bajartiktoks.com Open in urlscan Pro
2606:4700:3031::6815:5725 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bajartiktoks.com/
Submission: On February 18 via api (February 18th 2024, 10:40:09 pm UTC) from NL — Scanned from NL

Summary HTTP 136 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 22 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3031::6815:5725, located in United States and belongs to CLOUDFLARENET, US. The main domain is bajartiktoks.com.

This is the only time bajartiktoks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3031::6815:5725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
22	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3031::ac43:8c77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2 5	2a02:26f0:480... 2a02:26f0:480:22::1726:62f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2 2	64.74.236.159 64.74.236.159	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:8a10:6709:5018:5354	16509 (AMAZON-02) (AMAZON-02)
2 2	34.249.135.188 34.249.135.188	() ()
1	35.76.25.149 35.76.25.149	16509 (AMAZON-02) (AMAZON-02)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
136	21

8 2606:4700:3031::6815:5725 (United States)

ASN13335 (CLOUDFLARENET, US)

bajartiktoks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::ac43:8c77 (United States)

ASN13335 (CLOUDFLARENET, US)

bajartiktoks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:22::1726:62f9 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.159 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8a10:6709:5018:5354 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.135.188 (Dublin, Ireland) 2 redirects

ASN- ()
PTR: ec2-34-249-135-188.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.76.25.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-25-149.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 Failed	270 KB
25	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	305 KB
22	demand.supply live.demand.supply — Cisco Umbrella Rank: 60522	45 KB
21	bajartiktoks.com bajartiktoks.com	621 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	84 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 65	6 KB
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1940 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6613	31 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 381	104 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1056 s.tribalfusion.com — Cisco Umbrella Rank: 2588	2 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	4 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 711	588 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 738	884 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 637	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 640	1 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8703	44 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 519	715 B
1	acuityplatform.com ums.acuityplatform.com — Cisco Umbrella Rank: 1440	27 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2836	552 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7144	553 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 964	709 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4545	38 KB
136	22

	Domain	Requested by
22	live.demand.supply	bajartiktoks.com live.demand.supply client
21	bajartiktoks.com	bajartiktoks.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bajartiktoks.com d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net bajartiktoks.com d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net bajartiktoks.com tpc.googlesyndication.com d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com pagead2.googlesyndication.com
10	cm.g.doubleclick.net	1 redirects d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
5	www.bing.com	2 redirects d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	ams3-ib.adnxs.com	d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com cdn.adnxs.com
4	www.google.com	tpc.googlesyndication.com bajartiktoks.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	bajartiktoks.com securepubads.g.doubleclick.net d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
3	www.gstatic.com	bajartiktoks.com d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
3	d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	onetag-sys.com	1 redirects
2	ap.lijit.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	c1.adform.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
1	cc.adingo.jp	d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ums.acuityplatform.com	d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	cdn.adnxs.com	bajartiktoks.com
1	adsdk.microsoft.com	bajartiktoks.com
136	28

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
bajartiktoks.com GTS CA 1P5	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://bajartiktoks.com/
Frame ID: C356E637597D9A54CAAE99E84A1DA768
Requests: 63 HTTP requests in this frame

Frame: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB7C7F2EEF8AB04373AC9F9CE12A0AA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssJm6zG1QO4cFRNz5PZnv8fbkbUBBUsJ4qNCh6h84L1qfVUnuraAKRXfjpB5wcEYu9rhytpL4NiCpHPP9K0uHuHCgWnKbDHVfsUGRZRpx1k63biK8ZlUCHP9I38M6k9ySA6XUT6MpdLED2gz92FxEOZma8GRtAJDCxUGZPOqB5PLyXF2nP0LDEUSPrt6FpIa51i-3kC7NqvFs3PRhVD8DF61kl216MQggu1qpWHgXeeXLB3tiRTfjJBZmXAX9nI_8Cl-19u7UcvusUmMpHK0xvCwrABA4PMp3P4yHhGc2eyEDwdSH7pXsg0g6cuyNiiP33upV3u5KMRYWZ9NUktYrBuSGNxPLgpkjOR1BWPBT4w4KWPG9EkmQcH38WOKOJKxp_yqiDTkcXjUmI0T5nUHSEBPepfhrg7cOwx7bcDBshGaKS_2wPDPuq0tEv7TEQAvlh7H_4JIYc&sig=Cg0ArKJSzIw4z6B8FQosEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BB5D21F6305C3BF80813DC726650CFBE
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgtUI1uF3aQR4OD88OqLqBNODGUrIJ4ipS5MLBMWnq9h5jZtDHQ8c6xh1ZLRC7SgmndkudXOI31nfz_ZGPmuIcAWOPvPJi26tkuLZU0bORVp_COF-WdnCeUK2Qnmj5oVn6cZkftMHo3lRNzUQjKi5x4fVIK7CvNrOGwGqrPkgygev70qaz6xKX_QgeHup42x-nXFuRNDDcZsIxR1s_QCWB4nxEoYZTLDywbljvLji0k3iOBmUB3ZrLzfQGFX6MClnGCHt1OYG2IlXAMT587EYn9ezjVuF-O-NieK2DGJi1lTvDTcszZ7-vxUicvk2EhrRfz9yoGkS6dyM9b5nTj_wYLLtpHCvcGvTd3AUlo7zfH-UsVGZv-WsBm3Oj3EYZlICVdSH_jHrEBUGrL6K7fWcaFO4OuymTSgDCEzNuBGbBqlRZjnY-GovQa20CqokrlI1T5rM&sai=AMfl-YS6ZXasFRPG7iJ7I6qXOg5Dx2kjJ6BqCfPmk9pTyiV2gkMxKvwGw5RzfBkhBUhQG-CiIXqPATG6Zu5Pcz3YvbqbYQ2VsY6sI2Uf1EHCi06NtSMqP4oUFtd16A9obDo52UM6Xkufa9pdN8Dvz_mTYP0&sig=Cg0ArKJSzJZ72jq2kREyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 561B1B73508894D8CB4A2B0BC19CE7F4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3152A159EB9070B06FC6FEDF91624DBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7662D619770AC28CD216FC211D2E39DB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032402122308000/amp4ads-v0.mjs
Frame ID: 8C9DC8665B902723046A8FAFC06A53C9
Requests: 16 HTTP requests in this frame

Frame: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD504846B5752C5131202C38F2189B52
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 90163E6E010361C98165359F0AD73DF1
Requests: 17 HTTP requests in this frame

Frame: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67A2EFFFFD3FCD4CA71FC690C408CA14
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F6AD03821A7DC0579BDF6A62C3E9FE44
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 18A5B59166C7D9D73897CE0B4805D0FC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B10FD4F9DB3AE82104B40456841288A3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Frame ID: F18F6D1BECA1E8DAA522F9EE98EBC32D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BajarTikToks - El mejor contenido y challenges sobre TikTok

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

136
Requests

80 %
HTTPS

56 %
IPv6

22
Domains

28
Subdomains

21
IPs

7
Countries

1509 kB
Transfer

3232 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=http://bajartiktoks.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f0c8df8-8696-4895-9219-142ca0716be0&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=799bbaac-cede-444f-88f2-76966d621ef7&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FRG%3De71277c0948e45b99ecf590b88e7d92e%26med%3D10%26PubId%3D162645330%26DI%3D0%26DIS%3DSB_1-1-0%284-0%29%3F%26SNR%3D1%26GV%3D2&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=3753197456395879558 HTTP 303
https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&DI=0&DIS=SB_1-1-0(4-0)?&SNR=1&GV=2

Request Chain 119

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 120

https://um.simpli.fi/gp_match?google_gid=CAESEOOH8HL7huCkTXBPI0Ph94M&google_cver=1&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5fIBqQpsSdNAo0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47A408586A154204A622E0F6CF60914B&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5fIBqQpsSdNAo0

Request Chain 121

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVYRptv0lv6quPbjekZsT8&google_cver=1&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1VqACKgkhjCSV62 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fHR22HtYSIc-9yZX9mXowA&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1VqACKgkhjCSV62

Request Chain 122

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPfPKn8WNXGGIIoNRe-1ne4&google_cver=1&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3tslC4yfcBYbgPVULZ53WZ1 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPfPKn8WNXGGIIoNRe-1ne4&google_cver=1&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3tslC4yfcBYbgPVULZ53WZ1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI4ODk2NzYzODE5NTIzNDU0OA&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3tslC4yfcBYbgPVULZ53WZ1

Request Chain 123

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOljkgNEKAdeC3uUJPEr_Mg&google_cver=1&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOljkgNEKAdeC3uUJPEr_Mg&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc&google_hm=NnNtWEZyVHFOcnRiMmFLekJWR2s=

Request Chain 125

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 126

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAlew6698-UhiOSsXalqocE&google_cver=1&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO80oz38dzntEjw4XEZyg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO80oz38dzntEjw4XEZyg

Request Chain 128

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHUWER33anrPlyKwx6tswMg&google_cver=1&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLxMCq2uOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLxMCq2uOQ&google_hm=eS01QXc5UmRkRTJwRW9xSWx2YmoxMUw3U0V6NUVRazRvRn5B

Request Chain 129

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUt_ojwIFyajYfoUDweRYs&google_cver=1&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUt_ojwIFyajYfoUDweRYs&google_cver=1&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ&google_hm=ILzwAGZHp-h0kHCKQ2ik30zH

