clck.adskeeper.com Open in urlscan Pro
104.18.5.42  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 1 Show response clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/	11 KB 4 KB	126ms 70ms	Document text/html	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd11fb997160bdafded4cfd4640e2baeac21fdcfe07217fc518da2562977c987 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 7270e0472f215cb0-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 07 Jul 2022 13:20:11 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT server cloudflare vary Accept-Encoding x-robots-tag noindex
GET H2	200	desktop.css cdn.adskeeper.com/css/tranzit/goods/adskeeper/	5 KB 2 KB	43ms 35ms	Stylesheet text/css	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9d2bc178cdc591c388013f6d07ae74c10cd78e1f77b75e2cc32a099dce245f9 Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT content-encoding gzip cf-cache-status HIT age 430 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 3KFCRMTV2TSNM4CD x-amz-id-2 T3x26kcwuVM9MhVyOinc6aSl1QBNJ4IzibHkSomoeoS2/qnY37/WWtK2BF+zn5mrpyVlgAo6STA= last-modified Mon, 28 Mar 2022 15:09:51 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648480181/ctime:1648480181/gid:0/gname:root/md5:21c8f944b62b93b404ddcf3349a4346b/mode:33206/mtime:1648480181/uid:0/uname:root etag W/"21c8f944b62b93b404ddcf3349a4346b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 x-amz-version-id null cf-ray 7270e047bfc95cb0-FRA expires Thu, 07 Jul 2022 17:20:11 GMT
GET H2	200	jquery.min.js Show response cdn.adskeeper.com/js/	89 KB 32 KB	44ms 35ms	Script application/javascript	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adskeeper.com/js/jquery.min.js?t=1657177200 Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT content-encoding gzip cf-cache-status HIT age 1109 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 66Z8BY1G2M858RYN x-amz-id-2 2VXbOu/SqZ1BithLFVFih1kl0cDuL7BU6tmJvxzlBKpg69AG86YGoLz615KnTzoPysImlEszo/Y= last-modified Mon, 04 May 2020 12:18:10 GMT server cloudflare etag W/"a1a8cb16a060f6280a767187fd22e037" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 x-amz-version-id null cf-ray 7270e047bfcb5cb0-FRA expires Thu, 07 Jul 2022 17:20:11 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	910 B 983 B	79ms 30ms	Script text/javascript	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b63c980a8077c38ecb087ba0a7da1e1be6fa5f81add1b584301f5b03a57dc80a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 570 x-xss-protection 1; mode=block expires Thu, 07 Jul 2022 13:20:11 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTQxOTgxLzQ4NDNjO... s-img.adskeeper.com/g/13442605/328x328/-/	33 KB 33 KB	81ms 22ms	Image image/jpeg	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.com/g/13442605/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTQxOTgxLzQ4NDNjOWE5MGYzZjBmMWNiNjQ3M2Y5NGEwM2ViZjY5LmpwZw.jpg?v=1657200011-6durr5MH69FXYely_MuYbFGfTLgFJcEa8kZdIlKTVNQ Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash f406883e0e4b68b20320b9004000f7c5bb30a4ede81e43841e91e69e2163f6cf Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-id fr5-up-gc8 date Thu, 07 Jul 2022 13:20:11 GMT last-modified Wed, 06 Jul 2022 08:41:19 GMT x-mg-request-uuid 495da512-f9e2-413f-b84d-1205a254143c x-cached-since 2022-07-06T09:26:15+00:00 content-type image/jpeg access-control-allow-origin * cache-control immutable, max-age=31536000 cache HIT accept-ranges bytes content-length 33487 server nginx
