkRQNIxGk-oQGdW_yfXcgaZ3RXrPzau7W4pZDMBN85jAbRuKeMMctvOdBSgkXqcMv1DmQQchhoPSroH4vS_leaET3nW8NXw0LBqMN8qnSn7aBOd_0xa9Eni6P4C71nBKr4cv_MfDRjtGrV9kgt4M45LuyzGfbXCb219Pe3owUOtWNe6Cm7_ciM&sai=AMfl-YTn6jILxDIsGMgcuQZoY5OUe-GdhUjaDf7knIZmeXwArV-EtwJuwESgZ0e3RfrKizWZEZxxWr0OoOnZDsy-6DYkKewwsJwmbZ13coD-MTFxReXlkOhphNK8KcvdT4-T&sig=Cg0ArKJSzG5DzpklTKprEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 63EA 5 KB
2 KB 57ms
16ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWTJZellUVmxObVV0TmpVNE15MWlPVEE1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTgzODEzNzgwMjQ1NTM4NjAvNzUxNTc1NC81NjM3MjU0LzkvT2RjR1d2U1cyOUtHUzVEelNIekNUOEdOY0hsR1NlZlhZMGtuUlRSWHVaTS8xLzkvMC8wLzExODM0NzcvMC8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU1ODM4MTM3ODAyNDU1Mzg2MC9hbXMvMC8yMDAwLzgwLzk5OS8yLzJhMDI6NmVhMDpjNzFiOjovMC4wMDAvMTY0NDM0NDcwOC8xNjQ0MzQ4MzA4LzkvMTk5NDQv/iPzv9b0cJw0mVph5Xo-Ns0ZhHyw&nodeid=3013&group=cdg&auctionid=8558381378024553860&shardkey=8558381378024553860&sid=5637254&cid=7515754&bp=a_adgfdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 4fe7486c8b875ef7b061a423d4c616822ab2175f6c2e5b6a7b674db98a0fa691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1644344708
Last-Modified: Tue, 08 Feb 2022 18:25:08 GMT
Server: MMBD/3.300.1
x-mm-latency: 3 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x44, cdg-bidder-x177
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H/1.1 200 fb40ff46-2d1e-4005-a141-fbf533595bae
beacon-fra2.rubiconproject.com/beacon/d/ Frame 63EA 43 B
354 B 110ms
10ms Image
image/avif 2602:803:c004:200::153
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/fb40ff46-2d1e-4005-a141-fbf533595bae?oo=0&accountId=19944&siteId=233404&zoneId=1217840&sizeId=9&e=6A1E40E384DA563B64B10AA23994742A5B7DA80D60AEDACB96FDBDBFDE53C2C72E0A5D0330DC739CDDC696274F162E27172DB22D3B21A9B5B5126B943B79D3C6A069B211BB093657E0E6E640F79FB9DDAB17C59ECA03C5C5E3BCBFBA28C8321B5FFBB3AC710EE88910024A6882210A7AFEAB9FB89F1B731F8292FF35FAABC2B552F2556DBCA7D8C2FF9ACAE09DAB49BAE24A379745E397AA5A7B289A8BEFDC0FAEEC35DEDBF5D5C8C7EF37D9495EAC99C602F23CD4CE8AF1

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:09 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 63EA
Redirect Chain

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWTJZellUVmxObVV0TmpVNE15MWlPVEE1TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTgzODEzNzgwMjQ1NTM4NjAvNzUxNTc1NC81NjM3MjU0LzkvT2RjR1...
https://tags.mathtag.com/ck-confirm?bid_id=8558381378024553860&node_id=3013&exch_id=9

49 B
331 B

23ms
22ms

Image
image/gif

185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8558381378024553860&node_id=3013&exch_id=9
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: MMBD/3.300.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x106, cdg-bidder-x177
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 08 Feb 2022 18:25:08 GMT

Redirect headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
x-mm-bid-request-time: 1644344708
Last-Modified: Tue, 08 Feb 2022 18:25:08 GMT
Server: MMBD/3.300.1
x-mm-latency: 2 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=8558381378024553860&node_id=3013&exch_id=9
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x85, cdg-bidder-x177
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 85
Expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63EA 124 KB
38 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H2

200

/
luxupcdnc.com/npm_show/
Redirect Chain

https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04
https://adlmerge.com/md/?mdback=https%3a%2f%2fluxupcdnc.com%2fnpm_show%2f%3frt%3d470973253%26dfp_mode%3d1%26policy%3dok%26first%3d1%26sds_id%3d7181257%26bid%3d0.04&
https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04&md=7062406749960490561

43 B
294 B

49ms
49ms

Image
image/gif

109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04&md=7062406749960490561
Protocol: H2
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
server: nginx
p3p: policyref="luxupcdnc.com/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: image/gif

Redirect headers

location: https://luxupcdnc.com/npm_show/?rt=470973253&dfp_mode=1&policy=ok&first=1&sds_id=7181257&bid=0.04&md=7062406749960490561
date: Tue, 08 Feb 2022 18:25:09 GMT
server: nginx/1.16.0
iseu: noneu

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 122ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:25:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6BC 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 10:38:13 GMT

GET
DATA 200
OK truncated
/ Frame F6BC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 230ce1c177b968d58ab3b0aaa8b68e0650397036c7d4ce39954fcee187ec1a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 160x600%20deDE.html Show response
s0.2mdn.net/sadbundle/7123161227978222008/ Frame 848F 6 KB
2 KB 22ms
8ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88731e3d04505a62e81776a727936a94e554b15dc10a8ff69733c4adb821fc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2294
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 16:45:32 GMT
expires: Tue, 07 Feb 2023 16:45:32 GMT
cache-control: public, max-age=31536000
age: 92377
last-modified: Fri, 17 Dec 2021 00:17:51 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6BC 0
571 B 116ms
81ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3hMbU4bIXdCahMw12m-mi3NH7-iuwWh8YgMeDJEPJSqAYzH4lWCaDN3p9z_Jnem362dYix6CBo54WdYH9Vt9-kM0QNeTuC35EbMYNdndEFARs5HSa41iYNqveC80z6sfptndnOnr4zCF1fn4DsHWUJWSkRI5u_-1y0Qsl19SzWInkbVobVOKDYQ9BFj7zVXgJ3PNSMx8NIMMB0jGyah3oS-nUW_gelvr3DqFNvtnlo4_r0lm_YKGkkK0vi_swh4YCWDG2YvnoL1B7z4BRCCMnLN_rVw1jIYBfMWT8BA-3XHtAEruo4yGGzkTsrggZpTbI0BRVFWHGnUQxett7l5zznx-3O-HWAlNnJ47mnMDx3snzp-PxqYoa-6OdNMFfxemXADQcSqDygcEvicYFn5XgQi8ui_S6L-44bXRA7ReUaCVLLrD9KsysmLOFoAb3LHJZum7jzIEaj9YaUZTC7TuWnO_3_j4owDG2CcjPWy6oeLsmim8Q4O8X7I-XMa40kW5Plv--TrfNQQWlvAaYVARnR2XV7kwSo_vTUjs212DDKcttaIwnpg7W9ctCm5uDTIxuh7gRCSDRDohGXQd4eH4Rwki4nAw0L-3C3Y7u94HHYBlAqIVTTSyEEkMi8DqIjedwHCT2tFY2ysrD7XzYr6tp41Ptws7r_sslqxuefYR5qqL7w3LL53ItIMlqMmnVuLI6OB87x2d6X7AAvTSTTDa8o3ZV1oBGx2yAYTv0BUulA2FG9l_elOu5i44-lk7CTNmmY1ylGdK2MFMYt3xeut7OVRqpoYhPxwJPSo5rUd3J_pzaOWQVtHHDeSWqhn7Llr-E_h7Uwh3tfXrEEgNI0TaPR09vkCljNPiMnxYPT9a3Sc3g_kL_9p58xNkE10BWDSW53g0MzqHHpvvxRCfZ4RLLVla2NRwFmT736ng5IVKOsbTClfCP_B2oERCio2dea4XqLW5q1k7GpDZUR_LpltQTCJBJR4Ar-qoFSNs2mnXpekni0jweDeCwNNM6gL6A9bU5VgOGHAmQmojEeSmA3kJavDD0ZoIBZ1663rrmQpkhgf58LUmLUrDOk1GREUmTiAuM-cfH_hrfLX6oeP0qmzrHVPWH2Xtc915l-npwxItnBFjG81GR_xvSJTMZ1y8jToNeQtK6HYu9Tzo6mfiesoW9mNemCsduAbkvKh8Va-OE1xpSet6cDzZdZ0Zirj-zcd6_54HnjZAulAvFEuL7h65X&sai=AMfl-YT0tCtxq2hp0WagokBvd5SrsF6NYoQSKCD2w4fdiCjEQye8hw-w-XA3xXhYo3HyJ8yOuNdBQacWoD5MKRJKQn1Q4LP8-4FCkMaCok15V2EA1uWNReJa7Sf6aRqBq_V5PFnBGAceA4jrTp-ulIvQVjq78-Jn3_vxz2lhSgM&sig=Cg0ArKJSzFxAnjac-4KCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=257&cisv=r20220203.53655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 08 Feb 2022 18:25:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 34C6
Redirect Chain

https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3...
https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3...