Request Chain 131

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMH98Bo25sg98EgbUeapwvA&google_cver=1&google_push=AXcoOmR7pmPxmCYGvhTcjv810_HM0tDsgYu4PD2QEttIKuaOj-NcjslbfC38DC7MvxDX3Sbv7uV35ABfHvMlL8W-58ZEueU2HGzH2Pc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR7pmPxmCYGvhTcjv810_HM0tDsgYu4PD2QEttIKuaOj-NcjslbfC38DC7MvxDX3Sbv7uV35ABfHvMlL8W-58ZEueU2HGzH2Pc HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 135

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f0c8df8-8696-4895-9219-142ca0716be0&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=799bbaac-cede-444f-88f2-76966d621ef7&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FRG%3De71277c0948e45b99ecf590b88e7d92e%26med%3D10%26PubId%3D162645330%26type%3Dmv%26reqver%3D1.0%26tids%3D1&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=3753197456395879558 HTTP 303
https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&type=mv&reqver=1.0&tids=1

136 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bajartiktoks.com/ 31 KB
8 KB 368ms
341ms Document
text/html 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fa5fe3a2a94bb535edff05f9df9b44ecf5c5f9d4d5b6fa4a37d2e7980788c920

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 8579c501888866fa-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Feb 2024 22:40:03 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: no-referrer-when-downgrade
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80moIQrfXF3ES5ZIi30r3rp2Gn4HBmLIKMKWK4OW%2BoDRABhqkj2JSzJwBn2yDXwxmmjS4p1HZsueEKk%2BpDXQzKGyxaY3ifF4eaDVmiMEKdBc5qdGvN6pVscSZ%2BLhvalOrhPOmtQruHZMQOVqz8yJ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
bajartiktoks.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 25ms
25ms Stylesheet
text/css 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-includes/css/dist/block-library/style.min.css?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 30
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 14501
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 31 Jan 2024 13:16:27 GMT
Server: cloudflare
ETag: "1ae43-6103dafb38dfb-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvFeIxUSeWWHTXQgCnsoE0KdVGYKdCw5RJmw04Eaa5qLygmGiisWxQiWvSdxepjvyrB0x09N7ECMnyTW65fAb%2FM8sm67JL2%2F1bthsbOpoSwcNuNXB8Pn8y8wU5Lfj8FKDfB8hIl9nP3BngrQpRM2"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503ab6366fa-AMS
Expires: Mon, 17 Feb 2025 22:39:33 GMT

GET
H/1.1 200
OK wpautoterms.css
bajartiktoks.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
1 KB 225ms
208ms Stylesheet
text/css 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 195
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 15 Jan 2024 01:45:58 GMT
Server: cloudflare
ETag: "223-60ef22ce23d02-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxC9HQ4t%2FV%2BvnEYXETBMjiP1Kk%2FnHzhuuPRQkR9k35xJsn29q%2FuPeNmM2NIUB5Zsp9NN7fZ36vrNIPMswCrxlaUKns8eUFnRZZkSVPjLE%2B28LDEiPBzrHq3r11Cnt6c0BWuF9v37blLjPkgYOGqB"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503cf340c0d-AMS
Expires: Mon, 17 Feb 2025 22:40:03 GMT

GET
H/1.1 200
OK styles.css
bajartiktoks.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 51ms
35ms Stylesheet
text/css 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 30
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1015
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2024 16:13:40 GMT
Server: cloudflare
ETag: "b4e-610a4beaf20c4-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNbQN1pv5Y%2BxcKfSwv0PYbzFhbrwyCz96ZLFj%2FewMv0EsvhNwM7swa%2B%2BdRULA1GKsHT6UOxtVR7dqHeEAkYGRlZA%2Fx9MdsJww76gB1cC58RdZ%2FJ9xqkLW5S7Hc0y%2Bf1yDZq1oeOIxvuNjVpk85HK"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503c9880e31-AMS
Expires: Mon, 17 Feb 2025 22:39:33 GMT

GET
H/1.1 200
OK main.min.css
bajartiktoks.com/wp-content/themes/asap/assets/css/ 49 KB
11 KB 236ms
220ms Stylesheet
text/css 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/themes/asap/assets/css/main.min.css?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4062685fe3e5b5d61aedc28be03f89044a05cf818ca3dcea358d96dc287af3d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 10688
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 10 Sep 2023 04:14:58 GMT
Server: cloudflare
ETag: "c581-604f973f0cf1c-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvzGY2r0Duzcz227TLu%2BQiMeWhbztzyZST%2FW80AHup7rYXb566RY1vpWURgb%2FBWckH%2FBAr4VZ2SQWbH7XWLc0PL7384bg74LxgPWpRVS1NeWv0sku1vh4eBG%2Bgc2yCyCdA9%2F%2Bx7Qh4s2tyZSdDcn"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503cb6c0e7e-AMS
Expires: Mon, 17 Feb 2025 22:40:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
2 KB 174ms
62ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@300;700&family=Open+Sans:wght@400&family=Poppins:wght@300&display=swap

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd5ab9ec90fbf3aa5b63ac56ac559e1424d529fd040d9e3b7f391b069e325063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 22:40:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:40:03 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 240ms
189ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdfb7a6c28b778059aa6b6c71a53751ff287ff3e93a5aaa2ef47743c96424df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HP75F9AZCREH52VHCRJ7K2EH
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 975
cf-polished: origSize=5381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"58fb9c0053635ce2e41d09ded26ca7c5-ssl-df"
cache-status: "Netlify Edge"; fwd=stale
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 8579c503fc850bc6-AMS
timing-allow-origin: *

GET
H2 200 Logo-BajarTikToks.png
bajartiktoks.com/wp-content/uploads/2023/09/ 7 KB
8 KB 66ms
25ms Image
image/png 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/09/Logo-BajarTikToks.png
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be45e3cad5738b33f05b101ef9fff8716fdc0b4326245b29eba2e23e64ddc310

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1317791
alt-svc: h3=":443"; ma=86400
content-length: 7619
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Sep 2023 04:17:20 GMT
server: cloudflare
etag: "1dc3-604f97c5d14e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9EeErH3IaebvKkCFd9BmFwvsb4uasz8HC1lg4XVSOXSL%2B5HmO76WapbRs7NYxwQCUcWoWrHkyd%2F%2FwQ2yQcFavXrrRKX23J8LGGAOQBlExTMvnk3SzUlULJ6l6GpxjJwu7De8FaYMrj%2FQ0eQiWfW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c503ea9f1c95-AMS
expires: Sun, 02 Feb 2025 16:36:52 GMT

GET
H/1.1 200
OK index.js Show response
bajartiktoks.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 69ms
53ms Script
application/x-javascript 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3212
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2024 16:13:40 GMT
Server: cloudflare
ETag: "2b6d-610a4beaf2c7c-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M87SJVgYP2slI2aRXyavQesyjPWktHvNUtDbEZGzcAOVVE9YtGHWv4TWtWNBfseto0TKFPFmkY9NJm3HZEssm3g5bL0RB3qbRycZg5smFYQ2hn3cdgkJFmmPBkT3Xo%2BHlmKPv%2Fb9mLLDxJYm6Rp2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503c8781af8-AMS
Expires: Mon, 17 Feb 2025 22:39:42 GMT

GET
H/1.1 200
OK index.js Show response
bajartiktoks.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 220ms
210ms Script
application/x-javascript 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/plugins/contact-form-7/includes/js/index.js?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4191
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2024 16:13:40 GMT
Server: cloudflare
ETag: "337e-610a4beaf24ac-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4iw7NvsAM6ZYspcNnfrPvgu6%2FukwCr7g%2Bv6UsG%2FVfJ98InaYlxv8VCXgPs2ANiIpM4Gcfd07YkhB%2F0m5Itot3N1pHiWSBq27CH%2FgQrUiNJZrDTL%2F1bYmarAgMA%2B14LbfF2G7VFJbHmo6rOyr7DF"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503db9a66fa-AMS
Expires: Mon, 17 Feb 2025 22:40:03 GMT

GET
H/1.1 200
OK asap.vanilla.min.js Show response
bajartiktoks.com/wp-content/themes/asap/assets/js/ 6 KB
2 KB 218ms
212ms Script
application/x-javascript 2606:4700:3031::6815:5725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bajartiktoks.com/wp-content/themes/asap/assets/js/asap.vanilla.min.js?x38998
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:5725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9772979b357c269704be0e8e977c20feb278696d490ef35da00ffbb3d66d432b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 22:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1680
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 10 Sep 2023 04:14:58 GMT
Server: cloudflare
ETag: "19e2-604f973f105cc-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTc%2Fg4HbLPDXVR8Fzr2zZqgvf38K%2FUVUsracYkYGag6CkY1gZHHGddX%2B%2BfgTLyuqy8vO%2FmzvHWsV8ntdp7ASsJmhHYWlwvEzKkeXL8rtKKe209AFaepmNRb7imAuzAkGYyUls0Pkznf61p12Nz%2Fk"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8579c503dabc0b53-AMS
Expires: Mon, 17 Feb 2025 22:40:03 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 28 KB
28 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@300;700&family=Open+Sans:wght@400&family=Poppins:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://bajartiktoks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:52:50 GMT
x-content-type-options: nosniff
age: 481633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:52:50 GMT