GET H3	200	img.png cdn.adskeeper.com/images/tranzit/	68 B 648 B	29ms 28ms	Image image/png	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.com/images/tranzit/img.png Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT cf-cache-status HIT age 5244 cf-ray 7270e04889c9995a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 68 x-amz-id-2 snKXwyiULo3i7jLQ3FWd7X3yrbqajPvCgTf4/tQIVFOW8HTIENvWC5zI2v7WxbN7Igp3TmWsQnE= last-modified Thu, 24 Mar 2022 17:14:24 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root etag "91e42db1c66c0b276abf6234dc50b2eb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id ESH2FDF5YYQJTSZ7 cache-control public, max-age=14400 x-amz-version-id null accept-ranges bytes content-type image/png expires Thu, 07 Jul 2022 17:20:11 GMT
GET H2	200	tracking.js Show response cdn.adskeeper.com/transit/	3 KB 1 KB	30ms 29ms	Script application/javascript	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adskeeper.com/transit/tracking.js?t=1657177200 Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 644a816674cb9d071237948dba64a258e1f40adf1f5ff93f488f21e3fdb585be Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT content-encoding gzip cf-cache-status HIT age 1084 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 66Z13HT0RPG0RTSH x-amz-id-2 3C52HULnE9IgrxgTsVR3Dpm4y8IYpkZI2MB1LiwQwnKcwNzpijwTxydzdQd31Eb0inuVneDIPSA= last-modified Mon, 04 May 2020 12:18:45 GMT server cloudflare etag W/"1c5cadbe93778de01d8453e269cb0be3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 x-amz-version-id null cf-ray 7270e047f8245cb0-FRA expires Thu, 07 Jul 2022 17:20:11 GMT
GET H3	200	dojo-other.js Show response clck.adskeeper.com/build/	49 KB 18 KB	77ms 76ms	Script application/javascript	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://clck.adskeeper.com/build/dojo-other.js?t=8c1d97ba568260a7dcc159f9426e8fb2 Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72316c0cdf10a9fd8917e0da913727db7a74fb8df654bee5e21051f64e298469 Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT content-encoding gzip cf-cache-status MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Jun 2022 11:28:50 GMT server cloudflare etag W/"62b44e72-c526" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods POST, OPTIONS content-type application/javascript cache-control no-cache access-control-allow-credentials true cf-ray 7270e04889ca995a-FRA access-control-allow-headers * expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	81ms 31ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,400 Requested by Host: cdn.adskeeper.com URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 07 Jul 2022 11:57:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 07 Jul 2022 13:20:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 07 Jul 2022 13:20:11 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	72ms 22ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://clck.adskeeper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 11:07:47 GMT x-content-type-options nosniff age 267144 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 11:07:47 GMT
GET H2	200	hotjar-2590724.js Show response static.hotjar.com/c/	6 KB 3 KB	76ms 26ms	Script application/javascript	13.225.78.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Requested by Host: clck.adskeeper.com URL: https://clck.adskeeper.com/ghits/13442605/i/57650797/2/pp/1/1?h=CrvlM6UbtIdQa4njURGdFKFzAgI2vykXFQbu11qXGhl7xFjLql5WiAJxkMgkug29q2vSuf_S9Kod9fzykicsbw**&rid=b0b6358c-fdea-11ec-b5a1-2cea7f942996&ts=com.duckduckgo.mobile.android&tt=Organic&att=2&gbpp=1&abd=1&iv=11&ct=6&gdpr=0&muid=m65xjU_qJAql&st=480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-69.fra2.r.cloudfront.net Software / Resource Hash 95bda8598e8f241b0cbd37f6a0803bf49237a673eb529c2a8b2973e9d6f7ec94 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=86400; includeSubDomains content-encoding br x-content-type-options nosniff age 52 x-cache Hit from cloudfront date Thu, 07 Jul 2022 13:19:36 GMT cross-origin-resource-policy cross-origin via 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront) cache-control max-age=60 etag W/3c78ea785183c01379407fd7c55621e0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop FRA2-C2 x-amz-cf-id tRDd5tmYgm55pX5y9ZDVgOSS1K_puV7MCAkdwJ-8Edtt25M6rf2MZw==