5 KB
2 KB

57ms
34ms

Document
text/html

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d2598564087a17cdf8a86029a54a3117202cda9058d33108ea98d84fbda3ceb7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 18:25:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 16646300208257501319927011864024
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1725
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 18:25:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 63EA 49 B
330 B 15ms
14ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8558381378024553860&node_id=3013&exch_id=9
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: MMBD/3.300.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x80, cdg-bidder-x177
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 63EA 43 B
404 B 114ms
32ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=8558381378024553860&v3=746345&v4=5637254&v5=7515754&mt_nsync=1&no_attr=1
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x6 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: MT3 4133 baa842e master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 63EA 49 B
331 B 29ms
13ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=8558381378024553860&st=5637254&time=1644344709&nodeid=3013
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:09 GMT
Server: MMBD/3.300.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x101, cdg-bidder-x177
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 08 Feb 2022 18:25:08 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1A90 281 B
554 B 34ms
7ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Feb 2022 18:25:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 258B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 10:38:14 GMT
expires: Wed, 08 Feb 2023 10:38:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 28015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B77B 13 KB
5 KB 53ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=clubtk.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2038
date: Tue, 08 Feb 2022 18:25:09 GMT
content-length: 5182
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 44ms
18ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:09 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:25:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63EA 0
0 60ms
45ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHBEtjZb-RRElN68UzX_4Il-8smC1p99VQ_w_nRM1mGkx8NaGTumxJ25welTTJaW3hKNqP6VMBeqBsjOIovJq-kv6H5Dlp7fuHeBpINnxXojOR-nLszcUFwy55HxAMrnrMERAZLBTLHR4ibqqweMmBAZLWEt7MJKbQlM2hOFAqop3DmZzHGma2CTUAAB_-tRS5liXkmAsvKo4G8lc9IQ1Lt4Bby8_6SJt4qK1AJKkMx4KbUbNOkqw0LHUVWfzqTKjif_V-GTrEmB7ULP30mPcqKy1oK7v4RfTxLOXRom-rqT1amPCcx3w9KO_EJ6qL5HEinJZRpQ&sai=AMfl-YSSxuDsJI4aYj5IXcoOk7a4cyIOlYJyi_QYhi8YN9n2SR2R39gx6u3TQeuxAbWzp_W23fW8s3bxLObuSTR1Qn0IYKXl6JpCHRq6_J5xp48pooANPeJLTSjQTl5np_O_&sig=Cg0ArKJSzNXD9dC-MZsAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
DATA 200
OK truncated
/ Frame 63EA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0e0856b63e5d55e43f11379dc4b68ce9f53d69656f7acb2195a9c0aa0630e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=826903163449548&bg=!hoWlhcHNAAa4sGsQuLA7ACkAdvg8WmVo9oCSH8ksqXq3H0GqFtx7Be7q6yvLkVYeNl1EMVj6-09kOgIAAAGQUgAAAAJoAQeZAqanTaK4Pi6RNdc6X_ZUirI6dMVdTPx-ERvuCnWEvX4cfTXVLOB__8ClDQyWsSXDBZ_SAC0bx1y37O8Ryi7_-86SwNGfIsB1GHC_tzc_Eml3c-rFoTPR7yoPsaNL6Fjc-aKOpFgiwIbIM08R14lShUTeMuY0-CNXbii_BETjBGbk8pjJ2K4LZb3LEWry8RAV1MTJJ8EDiMLLhX3mF-SmpyXvA4DjzLbpxSpr6ojRJnfimRvRaGnZQSUzldP69t69Ug8RDuIgK7HzCXLAs1n6hn8Ikr1xi6G401fhHo_mlLwg8oW2h6mfP2z66M96o16hzgv5-ltARaIqS_msn9PBGQpuh0l1zHVosLRlyIxCHEsVA0kqd5HeddI0yy0gnCmkV-axor4ls2CwGSsv00XB0M3UOI3e_Biq6mTqlXMUNBO3X2Y3tE-LPwuvPQ6vdKMDIAn7rIsXqqgyefW4cGN5pk4xnOe1Qj_zQDIzNU3QmKKYfBs3v1y8PfX584pid_Ln5RxHx-JCc1hMm6bORMfbPzPL2dtx5yDQ18lvz8LeviO8ZyERaUfifXEioL3W4rav07iJ0D5AtQgZE6fbv4Trub7NopkhHUuR4ulQnvSDBhaCyYK8a20FB1Vxc6jo6u09RXncsyJCSyfqZOqWRBBwTscEq7EDi_iGA-KSscuR2jgvIyE1wVYQyeeaZsk4WssIlmHO7TgWm5r94uTDQ8mrV1ctTPSf8n7qCHrMOBVsVLkfPUrAFnlhivdmuzEdVWZ_fR8pZO6ubKahkHj-uaD4fPz6EouKHTSR2F_pjiHmUtq-ARzDsMyjeJANn_XfezOjf-UmXA5i3aMsfZshZ-rT7D5qBp123QD_Fy80RqafDy6lYGSbBQHq-js4Vwmdq42v6AULo6YkXUE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 848F 236 KB
63 KB 77ms
16ms Script
text/javascript 2a02:26f0:f7::5c7b:e051
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:10 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:40:10 GMT

GET
H3 200 160x600%20deDE.js Show response
s0.2mdn.net/sadbundle/7123161227978222008/ Frame 848F 30 KB
8 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885b73797fbd4465bf5bc67d977aaf8c91af45bcf77ec8cbcc8c37f56fbd6f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7928
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:17:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 16:45:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=530356483828553&ev=Microdata&dl=https%3A%2F%2Fclubtk.ru%2F&rl=&if=false&ts=1644344710085&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9A%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%20%E2%80%93%20%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A%22%2C%22meta%3Adescription%22%3A%22%D0%9A%D0%BB%D1%83%D0%B1%D0%A2%D0%9A%20-%20%D0%BA%D0%BB%D1%83%D0%B1%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2%2C%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%B1%D1%81%D1%83%D0%B6%D0%B4%D0%B0%D0%B5%D0%BC%20%D0%BD%D0%B0%D1%81%D1%83%D1%89%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%88%D0%B0%D0%B5%D0%BC%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D1%8B%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%BF%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B0%D0%BB%D0%B0.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644344708492.828432591&it=1644344708366&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 08 Feb 2022 18:25:10 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A90 32 KB
10 KB 10ms
10ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f63298023c2247fe7a320ada18b880581c2d5d5d3a868f7ee907ec9593755871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44658
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9705
Expires: Wed, 09 Feb 2022 06:49:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B77B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=clubtk.ru&sn=ChromeSyncframe&so=0&topUrl=clubtk.ru&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xowSXXw4cEsrVkl3a2orN01Idjd0TS8vOWMwWWJNVjlQbzE4VjFWMEVyRjFZaWNTd3hidlh6RE4wQUZNZWlGTFdrbjc1dlJqMUxvTng2ckZ0Z0FrYjNNcFVPNENlTGJvTkdZcFJhMGZhRXp1cjBkd1JVSDgxV01NNjZmdk...

419 B
619 B

243ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xowSXXw4cEsrVkl3a2orN01Idjd0TS8vOWMwWWJNVjlQbzE4VjFWMEVyRjFZaWNTd3hidlh6RE4wQUZNZWlGTFdrbjc1dlJqMUxvTng2ckZ0Z0FrYjNNcFVPNENlTGJvTkdZcFJhMGZhRXp1cjBkd1JVSDgxV01NNjZmdkMxN05XZHRyQjlIQVZiemk3STRYc2tVQUl0OTZwdnc1OEtkdnpDM1JqNUtDblB6UFpWKzExZXlYTSt5cnlvRXFiT1MvT0FFcStEOHFFYVRWOThyTG1vLzJhWW82L3FYcy9uU3NqV1IzbGg1S0V2TFJWNFNvZTZ5eDIrNHNBRmFaZHMwTTQrd2JCTElQdW15ZnIyZkt3R1daTXF2NkVZQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

546e69a89ae5da922402ac26d3a4a428d37c378f848577d5bc39b09270502d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4235
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:09 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=xowSXXw4cEsrVkl3a2orN01Idjd0TS8vOWMwWWJNVjlQbzE4VjFWMEVyRjFZaWNTd3hidlh6RE4wQUZNZWlGTFdrbjc1dlJqMUxvTng2ckZ0Z0FrYjNNcFVPNENlTGJvTkdZcFJhMGZhRXp1cjBkd1JVSDgxV01NNjZmdkMxN05XZHRyQjlIQVZiemk3STRYc2tVQUl0OTZwdnc1OEtkdnpDM1JqNUtDblB6UFpWKzExZXlYTSt5cnlvRXFiT1MvT0FFcStEOHFFYVRWOThyTG1vLzJhWW82L3FYcy9uU3NqV1IzbGg1S0V2TFJWNFNvZTZ5eDIrNHNBRmFaZHMwTTQrd2JCTElQdW15ZnIyZkt3R1daTXF2NkVZQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1612
content-length: 541
expires: 0

GET
H/1.1 200
OK viewability Show response
ad24.ad-srv.net/ Frame 34C6 0
150 B 47ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad24.ad-srv.net/viewability?s=16646300208257501319927011864024&a=98511ca3&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 4E49
Redirect Chain

https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LX...
https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LX...