GET
H2 200 tiktok-music-400x267.jpeg
bajartiktoks.com/wp-content/uploads/2023/10/ 10 KB
10 KB 29ms
26ms Image
image/jpeg 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/tiktok-music-400x267.jpeg
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2b8bc4471465659c673e5d6151998c4c82c91bad31c2bb611ec90b1f407925

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36011
alt-svc: h3=":443"; ma=86400
content-length: 9788
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 04:17:07 GMT
server: cloudflare
etag: "263c-606c829fa9b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=760LR8A3o8kW%2BiCcaKk2vokqF3eFJYv3aOYP3oyGI1sXQ9AzqJkBYcCMTPVqsD254WmjtlJMbY%2F%2BJxiTcT2HFAYdQo8YbUlP5QIRCLYgoMdOLx%2BwgiWwaC%2FGU14ks1%2BI8fzFR9zl6cu%2FWajPUWJc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c531c95-AMS
expires: Mon, 17 Feb 2025 12:39:52 GMT

GET
H2 200 tiktok-apps-400x267.webp
bajartiktoks.com/wp-content/uploads/2023/10/ 4 KB
5 KB 30ms
28ms Image
image/webp 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/tiktok-apps-400x267.webp
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b77d24fd26957deac9b2ec87faa71acd3f7f40e27716bb28f071c1c0f9b0ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 289082
alt-svc: h3=":443"; ma=86400
content-length: 4398
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 04:14:33 GMT
server: cloudflare
etag: "112e-606c820cb92b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jyPnEe42kRvTHvbGEOuOz4vuoQEManOsA8rLtVrcqh6xR3Vg%2FOkfAgLg4UPs5AlK66RDwjOtZqDdRteSchYWk6oYxhAuZjDNvEQcjyD5jpp1EZkdGt1AK%2Bldo6vUMP8xOZ31jfrk%2FoKQUrptPKV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c541c95-AMS
expires: Fri, 14 Feb 2025 14:22:01 GMT

GET
H2 200 tiktok-subtitulos-400x267.webp
bajartiktoks.com/wp-content/uploads/2023/10/ 6 KB
6 KB 29ms
27ms Image
image/webp 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/tiktok-subtitulos-400x267.webp
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b162e6d54ed38d028e486a77450c08b85638f9d1ec10e825b26f70b1fd61a363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85859
alt-svc: h3=":443"; ma=86400
content-length: 6182
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 04:13:12 GMT
server: cloudflare
etag: "1826-606c81bfbacc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1SMF9bduUCh65UYAKxxcEXB8zhTlSJe08C5GfK0R5UR5WIhtpttH33rSTFT5fc1h2bIFSeP0pE9jz1juUZtrevKGkchw8fsPL8kzVKJdIB9pVNBhzgRlVVCJ3ZmQUuUij5azhm%2BEbn8wZBnH8Y8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c561c95-AMS
expires: Sun, 16 Feb 2025 22:49:04 GMT

GET
H2 200 editar-tiktoks-400x267.webp
bajartiktoks.com/wp-content/uploads/2023/10/ 8 KB
8 KB 32ms
29ms Image
image/webp 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/editar-tiktoks-400x267.webp
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486a013de214b1deda4274c87e880ee2c19774c9b47ffc173600b581342710bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85859
alt-svc: h3=":443"; ma=86400
content-length: 8028
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 04:06:52 GMT
server: cloudflare
etag: "1f5c-606c8054d3d73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VELT9NnsPsiRCOz90K4WUj032quwCx%2BJM3OlIs0wf8g17bdreeoxeUd4Oxi3Boj6%2FPaDBZjai3cHnHKX6%2FlTAMFyYOemMEpKKnaj8yxoPIy2%2BdxEIDSaA%2FtoEmk%2BfL0mwszmwu6WL1KflU8%2BOrg9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c571c95-AMS
expires: Sun, 16 Feb 2025 22:49:04 GMT

GET
H2 200 anillo-de-tiktok-400x267.webp
bajartiktoks.com/wp-content/uploads/2023/10/ 5 KB
6 KB 48ms
47ms Image
image/webp 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/anillo-de-tiktok-400x267.webp
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 023afcda2802497227b8c84551db99fa0ffff2a57996a1ee9b558c8102212f56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69357
alt-svc: h3=":443"; ma=86400
content-length: 5524
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 04:04:06 GMT
server: cloudflare
etag: "1594-606c7fb6f18a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKwusePEjHjv6vzfbIpm86XSUKc3zskTIE4IkhipVupOVZx0bREiVcUyN9%2F44yunpz4n%2F7J17OPG74asnKZwATdsjsZ1K5SDyV60P17%2FQXb1hVpCuEqyjdXltqh0Y7%2BLU%2B69p%2F9D3JcjexUQL4bq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c591c95-AMS
expires: Mon, 17 Feb 2025 03:24:06 GMT

GET
H2 200 dislike-en-tiktok-400x267.webp
bajartiktoks.com/wp-content/uploads/2023/10/ 4 KB
4 KB 30ms
28ms Image
image/webp 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/dislike-en-tiktok-400x267.webp
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9088c85467b9f61eacb95b84980388afb71e25dc20068467ef7293ab593e4420

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4031838
alt-svc: h3=":443"; ma=86400
content-length: 3638
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:58:58 GMT
server: cloudflare
etag: "e36-606c7e913b292"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwHSj0EGaYeGJmM4lz6Ny6ylPXxAazBjKXiqfP8VBpGHsZdCom%2B94NKN%2FveBxuM82BQyoxMVGUhGeHWG9zrVblQhELoAYcPe8ycaHE%2BbsftRSI%2Bv%2BSI%2Bz6VUSa5rLyNXPs2CpctIk7qdRdzcNDXu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c5c1c95-AMS
expires: Thu, 02 Jan 2025 06:42:45 GMT

GET
H2 200 horario-para-publicar-en-tiktok-400x267.png
bajartiktoks.com/wp-content/uploads/2023/10/ 116 KB
117 KB 47ms
46ms Image
image/png 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/horario-para-publicar-en-tiktok-400x267.png
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf7928eba91b4ec1caf2c312d690dfca5b7d91b3ff51ec4cf81fdc9d187ecd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10373
alt-svc: h3=":443"; ma=86400
content-length: 119121
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:57:29 GMT
server: cloudflare
etag: "1d151-606c7e3c2216f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLvTPgvm4iTpwaadSDm9NwKWp57%2BgoSsFoZ2POy1gj4YhBIbqt6lG%2FhgbKxr6BLXOmh3pUDzjEnfk3CO3U3yUNc%2BuQTSZw7KojDXK67z69VDbBuIokUiCHbMuZMIov53K1%2FhGIpg1rFFBSJwPHP0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c5f1c95-AMS
expires: Mon, 17 Feb 2025 19:47:10 GMT

GET
H2 200 historial-en-tiktok-400x267.png
bajartiktoks.com/wp-content/uploads/2023/10/ 100 KB
101 KB 31ms
30ms Image
image/png 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/historial-en-tiktok-400x267.png
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d2970ec15e8c3b85b2ba2d805ab8e7223f49736cfac114e615819cda50234b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10373
alt-svc: h3=":443"; ma=86400
content-length: 102567
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:52:57 GMT
server: cloudflare
etag: "190a7-606c7d387f108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTbYIyc8kcdRSDBrmmn11PCXzd7xl%2Fz1Go%2FMNP5RqPcPmIL2sUJgq1%2BMKJWqcWl9%2BJeQVGQ18YgPaf4KkZKGk7DW%2BaQab0X%2FGiS1%2Bw%2FSIBkozGdm9%2BC4NYLIZQdl5cEo9wOlutGdSdeJpU10gjXQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c611c95-AMS
expires: Mon, 17 Feb 2025 19:47:10 GMT

GET
H2 200 idiomas-en-tiktok-400x267.jpg
bajartiktoks.com/wp-content/uploads/2023/10/ 22 KB
23 KB 47ms
46ms Image
image/jpeg 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/idiomas-en-tiktok-400x267.jpg
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89ee8863df29dfc6f0a0fa3b90674c9eabaaac152f3fe75dd9eb6cda55c3714

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10373
alt-svc: h3=":443"; ma=86400
content-length: 22754
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:51:08 GMT
server: cloudflare
etag: "58e2-606c7cd0c3811"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCFmUMWVWgHsly20920WxAcsMkx9WpvSxx46ssrB1j3NLeOLdmX6dxdu1LHyPzPeTb%2BvXR7J0GV5J6VwHSAzgG91WciF2gI28ctt2UxwdV3hDb402LbR6SXvHpM5BkYPcgBrGpjROzamEyZpjJPG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c631c95-AMS
expires: Mon, 17 Feb 2025 19:47:10 GMT

GET
H2 200 ia-tiktok-400x267.png
bajartiktoks.com/wp-content/uploads/2023/10/ 169 KB
170 KB 48ms
47ms Image
image/png 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/ia-tiktok-400x267.png
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72110ad314201e19922480e9b6b6c641e47b183c2a4b2cb3234b2c97ba885f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78312
alt-svc: h3=":443"; ma=86400
content-length: 173388
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:40:59 GMT
server: cloudflare
etag: "2a54c-606c7a8c0242f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzxtZTNO1EHqEXQ8aR3EjR1Tmsl13VbzXLz33vm5mVqU%2FcV6V7FDgJ%2Ft3NTlE85AHq%2BM3yqG4oW0e0k5fqZtFYgEzQUbG5BWQfJCw7ByXxfi4XAT3NcAyvbIFzXqYLT8jtiagW8ACgNWb5d3j0Yd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5053c671c95-AMS
expires: Mon, 17 Feb 2025 00:54:51 GMT