GET H3	200	logo.jpg cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/	4 KB 5 KB	31ms 30ms	Image image/jpeg	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/logo.jpg Requested by Host: cdn.adskeeper.com URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49e2fb81691b078adf0c32de390e623f5418af05e5a87428b922ac32a1eb342c Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT cf-cache-status HIT age 1715 cf-ray 7270e04889d0995a-FRA last-modified Mon, 04 May 2020 12:16:32 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4474 x-amz-id-2 3b1gD0sahTWji/SBgOwk3zEEQIRmFNXylKY2UOEZksF0VJPPonoda2CeXGd3JudGVSKV/UGxjm0= cf-bgj h2pri server cloudflare etag "867afcdca9dd5f705f6cc378071f8d37" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 84M05Y6FTKNFM0CK cache-control public, max-age=14400 x-amz-version-id null accept-ranges bytes content-type image/jpeg expires Thu, 07 Jul 2022 17:20:11 GMT
GET H3	200	disclamer.png cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/	76 KB 77 KB	37ms 37ms	Image image/png	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/disclamer.png Requested by Host: cdn.adskeeper.com URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12d7cf5ba17e853451bce8d65932c014d4213b749cc549812559994de13c6f49 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT cf-cache-status HIT age 1715 content-type image/png alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77914 x-amz-id-2 L9o2BdHpmH4FqQt0cXKHQ+8MsbZNQ2eYCyQGhvl4SWfvAC9BmEmdwYFHGQstAekydz2FdauQvPI= last-modified Mon, 04 May 2020 12:16:32 GMT server cloudflare etag "45ddcc0543fdb888bccdb7203e60676e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 84MF5A5Y7BA6RDXM cache-control public, max-age=14400 x-amz-version-id null accept-ranges bytes cf-ray 7270e04889d1995a-FRA expires Thu, 07 Jul 2022 17:20:11 GMT
GET H3	200	bg_arrow.jpg cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/	2 KB 3 KB	38ms 37ms	Image image/jpeg	104.18.5.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/img/bg_arrow.jpg Requested by Host: cdn.adskeeper.com URL: https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.5.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3421e6bf3e6446408f5bb1a825399edd7f9e8eb615fbdabe4bb3dbcbc211ec5 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.adskeeper.com/css/tranzit/goods/adskeeper/desktop.css?t=1657177200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:11 GMT cf-cache-status HIT age 1715 cf-ray 7270e04889d2995a-FRA last-modified Mon, 04 May 2020 12:16:32 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2535 x-amz-id-2 l+/vcMfivmJGvOCGeWpuQf4by6zPC5KuH8KDgLg1kNT9feucEcp+Ig5Y6kQ8OkRd2Gv902ijEU4= cf-bgj h2pri server cloudflare etag "7a0c1287fbcba248930edb1f0a41395f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 84M7ENFJPRWBKQSB cache-control public, max-age=14400 x-amz-version-id null accept-ranges bytes content-type image/jpeg expires Thu, 07 Jul 2022 17:20:11 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	65ms 27ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://clck.adskeeper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:44:49 GMT x-content-type-options nosniff age 102922 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Jul 2023 08:44:49 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/	366 KB 145 KB	69ms 20ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://clck.adskeeper.com/ Origin https://clck.adskeeper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 12:31:14 GMT content-encoding gzip x-content-type-options nosniff age 2937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148046 x-xss-protection 0 last-modified Mon, 13 Jun 2022 04:02:51 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 07 Jul 2023 12:31:14 GMT