5 KB
2 KB

54ms
31ms

Document
text/html

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3e2951ac8f0bfe46b05bb5763333ef5deaffd1d9cef7b6f5c410688c6781e350

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 18:25:10 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 55986800208258401649437011864024
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1570
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 18:25:10 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 34C6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 34C6 851 B
1 KB 89ms
11ms Script
application/javascript 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 258B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:38:43 GMT

GET
H2 200 / Show response
luxupcdnc.com/utr/logst_sa/c2FpZD02NDE5NjN+Njg1MTk4fjY2NTM5OH42ODUyMDN+Njc1OTgwfjY3NTk4N342ODUyNzB+Njg1MjY5fjY2NTMxMH42NjUzOTh+NjY1Mzk5fjY4NTE5OX42ODUxOTd+Njg1MTk2fjY4NTE5N342ODUxOTZ+NjY1MzEwfjY2NT... 38 B
193 B 44ms
44ms Script
application/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD02NDE5NjN+Njg1MTk4fjY2NTM5OH42ODUyMDN+Njc1OTgwfjY3NTk4N342ODUyNzB+Njg1MjY5fjY2NTMxMH42NjUzOTh+NjY1Mzk5fjY4NTE5OX42ODUxOTd+Njg1MTk2fjY4NTE5N342ODUxOTZ+NjY1MzEwfjY2NTM5OX42ODUxOTd+Njg1MTk2JnNzaWQ9fjEmYWN0PWRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfmZuZF9vbl9wZ34tfi1+cnRyX3Zhcl9jaHNufi1+LX5ydHJfdmFyX2luc3RhbGx+LX50Z2xfc18wfi1+dGdsX3NfMV9kZnB+LSZ1cmw9fmNsdWJ0ay5ydSZ2Y250PTIwJl9mPV9fbHhHX18udG1wLmxvZ3N0X2lpOXJxb2tuOHdzY2xyczk/
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 41b3b88060a7612442db3f1f3a225d064dc9783753afe8e336daf16f15792fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 18:25:10 GMT
cache-control: no-cache
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9Mn4xfjJ+MX4yfi1+LX4xfjJ+MX4yfjF+Mn4xfjJ+MX4yfjF+Mn4xfjJ+MX4yfjF+LSZhY3Q9Z19ldl9zcmVuZH5nX2V2X3NyZXF+LX5nX2V2X3NyZXFfbGx2XzB+LX5nX2V2X3NyZXNwfmdfZX... 38 B
193 B 47ms
47ms Script
application/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9Mn4xfjJ+MX4yfi1+LX4xfjJ+MX4yfjF+Mn4xfjJ+MX4yfjF+Mn4xfjJ+MX4yfjF+LSZhY3Q9Z19ldl9zcmVuZH5nX2V2X3NyZXF+LX5nX2V2X3NyZXFfbGx2XzB+LX5nX2V2X3NyZXNwfmdfZXZfc3Jlc3BfbGx2XzB+c2xvdF9jYWxsX2FkbX4tfnNsb3RfY2FsbF9hZG1fbGx2XzB+LX5zbG90X2hiX2VuZH4tfnNsb3RfaW5fcGd+LX5zbG90X2xsX3Zhcl8wfi1+c2xvdF9ybmRyX2NsbH4tfnRnbF9zXzJfb2t+LX50Z2xfc18yX29rX29rfi1+dW5pdF9oYl9jbGx+dW5pdF9oYl9lbmQmdXJsPX5jbHVidGsucnUmdmNudD0yNSZfZj1fX2x4R19fLnRtcC5sb2dzdF9hem9sZHVldDJvdmtud3U3/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1728eb77f19be16ec09762256e3c1e603af82ce6b6f80c80c8740e3ef87dda3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 18:25:10 GMT
cache-control: no-cache
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9fjImYWN0PWdfZXZfc3JlbmRfbGx2XzB+Z19ldl9zcmVuZF9uZX5nX2V2X3NyZW5kX25lX2xsdl8wfnNsb3RfYWRtX3JlcGx5fnNsb3RfYWRtX3JlcGx5X2xsdl8wfnNsb3Rfcm5kcmRfY29udG... 38 B
193 B 43ms
43ms Script
application/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9fjImYWN0PWdfZXZfc3JlbmRfbGx2XzB+Z19ldl9zcmVuZF9uZX5nX2V2X3NyZW5kX25lX2xsdl8wfnNsb3RfYWRtX3JlcGx5fnNsb3RfYWRtX3JlcGx5X2xsdl8wfnNsb3Rfcm5kcmRfY29udGVudCZ1cmw9fmNsdWJ0ay5ydSZ2Y250PTYmX2Y9X19seEdfXy50bXAubG9nc3RfZ2podHI4dW5tODJraGlhbg/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 33b18e1e35b9bb30657385ed2b56732f2ca71f1da29af26da24207a8864486fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 18:25:10 GMT
cache-control: no-cache
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H3 200 160x600%20deDE_atlas_1.png
s0.2mdn.net/sadbundle/7123161227978222008/images/ Frame 848F 70 KB
71 KB 9ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7123161227978222008/images/160x600%20deDE_atlas_1.png

Requested by

Host: 5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
URL: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7123161227978222008/160x600%20deDE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 21:21:52 GMT
x-content-type-options: nosniff
age: 421398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72171
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:17:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 21:21:52 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6BC 0
23 B 60ms
44ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3hMbU4bIXdCahMw12m-mi3NH7-iuwWh8YgMeDJEPJSqAYzH4lWCaDN3p9z_Jnem362dYix6CBo54WdYH9Vt9-kM0QNeTuC35EbMYNdndEFARs5HSa41iYNqveC80z6sfptndnOnr4zCF1fn4DsHWUJWSkRI5u_-1y0Qsl19SzWInkbVobVOKDYQ9BFj7zVXgJ3PNSMx8NIMMB0jGyah3oS-nUW_gelvr3DqFNvtnlo4_r0lm_YKGkkK0vi_swh4YCWDG2YvnoL1B7z4BRCCMnLN_rVw1jIYBfMWT8BA-3XHtAEruo4yGGzkTsrggZpTbI0BRVFWHGnUQxett7l5zznx-3O-HWAlNnJ47mnMDx3snzp-PxqYoa-6OdNMFfxemXADQcSqDygcEvicYFn5XgQi8ui_S6L-44bXRA7ReUaCVLLrD9KsysmLOFoAb3LHJZum7jzIEaj9YaUZTC7TuWnO_3_j4owDG2CcjPWy6oeLsmim8Q4O8X7I-XMa40kW5Plv--TrfNQQWlvAaYVARnR2XV7kwSo_vTUjs212DDKcttaIwnpg7W9ctCm5uDTIxuh7gRCSDRDohGXQd4eH4Rwki4nAw0L-3C3Y7u94HHYBlAqIVTTSyEEkMi8DqIjedwHCT2tFY2ysrD7XzYr6tp41Ptws7r_sslqxuefYR5qqL7w3LL53ItIMlqMmnVuLI6OB87x2d6X7AAvTSTTDa8o3ZV1oBGx2yAYTv0BUulA2FG9l_elOu5i44-lk7CTNmmY1ylGdK2MFMYt3xeut7OVRqpoYhPxwJPSo5rUd3J_pzaOWQVtHHDeSWqhn7Llr-E_h7Uwh3tfXrEEgNI0TaPR09vkCljNPiMnxYPT9a3Sc3g_kL_9p58xNkE10BWDSW53g0MzqHHpvvxRCfZ4RLLVla2NRwFmT736ng5IVKOsbTClfCP_B2oERCio2dea4XqLW5q1k7GpDZUR_LpltQTCJBJR4Ar-qoFSNs2mnXpekni0jweDeCwNNM6gL6A9bU5VgOGHAmQmojEeSmA3kJavDD0ZoIBZ1663rrmQpkhgf58LUmLUrDOk1GREUmTiAuM-cfH_hrfLX6oeP0qmzrHVPWH2Xtc915l-npwxItnBFjG81GR_xvSJTMZ1y8jToNeQtK6HYu9Tzo6mfiesoW9mNemCsduAbkvKh8Va-OE1xpSet6cDzZdZ0Zirj-zcd6_54HnjZAulAvFEuL7h65X&sai=AMfl-YT0tCtxq2hp0WagokBvd5SrsF6NYoQSKCD2w4fdiCjEQye8hw-w-XA3xXhYo3HyJ8yOuNdBQacWoD5MKRJKQn1Q4LP8-4FCkMaCok15V2EA1uWNReJa7Sf6aRqBq_V5PFnBGAceA4jrTp-ulIvQVjq78-Jn3_vxz2lhSgM&sig=Cg0ArKJSzFxAnjac-4KCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=559&vt=11&dtpt=299&dett=3&cstd=257&cisv=r20220203.53655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 18:25:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1A90
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEGDTKN-V-IKWG&sigv=1&esig=2~d3732fa28d55aeee6d51e45f8598537f8c012443

0
194 B

318ms
21ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEGDTKN-V-IKWG&sigv=1&esig=2~d3732fa28d55aeee6d51e45f8598537f8c012443

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:10 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEGDTKN-V-IKWG&sigv=1&esig=2~d3732fa28d55aeee6d51e45f8598537f8c012443
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1A90 70 B
265 B 125ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1A90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBJX2X1ZjrQvx2Z4ayqQjSE&google_cver=1

0
239 B

33ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBJX2X1ZjrQvx2Z4ayqQjSE&google_cver=1
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBJX2X1ZjrQvx2Z4ayqQjSE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1A90
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZewL9wz370q_pjyzZGqpmw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=995909765184762803

0
239 B

8ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=995909765184762803
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Tue, 08 Feb 2022 18:25:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=995909765184762803
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 503 btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 1A90 0
177 B 42ms
7ms Image
text/plain 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644344710.357868,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4081-HHN

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A90
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFR0RUS04tVi1JS1dH

170 B
188 B

34ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFR0RUS04tVi1JS1dH

Requested by

Host: clubtk.ru
URL: https://clubtk.ru/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFR0RUS04tVi1JS1dH
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1A90 0
0 33ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1A90
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ef316202-b585-4501-ac0e-10182752d94a&expires=28