GET
H2 200 tiktok-y-anime-400x267.png
bajartiktoks.com/wp-content/uploads/2023/10/ 101 KB
101 KB 48ms
47ms Image
image/png 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/tiktok-y-anime-400x267.png
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5a1519d693b4edcbb11f538b41f5e99646f23e4674ee569595b39b13f56f29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30
alt-svc: h3=":443"; ma=86400
content-length: 103019
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:30:33 GMT
server: cloudflare
etag: "1926b-606c7837486aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMoRgMsSZ8isvtOV0CTsHBTTQpxQSQ6SiVuvgBGB6rJZL6NKQE1xZY3%2Bf25xETv7s3ORxVUcU%2FMCMxtDjh9tsL6GCnhSQEncrBnfgP7r3EIZSNqAQTLOXrPYONZ5iTuwq9af7CbBBY5oVs%2BVspMr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5054c721c95-AMS
expires: Mon, 17 Feb 2025 22:39:33 GMT

GET
H2 200 google-y-tiktok-400x267.jpg
bajartiktoks.com/wp-content/uploads/2023/10/ 14 KB
14 KB 48ms
48ms Image
image/jpeg 2606:4700:3031::ac43:8c77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bajartiktoks.com/wp-content/uploads/2023/10/google-y-tiktok-400x267.jpg
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ba02e4a2dd5a780e658509c91d8efc0eba22534017c3e33506a30abec10ab3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69357
alt-svc: h3=":443"; ma=86400
content-length: 14156
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 03:28:17 GMT
server: cloudflare
etag: "374c-606c77b52cede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eggj7oyUci4K7M6b%2BGZOr35BcD6IwqmYA4R1Dpc55O1PfKvIVYIBMx6%2BPNkDFuQu4Q4XfGqsFvGWQLkclPV2zNXq810Ud1CSMenhGyQW26a05FxO%2BzBnnRVz%2BbzOIqlbP0mEfUVtbPQXfFKchdbt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8579c5054c7e1c95-AMS
expires: Mon, 17 Feb 2025 03:24:06 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 100ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@300;700&family=Open+Sans:wght@400&family=Poppins:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://bajartiktoks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:55:25 GMT
x-content-type-options: nosniff
age: 481478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:55:25 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
540 B 128ms
109ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=241&cs=c&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c5055f380bc5-AMS

GET
H2 200 impl.v17.29.0.js Show response
live.demand.supply/ 93 KB
30 KB 27ms
26ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.29.0.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HP7581DF01FYPWEG10ZZK8F8
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 806115
cf-polished: origSize=94947
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"9390a1746dc58e5bd985c7821cf6e089-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8579c5053e0b0bc6-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 127ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88e746ee32e3b86955fc005852c7563ea18e3effc821d65c8c20c4cd0a9fe475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29557
x-xss-protection: 0
server: cafe
etag: 233 / 19771 / 31081245 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 22:40:03 GMT

GET
H2 200 YmFqYXJ0aWt0b2tzLmNvbS8= Show response
live.demand.supply/p4/v17-24-0/ 2 KB
835 B 191ms
191ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/YmFqYXJ0aWt0b2tzLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb32df9ddbb6a9a4d6ce87cd263d6dc9ccbe156e91bb6fa1d5eb6f63f9795085

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 8579c5053e0d0bc6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
606 B 134ms
116ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V86NDPWWN29T0X1CS
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8579c5055f330bc5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bajartiktoks.com_fluid_lb+sq_abajo_buscador_2 Show response
live.demand.supply/cp/ 29 B
376 B 204ms
204ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/bajartiktoks.com_fluid_lb+sq_abajo_buscador_2?mlcu=c195a984-7086-48d5-99a1-5ed8f857729a&mlos=wi&mlbr=ch&mlla=en&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6176aba37dd88aa2372e01eab674a3940f9cee6c49b532a0f7edee7b56b3a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8579c5057f5e0bc5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 bajartiktoks.com_fluid_lb+sq_abajo_buscador_2 Show response
live.demand.supply/cp/ 29 B
373 B 200ms
200ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/bajartiktoks.com_fluid_lb+sq_abajo_buscador_2?mlcu=c195a984-7086-48d5-99a1-5ed8f857729a&mlos=wi&mlbr=ch&mlla=en&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6176aba37dd88aa2372e01eab674a3940f9cee6c49b532a0f7edee7b56b3a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8579c5057f600bc5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/ 428 KB
135 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb5e8eef5efe4f00b4a4bb3df651d1418ecf8072ec98393dd773454f814f477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23639
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137909
x-xss-protection: 0
server: cafe
etag: 11310070000413636408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 17 Feb 2025 16:06:04 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
503 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&pdc=6.8375999450683596&e=tcp&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c506b8f80bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
502 B 113ms
112ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57KEQE90XXS2JXDA8V27B
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c506b8fb0bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
506 B 24ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&pdc=6.8375999450683596&e=tcp&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c506b9020bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
502 B 204ms
204ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=da&r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57KEQE90XXS2JXDA8V27B
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c506b9030bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
503 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c506c9140bc5-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
562 B 509ms
508ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=2309486618602769&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2Cc6e34446-9f02-4400-9055-1baf347a3846&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1708296003650&lmt=1708296003&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D15%26bid-p%3Dgoogle%26bsc%3D58&adks=540638418&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

129206b0382b41bbcc5d6345d82103285b94d2f9cefa148bddb4414137d3f89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 531
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 961 B
471 B 382ms
382ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=276091066713501&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2C3206133a-6d8f-45c7-bab5-ddfd6570272e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1708296003655&lmt=1708296003&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D0.8%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D58&adks=2086564128&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ec19efadb3c091c9b18622be0a04bb3f5c610deb7d8f6392419e210553d545c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 440
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
17 KB 329ms
329ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=3044146726017007&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2Cfc7adcb8-bc00-4782-b3a1-d48aaeeb1c7f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=960x280%7C750x300%7C750x200%7C930x180&ifi=3&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1708296003656&lmt=1708296003&adxs=316&adys=975&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=968x116&msz=968x116&fws=4&ohw=1600&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26chrand%3Dy%26pof%3D0%26bid%3D1.71%26bid-p%3Dgoogle%26bsc%3D58&adks=3962372402&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

630351600fef5eff668e3900eae175f0bb70a898d5cfb0b92feb58f314c31e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17085
x-xss-protection: 0
google-lineitem-id: 5562810423
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB7C 6 KB
3 KB 227ms
84ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bajartiktoks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:40:03 GMT
expires: Mon, 17 Feb 2025 22:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/ 46 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl_page_level_ads.js?cb=31081245

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15f8ff69c708341b722f67ef089b624c9c963046edabc81f0675995fdadd4bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 11:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40122
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15024
x-xss-protection: 0
server: cafe
etag: 8459742958230797430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 17 Feb 2025 11:31:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
18 KB 340ms
340ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=2851149876701984&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2Cfc7adcb8-bc00-4782-b3a1-d48aaeeb1c7f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=910x280%7C750x300%7C750x200&ifi=4&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1708296003666&lmt=1708296003&adxs=341&adys=101&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=918x116&msz=918x116&fws=4&ohw=1600&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26chrand%3Dy%26pof%3D0%26bid%3D1.71%26bid-p%3Dgoogle%26bsc%3D58&adks=609770339&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7d2801d702efbce3bcde148da43583f5e186fbd8480581847013b84afaa80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18041
x-xss-protection: 0
google-lineitem-id: 5562810423
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 181ms
69ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a3851e32381d1d0ac6c514cc7eae923700b8d08460199bc0a47c6a6d7447d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12308
x-xss-protection: 0

GET view
pagead2.googlesyndication.com/pcs/ Frame BB5D 0
0

GET abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame BB5D 0
0

GET ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BB5D 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 455 B
204 B 265ms
265ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=3739690726398615&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2C974aff7c-4ba8-4173-a796-a4633bb6b459&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=960x280%7C750x300%7C750x200%7C930x180&ifi=5&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1708296004013&lmt=1708296004&adxs=316&adys=975&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=968x116&msz=968x116&fws=4&ohw=1600&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D58&adks=3391340824&frm=20&eo_id_str=ID%3Dc0398ce38d9fe54c%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjbevRMLWKuplgHsnaRVKAUf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9baf63013d74acaddb439c3696da2bbdf045c9f49b924b5c2f4b6cd270428600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 561B 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 561B 0
0