GET H2	200	modules.a54d067a9ddd309f47db.js Show response script.hotjar.com/	244 KB 63 KB	71ms 25ms	Script application/javascript	13.224.189.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.a54d067a9ddd309f47db.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-42.fra2.r.cloudfront.net Software / Resource Hash d892570742cc2848e2e50964c844108753c99f210834ae739315a9bd250fdea6 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 12:11:07 GMT content-encoding br x-content-type-options nosniff age 4144 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 64209 access-control-allow-origin * last-modified Thu, 07 Jul 2022 12:11:03 GMT etag "a61fb4dc8bfc4f19d2e325a57155b398" vary Accept-Encoding content-type application/javascript via 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id loMFrcN828Q2b6-v4f9OK1qpsARqZMMPnShQCUw-QaKPiWJFUZ250g==
GET H2	200	box-5e0db0f25ef573fe233efc0372d38d69.html Show response vars.hotjar.com/ Frame ADD4	2 KB 1 KB	96ms 24ms	Document text/html	108.157.4.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-122.dus51.r.cloudfront.net Software / Resource Hash 897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://clck.adskeeper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4144 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 07 Jul 2022 12:11:07 GMT etag "247bae6bc5dfc2c9bd258e7b3935cacc" last-modified Thu, 07 Jul 2022 12:11:03 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront) x-amz-cf-id CXieydZ61UAjMK1l1m7B-ZB2CM2g8j0UJ47-jwexJp0gd04ltc9a5g== x-amz-cf-pop DUS51-P2 x-cache Hit from cloudfront x-robots-tag none
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 17DC	7 KB 1 KB	72ms 29ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&sa=bot&cb=rmgg5qvf6hr8 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 21243a9ca7772e5f6c7204aedf832b26a79d1563ac9f22185ba0c607930a0ab7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fMCuRza-xh8JkkCgV6oZfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://clck.adskeeper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1051 content-security-policy script-src 'report-sample' 'nonce-fMCuRza-xh8JkkCgV6oZfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 07 Jul 2022 13:20:11 GMT expires Thu, 07 Jul 2022 13:20:11 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 17DC	51 KB 24 KB	62ms 20ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&sa=bot&cb=rmgg5qvf6hr8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 12:38:32 GMT content-encoding gzip x-content-type-options nosniff age 2499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 13 Jun 2022 04:02:51 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 07 Jul 2023 12:38:32 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 17DC	366 KB 145 KB	70ms 29ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLmFkc2tlZXBlci5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&sa=bot&cb=rmgg5qvf6hr8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 12:31:14 GMT content-encoding gzip x-content-type-options nosniff age 2937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148046 x-xss-protection 0 last-modified Mon, 13 Jun 2022 04:02:51 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 07 Jul 2023 12:31:14 GMT