0
239 B

9ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ef316202-b585-4501-ac0e-10182752d94a&expires=28
Requested by: Host: clubtk.ru
URL: https://clubtk.ru/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ef316202-b585-4501-ac0e-10182752d94a&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Feb 2022 18:25:09 GMT

GET
H2

200

evergreen-kis-160x600.jpg
media.kaspersky.com/de/affiliates/ Frame 4E49
Redirect Chain

https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=559379&pv=0&pref1=55986800208258401649437011864024
https://media.kaspersky.com/de/affiliates/evergreen-kis-160x600.jpg

125 KB
125 KB

243ms
14ms

Image
image/jpeg

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-160x600.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.31 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

9bf453e8c4e528c6b029a474697ed1a971c18c57aac76b77025b10b9baae96b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:30 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "c7b2295f61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr2/FRA3
accept-ranges: bytes
content-length: 127703
date: Tue, 08 Feb 2022 18:25:08 GMT

Redirect headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-160x600.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad24.ad-srv.net/ Frame 4E49 0
150 B 35ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad24.ad-srv.net/viewability?s=55986800208258401649437011864024&a=43bce587&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 9E0B 43 B
703 B 79ms
37ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=559379&pv=1&pref1=55986800208258401649437011864024

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Tue, 08 Feb 2022 18:25:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
DATA 200
OK truncated
/ Frame 4E49 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 4E49 851 B
1 KB 56ms
11ms Script
application/javascript 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:10 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 258B 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWQQXhbUCYv_iIYuR3gP_w4XQCAAAAAA4AeAEAg&bg=!XV6lXhrNAAa4sGsQuLA7ACkAdvg8Wm_rf3xFkBdWaVep3vB11JfrU6p5niz0AXeJVoMZxUDPq-BVkQIAAAGFUgAAAAJoAQcKADOc7fIZf3DZCPyKNKbVTTExwVQl7kAcRHzedjsn-AgpD9tcaMRWFVBg7QDfaVaAZv3B1xWZAucd8Rg5L7mE4Bu0jslaYRHVbvMDL2TIx_ABWyYBTiuWfdw92bDJuK3ratYkFhHOGDNYq39EjhwFFY6hFbKl4dWXfiNacaAIeWZ3Hj6ukk9ko0jMzTTvNts4mAEZcOf_uIQ2pvU2FTJ-ijAbuMwak2wHwxtlLpiULzTDVxr2HQMyGHH5DU2kVbG1pOZK1v55wfNGYJW9J_du29ujkVcpjFfSnATBCM81eU32z6CEq5cwqTTB2F-QpJBupZq28z9gGTlInIulmxx6aheafhB6ohcg4isIsyDGOnZOtEuIKHQsNwZZ5J4iKxCsiC1myZFy0QLOtVBYjZzdfQ5wyTjTHG88-DXdGy6GfUlFxHs3FFxI3DciUQsTCjmk6Wv-wR4yZoLrUwe22d3JoMZfDYrr3cf5Ib-fdVnrwxcHeJ2Ao4i6NDolT-_iEW3yiFqMRkkeNrCpGXVVKzz-zf9BWDpZVYbVlu66zq_zwk8n0xdrE38M5wpgrTwCoVfpnpL28Bq8ZxU5l8GlzgNeokuy3XshoO4pGtUYSBo8f6eJuMLuz1AEfBrc5uYYnTY7MQ2b9ZkpCIwIJQI71dFMnNOOjg_OwSW6sECGFDoUMq5-Yk77R8i6DRYlQtiL9biW6DriWvZDtB_Zy7U9RkZa-fQ-Oex15iIX27zO_ddLa36hGA4o7D5lwg0WgsE3xFEfjm6pzn8nChmOXt46ay_qTQzLbogldjCvD7gbkcpql_N2fuJKBo0q3AGNsWWbTwuifcCw2QFr6ujW0qrBiHMFtpEKbFWQLY4MdCnRunAOFERIPW9kYKw9tDzV6EfohpGYTIf3ojrJtsN3qPp21NFYpaW9L64PfWxHlfk0cs6FFKensD2Qly6Z2FxSoVhRzS12V15p5ys-sW5jvOc7_DtSuRZ3xGtRt2osCrFikkCKOXPJfhI-OvvD1PfzoqHsBwS7SKYJ_Y7xXsobs0Au9KaDLTWppuxcwNPsnegOMNlYbg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F6BC 42 B
64 B 70ms
43ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBaVBpPBV7moF4UFNyVxlurcJkzump9PLqhYw3k7DSINZt5r11zfyhWCKsFgzmf9Zx9bYIcNkQ_U5Byz77jGkPShYu2Qc3n0_LYqIBnYAYmdf7xojFrA&sai=AMfl-YTnydr-SbrLMpBUdSrqgndlQgCXmFHIHFJY2BYSfFkrp1MwPpUP7zp6axtGET4XrDWQJ-yYxlfH4FJdtnq-NgjpTvMU3ISzgNDNoBoKMS-W0LCWsDGXSHf0lnVK9HwK&sig=Cg0ArKJSzMzbR8yvASoPEAE&cid=CAASFeRoyo__ey7l5D_PNiKJeOj9kbzTTw&id=lidar2&mcvt=1000&p=20,1445,60,1486&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2309556866&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644344709476&rpt=385&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63EA 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZtFL0Zet3gNEzZUO92WeGVELR1S0Rv_vJ3VxMj7kpe0mtpXPzl9BhGFSP2rWEVDteSFznJHOAfLQsAQYGwsfeoNdV1lpjkDt2KWbfiX8qy8GOgHsU&sig=Cg0ArKJSzNExtjeFk-2iEAE&id=lidar2&mcvt=1000&p=20,114,624,274&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=0.99&app=0&itpl=19&adk=413566079&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644344709727&rpt=229&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad24.ad-srv.net/ Frame 34C6 0
150 B 40ms
13ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad24.ad-srv.net/viewability?s=16646300208257501319927011864024&a=98511ca3&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=es693uzmjtmy&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D71516e317ace34d28f7bbcfb5000cfcff93104bd_9%26mt_aid%3D8558381378024553860%26mt_id%3D7515754%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_cid%3Def316202-b585-4501-ac0e-10182752d94a%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Ffb40ff46-2d1e-4005-a141-fbf533595bae%2F%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8558381378024553860&random=8558381378024553860&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:ruc&extVar[]=MM_DOM_RTB:clubtk.ru&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fclubtk.ru%2F&ancestorOrigins=https%3A%2F%2Fclubtk.ru&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 37512210 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 132ms
28ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/37512210?wmode=0&wv-part=1&wv-hit=212069101&page-url=https%3A%2F%2Fclubtk.ru%2F&rn=2551668&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1644344711%3Aw%3A1600x1200%3Av%3A751%3Az%3A0%3Ai%3A20220208182511%3Au%3A164434470857487272%3Avf%3A7oivoctnsftpvxmegov%3Awe%3A1%3Ast%3A1644344711&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:11 GMT
last-modified: Tue, 08-Feb-2022 18:25:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:11 GMT

GET
H/1.1 200
OK viewability Show response
ad24.ad-srv.net/ Frame 4E49 0
150 B 38ms
14ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad24.ad-srv.net/viewability?s=55986800208258401649437011864024&a=43bce587&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ynfmjr3zc9lg&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=09b9e2147cf6p5WsGANgb1MOiFmA1fYCy8FdFjdkd48mZgZYl_vli0vGW58FDWqIF_LXcL9ld0xXA3x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=16646300208257501319927011864024&redirectClick=https%3A%2F%2Fad24.ad-srv.net%2Fc%2Fpxiyjopsap54vlm%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9Mn4tfi1+MX4yfjF+LX4tfi1+LX4tfi1+LX4tfi1+Mn4tJmFjdD1nX2V2X2ltcHZ+Z19ldl9pbXB2X2xsdl8wfmdfZXZfc2xvYWR+LX5nX2V2X3Nsb2FkX2xsdl8wfi1+Z19ldl9zcmVuZH5nX2... 38 B
193 B 47ms
47ms Script
application/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9Mn4tfi1+MX4yfjF+LX4tfi1+LX4tfi1+LX4tfi1+Mn4tJmFjdD1nX2V2X2ltcHZ+Z19ldl9pbXB2X2xsdl8wfmdfZXZfc2xvYWR+LX5nX2V2X3Nsb2FkX2xsdl8wfi1+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2xsdl8wfmdfZXZfc3JlbmRfbmV+Z19ldl9zcmVuZF9uZV9sbHZfMH5nX2V2X3NyZXNwfmdfZXZfc3Jlc3BfbGx2XzB+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzB+c2xvdF9oYl9ybmRyfnNsb3RfaW1wX3Z3Ymx+c2xvdF9pbXBfdndibF9sbHZfMCZ1cmw9fmNsdWJ0ay5ydSZ2Y250PTE3Jl9mPV9fbHhHX18udG1wLmxvZ3N0X292MGtvZnliZjR5dDkwMWs/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 21653c7956fc1de9192dc89fcf239ccd3065b3782e10342398e66bde1d6a7b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 18:25:11 GMT
cache-control: no-cache
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