GET ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 561B 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
14 KB 398ms
398ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=542368236589433&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2C974aff7c-4ba8-4173-a796-a4633bb6b459&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=910x280%7C750x300%7C750x200&ifi=6&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D0e5a6e8aa7d52767%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MYCQsNR6dLClzTjb9N3UZcNoS11HQ&gpic=UID%3D00000d5c4db57384%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MZKKM7GQ5xWdhxbfkQBViJiHpV-cQ&abxe=1&dt=1708296004039&lmt=1708296004&adxs=341&adys=101&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=918x116&msz=918x116&fws=4&ohw=1600&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D58&adks=2192430800&frm=20&eo_id_str=ID%3D10f2d1b4caa2efa5%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjbRl77h6ViyQP59WwJ1N2Vl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50d82ad02d157775cc9ae97718184343e08f4f15744345e6c7c224e4bac90499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14186
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 602 B
292 B 312ms
312ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=2161416058629179&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2Ce066a22b-4dfa-4504-8c4b-5efc48a13450&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=1&eri=1&sc=0&cookie=ID%3Dcb4168595fea09e7%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MbVlyLvNd1fW8NzaHXm2NqvGFNZig&gpic=UID%3D00000d5c4e6bc400%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MZkJaaFQ-kDNM7yL8k5ziUJkCF7vg&abxe=1&dt=1708296004045&lmt=1708296004&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D0.3%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D58&adks=3667945387&frm=20&eo_id_str=ID%3Dad0ad2ba9bef98ad%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjYbr4Z0JO555d8CDz9rgGM1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab5249ce649e8e8d046e6810d15dfdb0a559e3255f26bbdd0dd45f099bc816a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 150ms
99ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 22:40:04 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
507 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_auto_interstitial_desktop&e=nai&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50a1d550bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
505 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50a1d590bc5-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 635 B
299 B 347ms
347ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=263763231617564&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2C7c7b06e4-6ef7-471f-9d47-2163b758d3b0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=0&cookie=ID%3D1de4500cfebd2d93%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MbjtlebSt-kpFuup0BwjtPmplZCKQ&gpic=UID%3D00000d5c4e2ddeee%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MZLNxS69Y1WvfZId-bhUB3YZLW5fA&abxe=1&dt=1708296004172&lmt=1708296004&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D58&adks=4159902372&frm=20&eo_id_str=ID%3Dda20a68fa8e59644%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjbAhj_aMUAyH-oU6119tdHu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4ec68e736a39282a728361a7a2b56eb486fcf10afb9ac4e71e86c97c6f6c2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3152 13 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bajartiktoks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 22395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 16:26:49 GMT
expires: Mon, 17 Feb 2025 16:26:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7662 829 B
1 KB 174ms
62ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b0b1672430f51849dbbbe758b870bf57b1a6a4ffd4ec32729eda3f0e229c416

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4Nh_RhxHBbyUa-ZUminx-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bajartiktoks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4Nh_RhxHBbyUa-ZUminx-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:40:04 GMT
expires: Sun, 18 Feb 2024 22:40:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 114ms
113ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&e=nai&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50adee20bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
505 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&pn=2&sn=3&pc=6.8375999450683596&ds=false&e=wdp&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50adee30bc5-AMS

GET
H2 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3152 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Feb 2025 16:26:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
21 KB 301ms
301ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=801907628812760&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2C9e6f7020-a64d-47f2-bd22-c9e28d1cfacc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&sfv=1-0-40&ists=1&fas=1&eri=1&sc=0&cookie=ID%3D1de4500cfebd2d93%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MbjtlebSt-kpFuup0BwjtPmplZCKQ&gpic=UID%3D00000d5c4e2ddeee%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MZLNxS69Y1WvfZId-bhUB3YZLW5fA&abxe=1&dt=1708296004370&lmt=1708296004&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D58&adks=2955021500&frm=20&eo_id_str=ID%3Dda20a68fa8e59644%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjbAhj_aMUAyH-oU6119tdHu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f38483bd801f58db0fb0828f3a3c5bf44de3871739caa8dc2407c83d8938e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21196
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3152 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E5031Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7662 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402140101&jk=3883819291058939&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032402122308000/ Frame 8C9D 196 KB
56 KB 98ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032402122308000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45c912062ccb86647960ad8f1f1bfe1ac816f3f934f4c17b78e49c2449f9cc53

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 22:13:48 GMT
age: 433576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56165
x-xss-protection: 0
server: sffe
etag: "9727eaa4c4abbd17"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 22:13:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032402122308000/v0/ Frame 8C9D 15 KB
5 KB 139ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032402122308000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620e650135367f175a542a88c0646be2b716930cc42e01e291eb24d63722616f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 22:13:48 GMT
age: 433576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "68373f9a2b9add5a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 22:13:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032402122308000/v0/ Frame 8C9D 95 KB
28 KB 147ms
74ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032402122308000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

722117cb3654f60fe9c913d636106dd30b90c0d805b0828ebf6f06d1f0d3b32c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 22:13:48 GMT
age: 433576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29054
x-xss-protection: 0
server: sffe
etag: "a02e8be6a8b6fcf0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 22:13:48 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032402122308000/v0/ Frame 8C9D 5 KB
2 KB 142ms
69ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032402122308000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3931bffd71d3d21af5cea0706aa3d3ba7147650c6fe5fcaddb819e7a80af0b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 22:13:48 GMT
age: 433576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "ac1827860467156e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 22:13:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032402122308000/v0/ Frame 8C9D 40 KB
13 KB 143ms
70ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032402122308000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b4a089a7e7b88e8b1e5abbc3ac0a6896728f92535be02e7c5cec719f2776533

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 22:13:48 GMT
age: 433576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "daae09dd16aaa4d7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 22:13:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C9D 4 KB
775 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:39:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:40:04 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C9D 3 KB
3 KB 25ms
25ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 20:28:02 GMT
x-content-type-options: nosniff
server: cafe
age: 7922
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Mon, 19 Feb 2024 20:28:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C9D 295 B
319 B 24ms
23ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 20:23:00 GMT
x-content-type-options: nosniff
server: cafe
age: 8224
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 19 Feb 2024 20:23:00 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 8C9D 0
0 57ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRO9z6GqRLUKzlJ8MrBjPU6ZG31_LTs6D6xz4mXk0xXpKpDsBUBe9rwmOBe0hywYRK86FNWRsoKazLzbOrBGtUc2q9E5A
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
505 B 24ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&pn=2&sn=3&pc=6.8375999450683596&ds=true&e=wdp&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50be86f0bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
504 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.01&b=3&r=bajartiktoks.com_fluid_lb%2Bsq_abajo_buscador_2&sy=d288ccab-2e6e-403f-9900-681497c9beab&ts=58&cd=2&pud=241&pus=c&pue=613&pid=29&pis=c&pie=651&ppd=192&pps=a&ppe=814&pcl=623&ttc=864&tti=1688&ttif=0&lca=814&lcak=ppe&lct=814&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=bajartiktoks.com&mlre=undefined&mlin=0&mlsi=910x280&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50be8700bc5-AMS

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15284382051871327872/ Frame 8C9D 29 KB
29 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15284382051871327872/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e46ba7ba312eb9f1888dd96c0167a491035dbfbdb8b2976af88636e9e302e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 17 Feb 2025 22:24:22 GMT
date: Sun, 18 Feb 2024 22:24:22 GMT
x-content-type-options: nosniff
age: 942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29363
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:37:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11942879607265160352/ Frame 8C9D 3 KB
3 KB 23ms
23ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11942879607265160352/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d0f336fd0ecad9ea0d7ef6a0761e3fbd4adda60fa7809a7ba08f7a8468e413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 17 Feb 2025 22:01:03 GMT
date: Sun, 18 Feb 2024 22:01:03 GMT
x-content-type-options: nosniff
age: 2341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3234
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 09:44:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8C9D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93ebfd8ee71c3ce7a33659d236d6403b04c3fa62d7bdce8b480975f257c192d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8C9D 16 KB
16 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://bajartiktoks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:34:54 GMT
x-content-type-options: nosniff
age: 277510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 17:34:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8C9D 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://bajartiktoks.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options: nosniff
age: 481714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:51:30 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
506 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_auto_interstitial_desktop&e=nai&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50c58fc0bc5-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
505 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=bajartiktoks.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50c59000bc5-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
54 KB 432ms
431ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883819291058939&correlator=2374798288092596&eid=44809527%2C31081256%2C31081245&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=44890869%3A22675975471%2Cca-pub-3831894559014614-tag%2Cb591d99a-94f2-430f-a1f7-716734adb063&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&fas=8&eri=1&sc=0&cookie=ID%3D1de4500cfebd2d93%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MbjtlebSt-kpFuup0BwjtPmplZCKQ&gpic=UID%3D00000d5c4e2ddeee%3AT%3D1708296003%3ART%3D1708296003%3AS%3DALNI_MZLNxS69Y1WvfZId-bhUB3YZLW5fA&abxe=1&dt=1708296004524&lmt=1708296004&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fbajartiktoks.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=316723282.1708296004&ga_sid=1708296004&ga_hid=1888314662&ga_fc=false&dlt=1708296003135&idt=495&prev_scp=ti%3Dc195a984-7086-48d5-99a1-5ed8f857729a%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D58&adks=3664292882&frm=20&eo_id_str=ID%3Dda20a68fa8e59644%3AT%3D1708296003%3ART%3D1708296003%3AS%3DAA-AfjbAhj_aMUAyH-oU6119tdHu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