GET H2	200	metric c.adskeeper.co.uk/	43 B 430 B	98ms 41ms	Image image/gif	104.18.26.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHBzOi8vY2xjay5hZHNrZWVwZXIuY29tL2doaXRzLzEzNDQyNjA1L2kvNTc2NTA3OTcvMi9wcC8xLzE/aD1DcnZsTTZVYnRJZFFhNG5qVVJHZEZLRnpBZ0kydnlrWEZRYnUxMXFYR2hsN3hGakxxbDVXaUFKeGtNZ2t1ZzI5cTJ2U3VmX1M5S29kOWZ6eWtpY3NidyoqJnJpZD1iMGI2MzU4Yy1mZGVhLTExZWMtYjVhMS0yY2VhN2Y5NDI5OTYmdHM9Y29tLmR1Y2tkdWNrZ28ubW9iaWxlLmFuZHJvaWQmdHQ9T3JnYW5pYyZhdHQ9MiZnYnBwPTEmYWJkPTEmaXY9MTEmY3Q9NiZnZHByPTAmbXVpZD1tNjV4alVfcUpBcWwmc3Q9NDgwIn0sInRhZ3MiOlsidHJhbnNpdC10ZW1wbGF0ZTovaG9tZS93d3cvdHJhbnNpdC9hcHAvY29uZmlnLy4uL3ZpZXdzL3BhcnRpYWxzL2dvb2RzL21ldHJpY3MucGh0bWwiLCJ0cmFuc2l0LWRldmljZTpkZXNrdG9wIiwidHJhbnNpdC10eXBlOmdvb2RzIl0sInBlcmZvcm1hbmNlIjp7ImNvbm5lY3RUaW1lIjowLjA3LCJkb21Db21wbGV0ZSI6MC42OTMsInBhZ2VMb2FkVGltZSI6MC42OTQsInJlcXVlc3RTdGFydFRpbWUiOjAuMDU4LCJyZXNwb25zZUVuZFRpbWUiOjAuMTI4fX0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://clck.adskeeper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 07 Jul 2022 13:20:12 GMT cf-cache-status DYNAMIC x-mg-request-uuid 5e52a876-e4e1-4afe-b8bb-59eab49c62ba access-control-allow-headers Content-Type, Cache-Control, X-Requested-With, User-Agent, Referer expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-method HEAD, OPTIONS, POST content-type image/gif access-control-allow-origin * cf-ray 7270e04c0b779be9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| _mgExternalLinkChanger string| compositeId object| s1 number| transitType object| transitThrownParams function| onLoadAfRecaptcha function| onRcResponse string| grResponse function| start function| addEvent function| mgidHP object| _mgtq object| loadOptions function| hj object| _hjSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| bindAfParams object| recaptcha object| closure_lm_931407

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			clck.adskeeper.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22206%22%3A%7B%7D%7D
			.adskeeper.com/	1970-01-20 13:05:36	Name: _hjSessionUser_2590724 Value: eyJpZCI6IjRjNjZiOTczLTczYjAtNTk3Ny04ZTdiLTMxMTgyM2MxZDQ3OCIsImNyZWF0ZWQiOjE2NTcyMDAwMTE4NDQsImV4aXN0aW5nIjpmYWxzZX0=
			.adskeeper.com/	1970-01-20 04:20:01	Name: _hjFirstSeen Value: 1
			clck.adskeeper.com/	1970-01-20 04:20:00	Name: _hjIncludedInSessionSample Value: 0
			.adskeeper.com/	1970-01-20 04:20:01	Name: _hjSession_2590724 Value: eyJpZCI6ImJiNDg1ZDVmLTVjZGItNGQ2Yy05NzZiLWRlOGUwM2Y3MGQxNyIsImNyZWF0ZWQiOjE2NTcyMDAwMTE4NTksImluU2FtcGxlIjpmYWxzZX0=
			.adskeeper.com/	1970-01-20 04:20:01	Name: _hjAbsoluteSessionInProgress Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
cdn.adskeeper.com
clck.adskeeper.com
fonts.googleapis.com
fonts.gstatic.com
s-img.adskeeper.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google.com
www.gstatic.com
104.18.26.174
104.18.5.42
108.157.4.122
13.224.189.42
13.225.78.69
2a00:1450:4001:803::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2003
2a03:90c0:41:2801::254
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
12d7cf5ba17e853451bce8d65932c014d4213b749cc549812559994de13c6f49
21243a9ca7772e5f6c7204aedf832b26a79d1563ac9f22185ba0c607930a0ab7
49e2fb81691b078adf0c32de390e623f5418af05e5a87428b922ac32a1eb342c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
644a816674cb9d071237948dba64a258e1f40adf1f5ff93f488f21e3fdb585be
72316c0cdf10a9fd8917e0da913727db7a74fb8df654bee5e21051f64e298469
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
95bda8598e8f241b0cbd37f6a0803bf49237a673eb529c2a8b2973e9d6f7ec94
a9d2bc178cdc591c388013f6d07ae74c10cd78e1f77b75e2cc32a099dce245f9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b63c980a8077c38ecb087ba0a7da1e1be6fa5f81add1b584301f5b03a57dc80a
bd11fb997160bdafded4cfd4640e2baeac21fdcfe07217fc518da2562977c987
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d892570742cc2848e2e50964c844108753c99f210834ae739315a9bd250fdea6
f3421e6bf3e6446408f5bb1a825399edd7f9e8eb615fbdabe4bb3dbcbc211ec5
f406883e0e4b68b20320b9004000f7c5bb30a4ede81e43841e91e69e2163f6cf
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48