POST
H2 200 37512210 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 32ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/37512210?wmode=0&wv-part=1&wv-hit=212069101&page-url=https%3A%2F%2Fclubtk.ru%2F&rn=199605557&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1644344712%3Aw%3A1600x1200%3Av%3A751%3Az%3A0%3Ai%3A20220208182511%3Au%3A164434470857487272%3Avf%3A7oivoctnsftpvxmegov%3Awe%3A1%3Ast%3A1644344712&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:11 GMT
last-modified: Tue, 08-Feb-2022 18:25:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:11 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame AD2D 0
91 B 23ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Tue, 08 Feb 2022 18:25:12 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C035 281 B
554 B 22ms
21ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Feb 2022 18:25:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 2B7A 658 B
837 B 54ms
53ms Document
text/html 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a177b8189933ca67fd9a53b0506e025054c7a4c825763a5253249b64f8856f7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H/1.1 200
OK tag Show response
tag.rutarget.ru/ Frame 287D 324 B
686 B 277ms
156ms Document
text/html 80.64.106.148
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr3.rutarget.ru
Software: nginx /
Resource Hash: 103077b8107426fdd5b83204ecf45d01d8d7b2ec6212b6228c664fab58792e92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

Server: nginx
Date: Tue, 08 Feb 2022 18:25:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Timing-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FF13 52 KB
17 KB 62ms
9ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 06 Feb 2022 02:33:27 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 08 Feb 2022 18:25:12 GMT
Age: 57100
X-Served-By: cache-lga21969-LGA, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 909476
X-Timer: S1644344712.230236,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C035 32 KB
10 KB 26ms
26ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f63298023c2247fe7a320ada18b880581c2d5d5d3a868f7ee907ec9593755871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44656
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9705
Expires: Wed, 09 Feb 2022 06:49:28 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 2B7A
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4778b7da-1824-41ce-b267-1c16c0915dc...
https://x.bidswitch.net/sync?dsp_id=80&user_id=ef316202-b585-4501-ac0e-10182752d94a&expires=30&ssp=between&bsw_param=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0

68 B
607 B

55ms
55ms

Image
image/png

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0
Date: Tue, 08 Feb 2022 18:25:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 btw
px.adhigh.net/p/cm/ Frame 2B7A 0
78 B 216ms
87ms Image
text/plain 194.190.76.38
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/btw
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.190.76.38 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp10.sender.ltmse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:12 GMT
x-kick-from-dns: true
server: nginx
content-type: text/plain

GET
H2

200

match
ads.betweendigital.com/ Frame 2B7A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d2907f02dc475dadcb13b123

68 B
607 B

57ms
56ms

Image
image/png

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d2907f02dc475dadcb13b123
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=d2907f02dc475dadcb13b123
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 2B7A
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=568d0ffb-877f-5127-b031-f588d233400c
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiI64qQBlIFvp7KygpiJDU2OGQwZmZiLTg3N2YtNTEyNy1iMDMxLWY1ODhkMjMzNDAwYw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiI64qQBlIFvp7KygpiJDU2OGQwZmZiLTg3N2YtNTEyNy1iMDMxLWY1ODhkMjMzNDAwY6IBEHQzaJSJDBHshuAAJZDAZHw*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiI64qQBmIkNTY4ZDBmZmItODc3Zi01MTI3LWIwMzEtZjU4OGQyMzM0MDBjogEQdDNolIkMEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiI64qQBmIkNTY4ZDBmZmItODc3Zi01MTI3LWIwMzEtZjU4OGQyMzM0MDBjogEQdDNolIkMEeyG4AAlkMBkfA**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=74336894-890c-11ec-86e0-002590c0647c

68 B
607 B

52ms
52ms

Image
image/png

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=74336894-890c-11ec-86e0-002590c0647c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=74336894-890c-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame C26F 4 KB
1 KB 135ms
9ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=568d0ffb-877f-5127-b031-f588d233400c&CACHEBUSTER=318211
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Tue, 08 Feb 2022 18:25:12 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FF13 0
733 B 14ms
13ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:12 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5bebf19d-f4ac-4740-875d-b8d798d56037
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame C26F
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=4778b7da-1824-41ce-b267-1c16c0915dc0
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=4778b7da-1824-41ce-b267-1c16c0915dc0
https://x.bidswitch.net/sync?dsp_id=4&user_id=ef64e5e5-8661-4acc-b3fa-1aa08cd530b4&ssp=between&expires=30&user_group=5&bsw_param=4778b7da-1824-41ce-b267-1c16c0915dc0
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0

68 B
607 B

54ms
53ms

Image
image/png

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0
Protocol: H2
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=4778b7da-1824-41ce-b267-1c16c0915dc0
Date: Tue, 08 Feb 2022 18:25:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tag Show response
tag.rutarget.ru/ Frame 1D85 794 B
2 KB 157ms
157ms Document
text/html 80.64.106.148
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr3.rutarget.ru
Software: nginx /
Resource Hash: 3bb06788d30841c3a905f50a4c2d5d466e88cc8dc322c07a259fc533b6b3f35b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true

Response headers

Server: nginx
Date: Tue, 08 Feb 2022 18:25:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Timing-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame C26F
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=74336894-890c-11ec-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=74336894-890c-11ec-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=Tg8x%2BLpNdnChLsCx6bC8iA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata&google_gid=CAESEKl3ci-_XCRcqjlXVS5OOZg&google_cver=1

43 B
516 B

50ms
11ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata&google_gid=CAESEKl3ci-_XCRcqjlXVS5OOZg&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=Tg8x+LpNdnChLsCx6bC8iA&extra2=aidata&google_gid=CAESEKl3ci-_XCRcqjlXVS5OOZg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
google-sync.rutarget.ru/ Frame 1D85
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=UExCelJWZXhyT0lx&google_ula=2046794&google_cm=
https://google-sync.rutarget.ru/sync?google_gid=CAESEMFkSakjMtHroKxGtfGeJ2o&google_cver=1&google_ula=2046794,2

35 B
398 B

291ms
157ms

Image
image/gif

80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google-sync.rutarget.ru/sync?google_gid=CAESEMFkSakjMtHroKxGtfGeJ2o&google_cver=1&google_ula=2046794,2
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:13 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://google-sync.rutarget.ru/sync?google_gid=CAESEMFkSakjMtHroKxGtfGeJ2o&google_cver=1&google_ula=2046794,2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PLBzRVexrOIq
an.yandex.ru/mapuid/rutargetis/ Frame 1D85 43 B
387 B 129ms
61ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/PLBzRVexrOIq

Requested by

Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:12 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 18:25:12 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Feb 2022 18:25:12 GMT

GET
H/1.1 204
No Content sg
tech.rtb.mts.ru/ Frame 1D85 0
653 B 139ms
44ms Image
text/html 213.87.44.187
MTSNET Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tech.rtb.mts.ru/sg?segmento_id=PLBzRVexrOIq
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.87.44.187 Moscow, Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS: infrastructure-187-44.mts.ru
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.13.12
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 1D85 43 B
452 B 49ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=34&id=PLBzRVexrOIq
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Last-Modified: Tue, 08 Feb 2022 18:25:12 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 09 Feb 2022 00:25:12 GMT

GET
H2 200 match
ads.betweendigital.com/ Frame 1D85 68 B
607 B 80ms
78ms Image
image/png 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=12&external_user_id=PLBzRVexrOIq
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

POST
H2 200 37512210 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 37ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/37512210?wmode=0&wv-part=2&wv-hit=212069101&page-url=https%3A%2F%2Fclubtk.ru%2F&rn=342055137&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1644344713%3Aw%3A1600x1200%3Av%3A751%3Az%3A0%3Ai%3A20220208182512%3Au%3A164434470857487272%3Avf%3A7oivoctnsftpvxmegov%3Awe%3A1%3Ast%3A1644344713&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:12 GMT
last-modified: Tue, 08-Feb-2022 18:25:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:12 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1D9C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

9ms
8ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=568d0ffb-877f-5127-b031-f588d233400c&CACHEBUSTER=318211
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Feb 2022 18:25:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date: Tue, 08 Feb 2022 18:25:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1D9C 32 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f63298023c2247fe7a320ada18b880581c2d5d5d3a868f7ee907ec9593755871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 18:25:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44656
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9705
Expires: Wed, 09 Feb 2022 06:49:28 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1D9C 0
239 B 91ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=KZEGDTKN-V-IKWG
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

200

318211
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame C26F
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211

43 B
297 B

60ms
59ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/318211
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzB+c2xvdF9pbXBfdndibH5zbG90X2ltcF92d2JsX2xsdl8wJnVybD1+Y2x1YnRrLnJ1JnZjbnQ9NCZfZj1fX2x4R19fLnRtcC5sb2dzdF... 38 B
193 B 49ms
43ms Script
application/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD1+Njg1MTk3JnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzB+c2xvdF9pbXBfdndibH5zbG90X2ltcF92d2JsX2xsdl8wJnVybD1+Y2x1YnRrLnJ1JnZjbnQ9NCZfZj1fX2x4R19fLnRtcC5sb2dzdF9remY5ajUzZXZrMmprMzRh/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/217029/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 20430d6c47af80874e3b62f251ddbd6d20bcd4c944d0c69ec56c5326318a3ca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clubtk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 18:25:13 GMT
cache-control: no-cache
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FF13 0
733 B 56ms
56ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:13 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bf03cb34-c5fd-48e5-acda-7ce8827dcb15
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame C26F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=568d0ffb-877f-5127-b031-f588d233400c&expires=60
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=4778b7da-1824-41ce-b267-1c16c0915dc0&name=BIDSWITCH

49 B
235 B

67ms
22ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=4778b7da-1824-41ce-b267-1c16c0915dc0&name=BIDSWITCH

Protocol

Server

185.255.84.152 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

Redirect headers

Location: //visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=4778b7da-1824-41ce-b267-1c16c0915dc0&name=BIDSWITCH
Date: Tue, 08 Feb 2022 18:25:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C0C7 3 KB
2 KB 35ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=568d0ffb-877f-5127-b031-f588d233400c&CACHEBUSTER=318211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

b6b0f2d170e035f2ede36dbb1321b609a616a8bedfa60877102251cbf6f0087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1354
strict-transport-security: max-age=15552000