510adc8efb75a34a478cc2125a546996ea4a11f32f7584c36ef4b17a03f51b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55170
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bajartiktoks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8C9D 0
0 93ms
93ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFOwaRIfSZa-VBd721PIPqJ-o4ALlseS3a7rrpruoEL_hHhABIJWbyiFgkYSghYwYoAHtqsTeAsgBCeACAKgDAcgDCqoEwwJP0CWfl9mZ26rKJ8xgR_vBMT2ud4aQoweNJCRcQ1vnG6R-MZcqbfkcbbqWOwjvZLK4dGVVSKUo_hTvrJcFGc2CTYJ7wIMXZqWUTCUaLSKKkQxECDYbQTn-McpjbmK2U3CLoUoM_CJoAJfBcxKhV43zYlmj1dcVZEJsZLK4ggBmiGIHOrpYYjXqC3BBT4RVhVvpSJW6h2yktxziaQB6tI2R4PaSE-Wb-b_K-8II_YEU2wUFQ3fGovI2dGcZKVDjQ7OIOPrNpvMpueO2dRc090zGYnY6lA_w1kH0w2TQm5EcphIjO2leO2PZjRb90aZKQVmLFot-FTAGxRm3yb5bEhoJcuLuRfyt51kLmEbuvza2XyyD7iG3m3Eet7i1FKyOL2nORqmgRUvM4hrADuJQBdmdNDCSbnK18lyCzh8t0aGGcjuZ78AE1ajeu4ME4AQBiAWAsvaIQpIFBAgEGAGSBQQIBRgEoAYugAf71LuhAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEOTRQ9IIJgiA4YAQEAEYHTICqgI6CYBAgICEgICEDki9_cE6WPul-cP6tYQD8ggbYWR4LXN1YnN5bi01Njc1ODg1MzQ4OTA3ODQwmgklaHR0cHM6Ly9wcm9kdWN0cy5ncm91cGRvY3MuY29tL3RvdGFsL4AKA8gLAeINEwiq0PnD-rWEAxVeO1UIHagPCiy4E-QD2BMC0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=e6GU2fq3cWY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_3dhARkbpnnpRh1-5ENZQEtYuoNbs35Zwvom_ngi79-H3Ka15sta3JAP387peTsMYe85wzC1iGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 container.html Show response
d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD50 6 KB
3 KB 53ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bajartiktoks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:40:03 GMT
expires: Mon, 17 Feb 2025 22:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 26ms
26ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HN69YG19T29FXMYMBDC9B08M
date: Sun, 18 Feb 2024 22:40:04 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1908467
cache-status: "Netlify Edge"; hit
etag: W/"e3bf5df30d7f62eba8446b559847d731-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 8579c50d5b2f6703-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 9016 93 KB
38 KB 162ms
37ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
Origin: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 18 Feb 2024 22:40:04 GMT
content-encoding: br
last-modified: Tue, 06 Feb 2024 16:37:22 GMT
vary: Accept-Encoding
x-azure-ref: 20240218T224004Z-wqqbmv49mx07126gzabhems6hg0000000250000000001y4n
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3f2cd7e7-901e-0032-10b8-611dab000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 64846142

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/241/ Frame 9016 81 KB
28 KB 82ms
17ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/241/trk.js
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 13 Feb 2025 03:22:46 GMT
Date: Sun, 18 Feb 2024 22:40:04 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 415039
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27925
X-Served-By: cache-lga21980-LGA, cache-ams21052-AMS
Last-Modified: Wed, 14 Feb 2024 03:22:23 GMT
Server: AkamaiNetStorage
X-Timer: S1708296005.822285,VS0,VE0
ETag: "0a80c859b54b27e94d766577dcd37bc5:1707880943.060178"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 113, 640452

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9016 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 15:39:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9016 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9016 0
0 63ms
62ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbh2HrzjEQqiGLOZwJhzMijOYRr5_AjfGGkGtu61UqvnvdANrVa1RBlTI8o_20q2FrJ5gYo71e4USmy6v5ISnGWc-9CQ
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9016 24 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 481433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Feb 2025 08:56:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9016 204 KB
61 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:26:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402140101&jk=3883819291058939&bg=!5eal5qnNAAZN4L4YbeA7ADQBe5WfOIhxvnofbkMrGjtpIgS0R8aaSUI9zIwEsUdJi2tdOTegJ-NW4GSo6K2bWg-874fSAgAAADRSAAAAA2gBB5kCxfrZPHjUUDbHiFA3HJ3iwX8ybVI8xj-tMo6iRZC1yXB93Uh33j1XpiNLy6RUmB5MpDPiDfyshy3eE0Q-nJoWqyzJRfKFwnqg9hy_mmz6a99hv0zg6p-tuU-WoA_IpkqAs97nmbPflxzJiz2mGuxk3HyPot8sHLLFAdV7FHf43Js4hdYj7fVCbUfkyHufwiX8ldouFd3jP0vWFoijZJMZutSg4iKBSpoeTl2Zm4SWLAvaEmGrEUSi6O4RTkqilHREq8UhxH8aYRsomOT56dkjJUFpkHHx3aZBhN6T302VLFCjHePBZbStKJzwEVgl6UO-4oYCr2KkKrJonaI0m8ykU6sV6dQGKzGP3rASpUowRKMUw3HSejWBcDQGG62FJw0AbREuz5ROrirSbOnpLFG-nLdp5WWisnHuZiPohrFayx9TN8GCOK8tTmH3vVGFGIj1ZX1zUmHN_85V2TO-11qVvRduyM9bXOra6j5xsRe1vba51ChFT4BETHlkHa-XKt7-9cPBscQIuAoAE9eoKv62h8XaFICPK8zGn8lKRGSF-40AKymP8ktfo35iz_xuHk_HdGwMh-VZGktKPTLm8tFQ2gmHoeRytwXUzpfwsRF6qszkrtV5XCu0VSu9wzduJMycSqk8RgXQg0SqNAqfEb9wS7Bf5b_8Ii78640w0kPQVfo9V3b0Yx3uCF4hT5GJVuBAeorwKXgja4xH7T9RwKIASEMCd8srH_Vk7lRGAfUDUjN1QR17koVcEzjZes9c0YJV8fgM3cMon5CSKrn7LI34HJ8KdkEnjwe2vkRp8n7n8jEefGlYc9Bj_V4DZ1LO1OK-ZGZxn_wSQQ2qlnG3wX4ATgpp5JvMFGHOpi6TbQzG60wQ5WVoMRs4WjTrNKycH6HzwBd95wufY6WMTapV_q3gairbYc1SuIK3-kVko2-kFunXc9tlKXQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2

200

c.gif
www.bing.com/aes/ Frame 9016
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f0c8df8-8696-4895-9219-142ca0716be0&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=799bbaac-cede-444f-88f...
https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&DI=0&DIS=SB_1-1-0(4-0)?&SNR=1&GV=2

0
547 B

58ms
58ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&DI=0&DIS=SB_1-1-0(4-0)?&SNR=1&GV=2
Requested by: Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8200E2FFD4F0405CAB138D1029E65391 Ref B: FRA31EDGE0808 Ref C: 2024-02-18T22:40:05Z
x-cdn-traceid: 0.39d53e17.1708296005.5bfd5381
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 18 Feb 2024 22:40:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65DD0913FD3648B6908D54A26F4AFA57 Ref B: FRA31EDGE0811 Ref C: 2024-02-18T22:40:05Z
x-cdn-traceid: 0.39d53e17.1708296005.5bfd535e
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&DI=0&DIS=SB_1-1-0(4-0)?&SNR=1&GV=2
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 175
expires: 0

GET
H2 200 th
www.bing.com/ Frame 9016 5 KB
5 KB 92ms
26ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8315234970962_1V5FRT1HH6DCANLCQR&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 89e4921ae914f6f14bd8326f6f0d90f57f68793101e5c1e34d551637bd77127d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:05 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1708296005.5bfd535d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4742
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 9016 0
660 B 75ms
25ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fbajartiktoks.com&e=wqT_3QLmA-jmAQAAAwDWAAUBCMSOyq4GEIaJgcO4poKLNBgAKjYJd7enuJY6wD8R253arGwAwD8ZAAAAQArX8z8h2w0SACkRJAAxARuwMzPDPzDykKcDOLUBQLVeSOMDULqJirYBWK3EPWAAaNwBeACAAQGKAQNVU0SSBQb0BQGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCF2h0dHA6Ly9iYWphcnRpa3Rva3MuY29tgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdXylfeQm-mRVMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYedEvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAABQhoEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNFWMBJAjaBwYJuJzgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=22622b1e17f79e0d7f147995269aef2dd4afbc97&bdref=http%3A%2F%2Fbajartiktoks.com%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fbajartiktoks.com%2F,https%3A%2F%2Fd4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fd4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
an-x-request-uuid: 05f116e8-5522-4a7e-800e-3b5825060335
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.225; 31.204.152.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67A2 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bajartiktoks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 22:40:03 GMT
expires: Mon, 17 Feb 2025 22:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
506 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.2&b=3&r=bajartiktoks.com_auto_interstitial_desktop&sy=d288ccab-2e6e-403f-9900-681497c9beab&ts=58&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=bajartiktoks.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=YmFqYXJ0aWt0b2tzLmNvbS8=

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.29.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nf-request-id: 01HPX57K4V2YYQD2N9YZD04ZEK
date: Sun, 18 Feb 2024 22:40:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "120d6140b624a02b4bfb985303c61fb8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8579c50f5cdb0bc5-AMS

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F6AD 1 KB
643 B 24ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 08:50:40 GMT
etag: 48472445140208031
expires: Mon, 19 Feb 2024 08:50:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9016 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b2b5be1496cdd8ccf3e793be799ac8c076149827f50da8ec848d9a70b74c248