GET
H2

200

ef316202-b585-4501-ac0e-10182752d94a
onetag-sys.com/sync/i,1/ Frame C0C7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/ef316202-b585-4501-ac0e-10182752d94a

0
290 B

8ms
8ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/ef316202-b585-4501-ac0e-10182752d94a

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 08 Feb 2022 18:25:13 GMT
Server: MT3 4133 baa842e master zrh-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/ef316202-b585-4501-ac0e-10182752d94a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Feb 2022 18:25:12 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C0C7 0
239 B 8ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

200

652836362703642446
onetag-sys.com/sync/i,34/ Frame C0C7
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE
https://onetag-sys.com/sync/i,34/652836362703642446

0
290 B

8ms
8ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/652836362703642446

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/652836362703642446
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame C0C7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2492744472092448022

0
291 B

8ms
8ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2492744472092448022

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 18:25:13 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 685b9f1b-a063-4c68-b8b3-045185c13353
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2492744472092448022
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C0C7 0
239 B 12ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame C0C7
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

10ms
9ms

Image
text/plain

3.64.208.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

3.64.208.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-208-15.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:13 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Tue, 08 Feb 2022 18:25:13 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C0C7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABftqVIQXhCzikAiN-IqIzUmY-hpFJFvYlNA

170 B
188 B

30ms
30ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABftqVIQXhCzikAiN-IqIzUmY-hpFJFvYlNA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABftqVIQXhCzikAiN-IqIzUmY-hpFJFvYlNA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame C0C7 0
75 B 53ms
16ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:25:13 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame C0C7 0
0 18ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame C0C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENzPdl0qrrTrzpl4Ko-Dodc&google_cver=1

0
291 B

8ms
7ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESENzPdl0qrrTrzpl4Ko-Dodc&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESENzPdl0qrrTrzpl4Ko-Dodc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame C0C7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://onetag-sys.com/match/?int_id=92&uid=y-.z_iDTlE2uEIr.vJi6QEfAy2Ckbdi6JDZhmBONE-~A

0
291 B

8ms
8ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-.z_iDTlE2uEIr.vJi6QEfAy2Ckbdi6JDZhmBONE-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-.z_iDTlE2uEIr.vJi6QEfAy2Ckbdi6JDZhmBONE-~A
date: Tue, 08 Feb 2022 18:25:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame C0C7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=36800df7-5edd-46e9-a516-bfed3605c79f&ttl=1646936713

43 B
370 B

8ms
8ms

Image
image/gif

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=36800df7-5edd-46e9-a516-bfed3605c79f&ttl=1646936713

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=36800df7-5edd-46e9-a516-bfed3605c79f&ttl=1646936713
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame C0C7
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433822579207305&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent=&us_privacy=

0
291 B

8ms
7ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=4778b7da-1824-41ce-b267-1c16c0915dc0&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 08 Feb 2022 18:25:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 match
ads.betweendigital.com/ Frame C0C7 68 B
607 B 49ms
48ms Image
image/png 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=129&external_user_id=h5nvm0_2jmGrcog6T21j86y9k2iVJNoMk79POgfEhuE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

GET
H2

200

568d0ffb-877f-5127-b031-f588d233400c
an.yandex.ru/mapuid/betweendigitalis/ Frame C26F
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F568d0ffb-877f-5127-b031-f588d233400c
https://an.yandex.ru/mapuid/betweendigitalis/568d0ffb-877f-5127-b031-f588d233400c

43 B
152 B

60ms
59ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/568d0ffb-877f-5127-b031-f588d233400c