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9016 0
709 B 17ms
17ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbajartiktoks.com&e=wqT_3QKNB-iNAwAAAwDWAAUBCMSOyq4GEIaJgcO4poKLNBgAKjYJd7enuJY6wD8R253arGwAwD8ZAAAAQArX8z8h2w0SACkRJAAxARuwMzPDPzDykKcDOLUBQLVeSOMDULqJirYBWK3EPWAAaNwBeACAAQGKAQNVU0SSBQb0FwGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIXaHR0cDovL2JhamFydGlrdG9rcy5jb22AAwCIAwGQAwCYAwmgAwGqA6QDCr4CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzk5YmJhYWMtY2VkZS00NDRmLTg4ZjItNzY5NjZkNjIxZWY3JmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5OWJiYWFjLWNlZGUtWm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9CoBX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzNzUzMTk3NDU2Mzk1ODc5NTU4IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56YzVNamd3T1RNMU16QTVPVE1qTnpjNU1qZ3pNRGt3TkRZME1UTT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1fKV95Cb6ZFUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFh50S-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktpAcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=16d8e21b33f01ed7702ae750ee2ba8c7fd9bd174&type=nv&nvt=5&jm=1003&px=139&py=0&bw=182&bh=90&sid=5367003951523399928&vd=ct~0|rr~0&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=1005&ph=90&ww=1005&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
an-x-request-uuid: e6870524-aba3-4762-8c05-af052fe4575c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.225; 31.204.152.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9016 0
0 91ms
91ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C44aERIfSZbGnGfC91PIP7p-J0A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgS1Ak_QIIcGYIsX0SRYy_sS5HjXJMrKcddfosQx9Yanzd3UOwmTbccoMGYC4HCdJX7voqjYIekVOwsT3aAblooP5YBTXJi72kBeXbSDm_zsAxeJKOZyQCPylFT4wO6tXl5PrEvW6FQWzvPMEb2pE8-Bbh1AznQOHFaWz4-x1DRC3L27Arj1loqwXWsQP68No3ZRanAEkILF2XV04ys0jKLttcfw9lRDaPAQrtPvuOz5jFn1Dk_5dcKD7M5tiVlOVVrAQl7cknhFdyxYgyLZQEZZrJe68LfN6vMYtVr5XIoBY7CH7TetsS_kVzDUK4TRMrjPBSOcWGb08jv_7LmnDZ6kFTdtVu1ZLn6qND-PSjytpHnby7-prF5Yoj02zNZqO2KQtyr_dRVLkRtwpGyTx6kBOZ_k-k7Jg-AEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQOSL39wTpY0a2NxPq1hAPyCBthZHgtc3Vic3luLTU2NzU4ODUzNDg5MDc4NDCACgP6CwIIAYAMAeINEwja443E-rWEAxXwHlUIHe5PAtrQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=U2DdfyCow6o&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_D87XGojnJc427G822YNnKjDBGZR-O2CBLhGCVM89bwkiN-xhjj2lKVFTXwgvC2axOqZ9n6x6GAE&cbvp=2&vis=1
Requested by: Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 9016 0
658 B 17ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fbajartiktoks.com&e=wqT_3QKNB-iNAwAAAwDWAAUBCMSOyq4GEIaJgcO4poKLNBgAKjYJd7enuJY6wD8R253arGwAwD8ZAAAAQArX8z8h2w0SACkRJAAxARuwMzPDPzDykKcDOLUBQLVeSOMDULqJirYBWK3EPWAAaNwBeACAAQGKAQNVU0SSBQb0FwGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIXaHR0cDovL2JhamFydGlrdG9rcy5jb22AAwCIAwGQAwCYAwmgAwGqA6QDCr4CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzk5YmJhYWMtY2VkZS00NDRmLTg4ZjItNzY5NjZkNjIxZWY3JmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5OWJiYWFjLWNlZGUtWm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9CoBX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzNzUzMTk3NDU2Mzk1ODc5NTU4IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56YzVNamd3T1RNMU16QTVPVE1qTnpjNU1qZ3pNRGt3TkRZME1UTT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1fKV95Cb6ZFUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFh50S-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktpAcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=16d8e21b33f01ed7702ae750ee2ba8c7fd9bd174&pp=ZdKHRAAGU7EIVR7wAAJP7ugk1-I1bWUknmpb5g&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr24-RIfSZbGnGfC91PIP7p-J0A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgS4Ak_QIIcGYIsX0SRYy_sS5HjXJMrKcddfosQx9Yanzd3UOwmTbccoMGYC4HCdJX7voqjYIekVOwsT3aAblooP5YBTXJi72kBeXbSDm_zsAxeJKOZyQCPylFT4wO6tXl5PrEvW6FQWzvPMEb2pE8-Bbh1AznQOHFaWz4-x1DRC3L27Arj1loqwXWsQP68No3ZRanAEkILF2XV04ys0jKLttcfw9lRDaPAQrtPvuOz5jFn1Dk_5dcKD7M5tiVlOVVrAQl7cknhFdyxYgyLZQEZZrJe68LfN6vMYtVr5XIoBY7CH7TetsS_kVzDUK4TRMrjPBSOcWGb08jv_7LmnDZ6kFTdtVu1ZLn6qND-PSjytpHmZyZ47bvqiz6nMuGP0YuYmswn18RxlicLSIjUXeykrFYcke6ykF2OSaeAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCQIgOGAEBABMgKqAjoJgECAgISAgIQOSL39wTpY0a2NxPq1hAPyCBthZHgtc3Vic3luLTU2NzU4ODUzNDg5MDc4NDD6CwIIAYAMAeINEwja443E-rWEAxXwHlUIHe5PAtrQFQGAFwE%26num%3D1%26sig%3DAOD64_1FBP9EO7gj4cnbP0qd9OXDsfFW7A%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
an-x-request-uuid: 0a780db5-401c-44a9-a4cf-7518e222f9ae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.225; 31.204.152.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 67A2 5 KB
694 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:00:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:40:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 18A5 6 KB
728 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 22:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Feb 2024 21:27:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Feb 2024 22:40:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18A5 2 KB
822 B 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 18A5 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 15:39:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18A5 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 15:39:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B10F 1 KB
643 B 26ms
26ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 08:50:40 GMT
etag: 48472445140208031
expires: Mon, 19 Feb 2024 08:50:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 18A5 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 18A5 0
0 32ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0nby8DWX7szHnQ-FgLx2DztDc8P5l__5AjEGwRrLJzmCrnW-LXuCL9f44ytgFkjGrdNi3na3dZ_b-ucAv8x-_KtRELQ
Requested by: Host: bajartiktoks.com
URL: http://bajartiktoks.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 18A5 204 KB
61 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:26:49 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 18A5 36 KB
15 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 May 2024 08:56:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 67A2 22 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:08:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 67A2 205 B
296 B 81ms
32ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:04:01 GMT
x-content-type-options: nosniff
age: 480964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Feb 2025 09:04:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 67A2 604 B
920 B 80ms
31ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:25:16 GMT
x-content-type-options: nosniff
age: 400489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 07:25:16 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F6AD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKh...

43 B
420 B

181ms
172ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c5115c4db88e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 158
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIy2AhouA5OUi_y3N27gwVw&google_cver=1&google_push=AXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTOQRKdl3FhltAwo0E9M-9eLJTAtLfOpDZNVOeIOWoP0oW6LS35N9CztdvZwjhINQxniaB9cboBABmhdVHbtzCqyhgVeKhI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c5103b4bb88e-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F6AD
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOOH8HL7huCkTXBPI0Ph94M&google_cver=1&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5fIBqQpsSdNAo0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47A408586A154204A622E0F6CF60914B&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5...

170 B
329 B

35ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47A408586A154204A622E0F6CF60914B&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5fIBqQpsSdNAo0

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:40:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47A408586A154204A622E0F6CF60914B&google_push=AXcoOmTOZM-rNJKJ-zkSNBAjenS9bcrvs3WgaUpZX9UY2TZfwSIj3jmH6mh0G4sSU--Ci4KLb48MH6r-8Ch-Wt5fIBqQpsSdNAo0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 17 Feb 2024 22:40:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F6AD
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVYRptv0lv6quPbjekZsT8&google_cver=1&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1Vq...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fHR22HtYSIc-9yZX9mXowA&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1VqACKgkhjCSV62

170 B
232 B

33ms
32ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fHR22HtYSIc-9yZX9mXowA&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1VqACKgkhjCSV62

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:40:05 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fHR22HtYSIc-9yZX9mXowA&google_push=AXcoOmSkoK0HvalHyzez3fJnvLnqMohmh5wrUaz-Ab2ULJrZPSiYF2mJemIMeC2F-vnNNyA9Pwa9Sd3xQ-HSb1VqACKgkhjCSV62
x-host: tde-deliveryengine-production-7fbb6d4658-j4tvv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F6AD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPfPKn8WNXGGIIoNRe-1ne4&google_cver=1&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3ts...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPfPKn8WNXGGIIoNRe-1ne4&google_cver=1&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI4ODk2NzYzODE5NTIzNDU0OA&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3...

170 B
188 B

35ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI4ODk2NzYzODE5NTIzNDU0OA&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3tslC4yfcBYbgPVULZ53WZ1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI4ODk2NzYzODE5NTIzNDU0OA&google_push=AXcoOmSLp6toySDj8OyOhZiGqSV_wgwEeA8SIL5lOs34SKplxCecfoo0g0kfokiFPpdDRB1grXQXw3tslC4yfcBYbgPVULZ53WZ1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F6AD
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOljkgNEKAdeC3uUJPEr_Mg&google_cver=1&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYU...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOljkgNEKAdeC3uUJPEr_Mg&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYU...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc&google_hm=NnNtWEZyVHFOcnRiMmFL...