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 18:25:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Feb 2022 18:25:13 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/568d0ffb-877f-5127-b031-f588d233400c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame C26F 0
410 B 99ms
31ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=568d0ffb-877f-5127-b031-f588d233400c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:13 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 37512210 Show response
mc.yandex.ru/webvisor/ 43 B
160 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/37512210?wmode=0&wv-part=3&wv-hit=212069101&page-url=https%3A%2F%2Fclubtk.ru%2F&rn=1013389242&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1644344715%3Aw%3A1600x1200%3Av%3A751%3Az%3A0%3Ai%3A20220208182514%3Au%3A164434470857487272%3Avf%3A7oivoctnsftpvxmegov%3Awe%3A1%3Ast%3A1644344715&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clubtk.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 18:25:14 GMT
last-modified: Tue, 08-Feb-2022 18:25:14 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://clubtk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 08-Feb-2022 18:25:14 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clubtk.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: mu3orfsp8s2inij1kheck2d4a0
.clubtk.ru/	1970-01-20 18:16:56	Name: _ga Value: GA1.2.572091537.1644344708
.clubtk.ru/	1970-01-20 00:47:11	Name: _gid Value: GA1.2.197868988.1644344708
.clubtk.ru/	1970-01-20 00:45:44	Name: _gat Value: 1
.clubtk.ru/	1970-01-20 00:45:44	Name: _gat_tilda Value: 1
.clubtk.ru/	1970-01-20 09:31:20	Name: _ym_uid Value: 164434470857487272
.clubtk.ru/	1970-01-20 09:31:20	Name: _ym_d Value: 1644344708
.yandex.ru/	1970-01-20 09:31:20	Name: ymex Value: 1675880708.yrts.1644344708#1675880708.yrtsi.1644344708
.yandex.ru/	1970-01-20 09:31:20	Name: yandexuid Value: 8720423481644344708
.yandex.ru/	1970-01-20 09:31:20	Name: yuidss Value: 8720423481644344708
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2094095441644344708
.yandex.ru/	1970-01-23 16:21:44	Name: i Value: V54vhLG7zN2/SlvRp4ZvS68yWjyM/LxMsIrLKwhXmQ3iOjam7zc9la9mOzJnXFtJcwnQYHdF7qzNs0RSNh3zhJ//M88=
.clubtk.ru/	1970-01-20 00:46:56	Name: _ym_isad Value: 2
.clubtk.ru/	1970-01-20 00:45:46	Name: _ym_visorc Value: w
.exchange.buzzoola.com/	1970-01-20 01:28:56	Name: uuid Value: 1d2a7f90-08a4-4fd1-42e1-a456348d96fb
.clubtk.ru/	1970-01-20 02:55:20	Name: _fbp Value: fb.1.1644344708492.828432591
.mc.webvisor.org/	1970-01-20 00:45:45	Name: sync_cookie_csrf Value: 167929408fake
.clubtk.ru/	1970-01-20 08:45:15	Name: tmr_lvid Value: 2f3975396592b0369a3400d1ed95f44c
.clubtk.ru/	1970-01-20 08:45:15	Name: tmr_lvidTS Value: 1644344708678
.mc.yandex.ru/	1970-01-20 00:45:45	Name: sync_cookie_csrf Value: 1570582214fake
.webvisor.org/	1970-01-27 07:57:44	Name: yandexuid Value: 8720423481644344708
.webvisor.org/	1970-01-27 07:57:44	Name: yuidss Value: 8720423481644344708
.mc.webvisor.org/	1970-01-20 00:47:11	Name: sync_cookie_ok Value: synced
.betweendigital.com/	1970-01-20 09:31:20	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:31:20	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:31:20	Name: unm Value: 1
.admixer.net/	1970-01-20 02:55:20	Name: am-uid Value: b86d3947547d42f9abfbbf7c04acb936
.clubtk.ru/	1970-01-20 08:45:15	Name: tmr_reqNum Value: 5
.mail.ru/	1970-01-20 09:32:47	Name: VID Value: 39XeNz3pvVI800000a18H4Y8:::0-0-0-71d0e44:CAASENL6jtiIyEer3IQrhm1-OEMaYPg30QYAsw1Q_lkDbUP9i9JPUPUv7NMpgNa5OJfzvDKgvI4kw1GQJncnsvKiOK9w-Zi9NpmfsdoktbAY7bVfzA5sNEfLRUZ4ye4DTT7CdjNixlKLOptKkOe5RYULlTIStg
.rubiconproject.com/	1970-01-20 09:31:20	Name: khaos Value: KZEGDTKN-V-IKWG
.rubiconproject.com/	1970-01-20 09:31:20	Name: audit Value: 1\|hLZGFuTafB1gp8/9Q1gGN3jc0/aJelRdbjRFtGIHH0t2wHsFnqwQFJaP3iyNi6AkNeGhPTFbk9rgcRgjl6EitWyBSX9e573R3OlDu/ORdD8=
.betweendigital.com/	1970-01-20 09:31:20	Name: tuuid Value: 568d0ffb-877f-5127-b031-f588d233400c
.otm-r.com/	1970-01-20 09:31:20	Name: mpid Value: NjIwMmI1ODQwNGYxMzdhMA==
prebid.a-mo.net/	1970-01-20 09:31:20	Name: __amc Value: 1_1644344709_1644344709
.rutarget.ru/	1970-01-20 05:04:56	Name: userId Value: PLBzRVexrOIq
.doubleclick.net/	1970-01-20 10:07:20	Name: IDE Value: AHWqTUmGPYXGPWDmK5f2MDuBje10wveDDkl8B3obptZSK_amjwQFPZGd6_hu35VTxDc
.adnxs.com/	1970-01-20 02:55:20	Name: uuid2 Value: 2492744472092448022
.casalemedia.com/	1970-01-20 09:31:20	Name: CMID Value: YgK1hfHJ5uNcbSuGKpUpigAA
.casalemedia.com/	1970-01-20 02:55:20	Name: CMPS Value: 3240
.doubleclick.net/	1970-01-20 00:45:45	Name: test_cookie Value: CheckForPermission
.clubtk.ru/	1970-01-20 10:07:20	Name: __gads Value: ID=824a68800b9d2ef8-22fccffc38cd00ca:T=1644344709:S=ALNI_MaZulNgesYK06NPgsFiTek9ag0opw
.casalemedia.com/	1970-01-20 02:55:20	Name: CMPRO Value: 1138
.casalemedia.com/	1970-01-20 00:47:11	Name: CMST Value: YgK1hWICtYUA
.adnxs.com/	1970-01-20 02:55:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQH@d3H!@wnfH8K6pQK`!5=E<*L5?%L^cvH$<5._AVi8'L?4^7ND<R8Ka9H7!tk-!z@P(hw9P-HC_#tsiN)[H)7
.mathtag.com/	1970-01-20 09:31:20	Name: uuid Value: ef316202-b585-4501-ac0e-10182752d94a
.casalemedia.com/	1970-01-20 09:31:20	Name: CMRUM3 Value: 2d6202b5852760CAESELGi-uiVOR-uoQQtkUqKl5g
.ad-srv.net/	1970-01-20 02:55:20	Name: u8x7eovwf3h6_uid Value: 9f6c87450e18a3fd
.criteo.com/	1970-01-20 10:07:20	Name: uid Value: 915dfd6b-9165-49b2-bd3b-cf4e801dd5a9
.ad-srv.net/	1970-01-20 02:55:20	Name: v0rur7gqspb3_uid Value: 4f978e1898d6cba8
.mathtag.com/	1970-01-20 01:28:56	Name: mt_mop Value: 9:1644344709
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379079:2519518
.awin1.com/	1970-01-20 00:55:49	Name: awpv14098 Value: 559379\|1644344710\|730716a0-890c-11ec-afda-2235ec938b8e
.yahoo.com/	1970-01-20 09:31:42	Name: A3 Value: d=AQABBIa1AmICEC4KQzjHSf_ya9d9eBoM3lcFEgEBAQEHBGIMYgAAAAAA_eMAAA&S=AQAAApMnuARwJA1bF3U3-Ktxf4k
.clubtk.ru/	1970-01-20 10:07:20	Name: cto_bundle Value: XOPJt19jZzdTUzBjbFpTWTNXVU1WSENuM1NYSEVDUVN1TVAwWGI3djVFYXY3VWFsc1BuYXQzcFVZQnBnYkhmSnlDTDNlakI1ZkQwbnUlMkJrVDNibzElMkJPeVlQbVBGUUlvNHVsVlVRb3lXVHFSQWV2UldJdTdvTzA1ZDNlSVM5WXFFVlc0RU9oNGZFVDBUaTNjWjlsZVRNRGc3UWtRJTNEJTNE
clubtk.ru/	1970-01-20 00:47:11	Name: tmr_detect Value: 0%7C1644344711170
.bidswitch.net/	1970-01-20 09:31:20	Name: tuuid Value: 4778b7da-1824-41ce-b267-1c16c0915dc0
.bidswitch.net/	1970-01-20 09:31:20	Name: c Value: 1644344712
.bidswitch.net/	1970-01-20 09:31:20	Name: tuuid_lu Value: 1644344712
.lijit.com/	1970-01-20 09:31:20	Name: ljt_reader Value: d2907f02dc475dadcb13b123
.adsniper.ru/	1970-01-27 07:57:44	Name: uuid3 Value: IiQ3NDMzNjg5NC04OTBjLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 07:57:44	Name: suuid3 Value: IiQ3NDMzNjg5NC04OTBjLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.creative-serving.com/	1970-01-20 10:07:20	Name: tuuid Value: ef64e5e5-8661-4acc-b3fa-1aa08cd530b4
.creative-serving.com/	1970-01-20 10:07:20	Name: c Value: 1644344712
.creative-serving.com/	1970-01-20 10:07:20	Name: tuuid_lu Value: 1644344712
.rutarget.ru/	1970-01-20 01:05:54	Name: sync_c822c1b63853ed273b89687ac505f9fa Value: PLBzRVexrOIq\|1644344712579
.rutarget.ru/	1970-01-20 01:05:54	Name: sync_ec8bf516fafa51927e71233e18e82503 Value: PLBzRVexrOIq\|1644344712579
.rutarget.ru/	1970-01-20 01:05:54	Name: sync_d7a14e30636d52e10b35d10c02578019 Value: PLBzRVexrOIq\|1644344712579
.rutarget.ru/	1970-01-20 01:05:54	Name: sync_71c015090a068e09460994346a52bdbb Value: PLBzRVexrOIq\|1644344712579
.rutarget.ru/	1970-01-20 01:05:54	Name: sync_ed520c87f21ee38ff11b31d0089e3dc0 Value: PLBzRVexrOIq\|1644344712579
.aidata.io/	1970-01-20 18:16:56	Name: __upin Value: Tg8x+LpNdnChLsCx6bC8iA
.aidata.io/	1970-01-20 18:16:56	Name: __upints Value: 1644344712
.mts.ru/	1970-01-23 15:09:44	Name: mts_id Value: 87571ce8-5db7-4e3d-b522-ef8f57f08c96
.mts.ru/	1970-01-23 15:09:44	Name: mts_id_last_sync Value: 1644344712
.sniperlog.ru/	1970-01-20 13:43:20	Name: guid Value: 2AC179872D2054A8
.tns-counter.ru/	1970-01-20 09:31:20	Name: guid Value: 9FA169056202B589X1644344713
.adsrvr.org/	1970-01-20 09:31:20	Name: TDID Value: 36800df7-5edd-46e9-a516-bfed3605c79f
.advertising.com/	1970-01-20 09:32:47	Name: APID Value: UP74df80f3-890c-11ec-b469-029e75bfe2b8
.analytics.yahoo.com/	1970-01-20 09:32:47	Name: IDSYNC Value: 194o~234i
.adform.net/	1970-01-20 01:26:03	Name: C Value: 1
.adsrvr.org/	1970-01-20 09:31:20	Name: TDCPM Value: CAEYBSABKAIyCwja7p7C4s61OhAFOAE.
.rfihub.com/	1970-01-20 10:07:20	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjI1tzQyMDc2MBXiM9TNtIx0NdRNLsvw93OT4jU0MzExNjExNzQ2NTEAAFVYC6o0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjI1tzQyMDc2MBXiM9TNtIx0NdRNLsvw93MDAI5rZeUlAAAA
.rfihub.com/	1970-01-20 10:07:20	Name: eud Value: H4sIAAAAAAAAAFvFwmtoZmJibGJibmhsamIAAMf6-CQQAAAA
.adform.net/	1970-01-20 02:12:08	Name: uid Value: 652836362703642446
.onetag-sys.com/	1970-01-20 18:16:56	Name: OTP Value: 85Q7pdFrZKVAlJ_sE2xUAteDhkFa16tbY__w1BPZE3U
.betweendigital.com/	1970-01-20 09:31:20	Name: ut Value: YgK1iQAJoNi_WfdoVgP74nQlsH7MbQr0w0LRvA==
.adx.opera.com/	1970-01-20 01:28:56	Name: UID Value: 2cce41ae01874254a93938e3074d475b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://clubtk.ru/asset/_src/ip/tinkoff/fonts/HelveticaNeueCyr-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://clubtk.ru/asset/_src/ip/tinkoff/fonts/HelveticaNeueCyr-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5a80536e49b3e2c3d224f0efc42e6299.safeframe.googlesyndication.com
acdn.adnxs.com
ad.ad-srv.net
ad.mail.ru
ad24.ad-srv.net
adlmerge.com
ads.betweendigital.com
ads.creative-serving.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
alz-d.openx.net
an.yandex.ru
ap.lijit.com
beacon-fra2.rubiconproject.com
bidder.criteo.com
cache.betweendigital.com
cdn.contentspread.net
cdn.jsdelivr.net
clickiocdn.com
clubtk.ru
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dmp.adform.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
exchange.buzzoola.com
fastlane.rubiconproject.com
fonts.gstatic.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
inv-nets.admixer.net
luxupcdnc.com
match.adsrvr.org
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.ru
media.kaspersky.com
mug.criteo.com
newrrb.bid
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-bidder.rutarget.ru
prebid-eu.creativecdn.com
prebid.a-mo.net
px.adhigh.net
s.clickiocdn.com
s.luxupcdnc.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssp.otm-r.com
static.criteo.net
sync-tm.everesttech.net
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tag.rutarget.ru
tags.mathtag.com
tech.rtb.mts.ru
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
104.111.239.217
109.248.237.37
109.248.237.51
116.202.236.171
116.202.85.93
138.201.84.252
142.250.184.226
142.250.186.34
146.0.227.110
147.75.38.124
15.197.193.217
151.101.193.108
151.101.194.49
151.236.71.19
154.47.36.88
178.250.0.157
178.250.2.131
18.157.193.122
185.184.8.65
185.255.84.152
185.29.132.241
185.29.134.249
185.33.221.87
185.85.15.31
185.86.137.108
193.0.160.128
194.190.76.38
2.18.233.201
2.18.234.21
2.19.35.65
2001:6d0:4001::226
213.87.44.187
216.52.2.48
216.58.212.162
217.69.133.145
23.37.42.132
2602:803:c004:200::143
2602:803:c004:200::153
2606:4700:3031::6815:22c2
2606:4700:3034::ac43:d66a
2606:4700::6810:5714
2a00:1148:db00::17
2a00:1288:80:800::7001
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:f7::5c7b:e051
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:d29:3602:4df7:c950:c1aa:eb0e
3.120.83.159
3.126.56.137
3.64.208.15
31.172.81.160
34.98.64.218
35.244.174.68
37.157.6.241
51.89.9.252
69.173.144.138
69.173.144.139
80.64.106.148
80.64.106.150
80.64.106.153
82.145.213.8
88.212.252.22
88.99.65.215
89.108.120.68
95.211.66.34
95.211.66.35
0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0da2a536df41d0b4391251fb529172a0b80e5a91dfeb4f9dac82f527814381b9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
103077b8107426fdd5b83204ecf45d01d8d7b2ec6212b6228c664fab58792e92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11af8efe38f23019be40d67ecf68dc13846e9ec90a3c9ac19efd8fd7e9b1fb28
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1728eb77f19be16ec09762256e3c1e603af82ce6b6f80c80c8740e3ef87dda3b
1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
201d44608008afec1bd94c726d1e4b03125dd1314a3cbf0aa68377fe03930948
20430d6c47af80874e3b62f251ddbd6d20bcd4c944d0c69ec56c5326318a3ca3
20f775a7967786392f3627dbc255ba2e57fd96194e6836a4b7adef370b2ad7f0
21653c7956fc1de9192dc89fcf239ccd3065b3782e10342398e66bde1d6a7b40
230ce1c177b968d58ab3b0aaa8b68e0650397036c7d4ce39954fcee187ec1a78
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
280df42702ec950d12b698c40b45c507fc362089f53eb8376d3152dc1d5898dd
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31dc46a0ea82a724497327cffbec0e225cdf696443ee8ba53b6300d2efba5702
33b18e1e35b9bb30657385ed2b56732f2ca71f1da29af26da24207a8864486fe
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3784d9ef8be9443daebcbfd5e292b4760b4fadd6620f1364fc15acef35aab73f
3969119df1be46fcba3f684afa154825f82e2a98c9add1cf850f8f5a9be9b518
3a6ed55c9742395264cc45004e467a7c0dbac007b7436561f855747abe25b237
3bb06788d30841c3a905f50a4c2d5d466e88cc8dc322c07a259fc533b6b3f35b
3c927cda8b9e349d6ce8fde18756926485248ddfb99e097438289d44d15b196f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e2951ac8f0bfe46b05bb5763333ef5deaffd1d9cef7b6f5c410688c6781e350
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b3b88060a7612442db3f1f3a225d064dc9783753afe8e336daf16f15792fb7
436e56c5ac0202deba850646ad67e923f9af10888234766e89f00880489accf3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fb3707bc38ec1e94d8121f573d35598f498e973b74bb404feb52eed1dca322
4938e9f6d9110c8071ccfcce8d2cc55964f0e178fe415f9d6637c5b9bd20e567
49b465b279760df3bdd9793bb87112114c113cef7af5aa91cddf0686779f4ff1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8d93c688351291387d93010a1233030b7375ab22b07824f51277aa303e6ee5
4c8406e5b18a2648d1fe474b7238b2b26fbb69c4ef3100916d4de3a7b6cf3c23
4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fe7486c8b875ef7b061a423d4c616822ab2175f6c2e5b6a7b674db98a0fa691
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51e0a81611dbd97453aa513f8bca64a259a09f9fef2e0e5a52e9ebd1c8680835
53c7858253e18f868366e2c2ef98f5cb941e920626ecab52588a5d33f12dc068
546e69a89ae5da922402ac26d3a4a428d37c378f848577d5bc39b09270502d28
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b127650c9dc78b2499a880e60ef12f01885334a15c0d67f2e00ba9a3f13e1f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648c2b6b4a2b1fa4bfac1a285e322794fc438557b6c7370badff4bedb37ce80e
667ba10ada0d166de676f1966d29d701b5060b5e51bf659639382e4b3f6bb993
68935f9901e7d3657cf5ae1e4767f363ce5efcb91c5e4223b8a05c4424e61f1a
693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d
7471ff8cdba5f40fa9613a15200afc75f8a92c1a1ee1d427ee8e9ba3ae4a7168
7586f7ab804b8e4adb6eb507e45449323b757dcd51717ff27ffdf24efcba9f83
779248262daaa5e5089d1a492f0dcfa889c9f5ee6432c891e45c509f51e8179f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82d1c6ef57c714d658ae3d740e0313a0f957357895567b77d2623e6fa1abbd49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
850b9430a248bbefc7affe93336158e1dd4b6c7c206595952efd09216b7d47cf
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86b3c1d90ceeabf22a57bf6a6b2acf0fa5003942f1745fbf84f7a51bf86725d9
871ad2791ccea800ce4a58f0bd150b98b6aeeb1020c405db58e91d8198e19b84
87672f11c81113f1c7a429fddfe2fd1d1ade61da71e70574dc446ae09ca654c8
885b73797fbd4465bf5bc67d977aaf8c91af45bcf77ec8cbcc8c37f56fbd6f87
88731e3d04505a62e81776a727936a94e554b15dc10a8ff69733c4adb821fc96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fa2bd97f68c6cb9da0c5a212fcc0247d8a4f5757b276595ea1a3cce552937b3
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa
9bc6d68e05d2566edbff83588163e9dd1b21d8b048d98271bf11ca5234a39988
9bf453e8c4e528c6b029a474697ed1a971c18c57aac76b77025b10b9baae96b3
9c03062ad374cdb8ca61fd233149376328ea9d5d679f5897ed45188134166c01
9ddfbe11f183170816bb78fc786f134cf77fc27758fd1899c384ea3198ffa6e5
9e7e0770ee26ec372a696e60a1af8cd8f2bccfd7ad058f46d8cb23bda184da35
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a177b8189933ca67fd9a53b0506e025054c7a4c825763a5253249b64f8856f7d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5575f951eff80612d43a449ff223040bf3e0aafa3978ecfde8bc744199d4a89
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ea76154ac139f43a9965a0fa8851715dd2ecb834f74c4b0395c99b368b6fe
b2ca6ebe1d10aeb3383716f6ea2baff44e87cb7caacce3071f0049dcf7cc2764
b6b0f2d170e035f2ede36dbb1321b609a616a8bedfa60877102251cbf6f0087f
b86dbdb075ccfb70fa9e67fabbf7ca5171a9aa5edd4afed7525dbb2fb0d108c8
bcf27f275181b4c4a2addf9b5e5a0f29d196a59a3d50cdfa91c64667e4ec92fc
bed0030282d1c136850c25c421a2f06705b8f61140d84d9d35a47004fef4ac9b
c2e319817ee044ccf539f6e7e5ead2c0eec1a17b9deb35f9c0878638f8b591ef
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d066642973cfd3fb512e9a8d4d5f66e4aeef9b7c57e444abd0519f990be895bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2598564087a17cdf8a86029a54a3117202cda9058d33108ea98d84fbda3ceb7
d5ce4e45e190285912fb654c7a5bba594e3559b5c50b43298a4e6784d4e80734
d65b56681a9507cb73275cb51d3dc9be1bf82644282f07d8a1da1699b5ae2638
d953b6056c1a91f47af210182f497c4820c053af484aa4c393b89c7032123a09
d9b1a8482e3fc2b88c194ca315b565be318cbfd91430767caa0e6d026453baf3
db0cd58f6aa2f49130ec269a3a7063efb1f88f7ee033d44aa8c023c51e7cd4e5
dcb253b1a2ad563f95f955e58b510c4db563898f97f9f4b97394c3fb0712305d
dda3cf062e7c8b44b9b3496bf9b154fc0f5dd8050d36502bbed7370e46f50007
ddc5eb9db448ea07eb5ad9e6a0f52c6bb3cedc7f73444fe513a5c6125fb3d864
ddec94c56881fbb4b535dab2bc3b68aa9925144c64fdbee65c14a5d85190a2a8
e0e0856b63e5d55e43f11379dc4b68ce9f53d69656f7acb2195a9c0aa0630e34
e190709cbfb1fcaa70c65984687a19dc3dd6deccc92184e78ca09f47966fc225
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424d01a06d493c4849aa260ebb24b85414ff9f294ddd8853b1961a338f104d4
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4f39bd4612a53530524a8ffeb5aea002e599904546a257be7a38fb407300f19
e7b29256b6298af6198217f3a09f724fcdcb6216cc25a355052c663647bd8fed
e9161d0351147df80eb95c13bf607df0d7fce53d4ee4688e4e84322721c529d1
e9ccae21c9c786ab22e6d80ec4e8d777851bb2d2c10ddbcbd2ad4889acea5408
eaba650ae333c365907d7c87c3e08430f81c24ea4dd7a2718ae36762daca38e0
ed3d313793a337db14530a06cd3b3b3ddfb5019bf325ade31f997764aef9e91b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f63298023c2247fe7a320ada18b880581c2d5d5d3a868f7ee907ec9593755871
fb87c8e0905fae9f6853ab31adf82aefa8e1764280368a03dcbaaa23c6663552
fe275ee079f4b8c2c4a61a55ba67b3bb66f9a6f0487f88c91f927eb6f195eb37

clubtk.ru Open in urlscan Pro 2606:4700:3034::ac43:d66a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

224 Requests

83 %HTTPS

36 %IPv6

61 Domains

91 Subdomains

74 IPs

11 Countries

2201 kBTransfer

5930 kBSize

87 Cookies

4 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clubtk.ru Open in urlscan Pro
2606:4700:3034::ac43:d66a Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

83 %
HTTPS

36 %
IPv6

61
Domains

91
Subdomains

74
IPs

11
Countries

2201 kB
Transfer

5930 kB
Size

87
Cookies

224 HTTP transactions
5 data transactions