170 B
188 B

36ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc&google_hm=NnNtWEZyVHFOcnRiMmFLekJWR2s=

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Feb 2024 22:40:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQX5sDs3VmsL4CisiAijO2gGyc5W1JJBfKEi05xHd6TpkUD_IbL2Z7AsUzF8tyFCRjNF8YIXWs3i1nYUQBWo2NmOB2Xvmbc&google_hm=NnNtWEZyVHFOcnRiMmFLekJWR2s=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F6AD 0
40 B 106ms
33ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPDp97K37t0P1Ug8r9l_KTvC1ptm9aoBOZGVPRijJkyF0gcX_jVFhJ7yo

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B10F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfA...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyW...

43 B
401 B

187ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c5115c49b88e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1047
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIOVIp7F0-Xa_biIQgyZTew&google_cver=1&google_push=AXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSUM1rs5eFYIDCN5iVRCvjRJEqxwaAajzieB26xkl5w2tIYnh5DR1eEOmWfUyXrTZtCzYs4WaU-z8U6OjWT7DOFTN4MtyWfAQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8579c5103b4eb88e-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B10F
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAlew6698-UhiOSsXalqocE&google_cver=1&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO80oz38dzntEjw4XEZyg

170 B
232 B

33ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO80oz38dzntEjw4XEZyg

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRWXNdY7ka9owzBxOC8pchnMAIturCyMZXdAt6sXcLb5Y_TBo2VrAwmmQ33jnwWsjbV_OtKgRp7OmO80oz38dzntEjw4XEZyg
Date: Sun, 18 Feb 2024 22:40:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 204
No Content tum
ums.acuityplatform.com/ Frame B10F 0
27 B 60ms
18ms Image
text/plain 154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMA4Y_-xxT7Gzs_T8BtrajI&google_cver=1&google_push=AXcoOmSFnCMi6R1HTDPiJvbyGjc1_n_zIOghqwglHQNId2J1PNsCYP-6uqcPjUQ7zfeGYaJyoADfOTz9bjFCGfEm8SPwrx-Rsv56
Requested by: Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.79 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B10F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHUWER33anrPlyKwx6tswMg&google_cver=1&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLx...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLxMCq2uOQ&google_hm=eS01QXc5UmRkRTJwRW9x...

170 B
232 B

35ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLxMCq2uOQ&google_hm=eS01QXc5UmRkRTJwRW9xSWx2YmoxMUw3U0V6NUVRazRvRn5B

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Feb 2024 22:40:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbdhvCX2vVS5z7r3_4OoYGlm__wMK2LwtYhZgf1QSEr4ERuvS8wBVSK1JxUYSML57S7J3luVoGIro0N7pAjaySkLxMCq2uOQ&google_hm=eS01QXc5UmRkRTJwRW9xSWx2YmoxMUw3U0V6NUVRazRvRn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B10F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUt_ojwIFyajYfoUDweRYs&google_cver=1&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyu...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUt_ojwIFyajYfoUDweRYs&google_cver=1&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyu...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ&google_hm=ILzwAGZHp-h0kHCKQ2ik30zH

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ&google_hm=ILzwAGZHp-h0kHCKQ2ik30zH

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSvuC1NP5JmfbKMr5smWBGXEwcRlMWcWyttgXRRiouWO3RuFiXPhDdxXi1UDOEOUz0ZPbwwFqMCWNoJqsfyuG9MsPkWrcfJ&google_hm=ILzwAGZHp-h0kHCKQ2ik30zH
access-control-allow-origin: *
date: Sun, 18 Feb 2024 22:40:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame B10F 0
44 B 796ms
261ms Image
text/plain 35.76.25.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEPeXeQZVojv0tI8p4UGmgqA&google_cver=1&google_push=AXcoOmS5xC9etPcQt2SWQ5kHcjHdoACdn4nxPSPbD6T4iaQa39NRnEUlgL6cGXuzbt4DVGb1r7Yinoa8F0SRwCaS9nazN9LY4W91xQ
Requested by: Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.25.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-25-149.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:05 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame B10F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMH98Bo25sg98EgbUeapwvA&google_cver=1&google_push=AXcoOmR7pmPxmCYGvhTcjv810_HM0tDsgYu4PD2QEttIKuaOj-NcjslbfC38DC7MvxDX3Sbv7uV35ABfHvM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR7pmPxmCYGvhTcjv810_HM0tDsgYu4PD2QEttIKuaOj-NcjslbfC38DC7MvxDX3Sbv7uV35ABfHvMlL8W-58ZEueU2HGzH2Pc
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

24ms
24ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B10F 0
130 B 78ms
32ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IfzALWk1CUEzJhYLnvyg6cOGSUNwZKmrycAgCT10I3tG2aHiufsIrBTw15YYMDWJh1HeZ2cw

Requested by

Host: d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
URL: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:40:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 -nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js Show response
pagead2.googlesyndication.com/bg/ Frame F18F 50 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js

Requested by

Host: bajartiktoks.com
URL: http://bajartiktoks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19793
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:34:54 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8C9D 42 B
64 B 63ms
63ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWHlqZUntW24Kka9pGOrjoBznZ6v9IAC_1ftG7zIEJFsMcrie_MJchRKBEXH89aLprATTKizUNIr3yjTd8UR3kc7wVjFvl3AgBZHACg647KKklY5yTNXznP-QrOOFq8_2KZ2E0MPNQxHX1rim1Mnnp7VPYOZlaJslWAg&sai=AMfl-YQG-5QKasjejEaAEItFIhnFDShEy8VGKV8ecQ6SOW4M41vkRBKD8es_zQHBN4kyEwCMWMRt3me9PQ-D64ct3600vt4xPNsy9FD33RD3xW9PWUlHY8eQOVuFU-o&sig=Cg0ArKJSzJj2cRCf4DQHEAE&cid=CAQSOwAvHhf_3dhARkbpnnpRh1-5ENZQEtYuoNbs35Zwvom_ngi79-H3Ka15sta3JAP387peTsMYe85wzC1iGAE&id=ampim&o=345,101&d=910,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=207&tls=1207&g=100&h=100&tt=1207&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bajartiktoks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 9016
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f0c8df8-8696-4895-9219-142ca0716be0&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=799bbaac-cede-444f-88f...
https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&type=mv&reqver=1.0&tids=1

0
18 B

71ms
71ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&type=mv&reqver=1.0&tids=1
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E30D3F3C01074DD9AD7757577E90AB25 Ref B: FRA31EDGE0513 Ref C: 2024-02-18T22:40:06Z
x-cdn-traceid: 0.39d53e17.1708296006.5bfd5637
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 18 Feb 2024 22:40:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA60329AE4BE4124ABDBBE65F5FB7C45 Ref B: FRA31EDGE0210 Ref C: 2024-02-18T22:40:06Z
x-cdn-traceid: 0.39d53e17.1708296006.5bfd5617
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?RG=e71277c0948e45b99ecf590b88e7d92e&med=10&PubId=162645330&type=mv&reqver=1.0&tids=1
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 162
quic-version: 0x00000001

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9016 42 B
174 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVubLmjd-yV1qxAClnD4wNhHR0oTIuuBiUpArSgB4p9mgvdbShKoPPufhtaj5dlbM7QeRgyojyljlomi4ZqSfpN9Cp0ZUJEGO0CXAXpy7V_3k5OJRqPiuDYajksnyi21Z_5VsaNxk&sig=Cg0ArKJSzNQb3MYYIhQrEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=388,887,1000,1000,1000&tos=388,499,113,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2955021500&rs=4&la=0&cr=0&vs=4&r=v&co=422880500&rst=1708296004742&rpt=338&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9016 0
710 B 17ms
17ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbajartiktoks.com&e=wqT_3QKNB-iNAwAAAwDWAAUBCMSOyq4GEIaJgcO4poKLNBgAKjYJd7enuJY6wD8R253arGwAwD8ZAAAAQArX8z8h2w0SACkRJAAxARuwMzPDPzDykKcDOLUBQLVeSOMDULqJirYBWK3EPWAAaNwBeACAAQGKAQNVU0SSBQb0FwGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIXaHR0cDovL2JhamFydGlrdG9rcy5jb22AAwCIAwGQAwCYAwmgAwGqA6QDCr4CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzk5YmJhYWMtY2VkZS00NDRmLTg4ZjItNzY5NjZkNjIxZWY3JmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTc5OWJiYWFjLWNlZGUtWm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9CoBX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzNzUzMTk3NDU2Mzk1ODc5NTU4IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56YzVNamd3T1RNMU16QTVPVE1qTnpjNU1qZ3pNRGt3TkRZME1UTT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1fKV95Cb6ZFUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFh50S-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktpAcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=16d8e21b33f01ed7702ae750ee2ba8c7fd9bd174&type=pv&jm=1003&px=139&py=0&bw=182&bh=90&sf=1&sid=5367003951523399928&vd=ct~0|rr~5&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 22:40:06 GMT
an-x-request-uuid: 85be9547-90f7-4a02-b933-38c2ffd53584
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.225; 31.204.152.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssJm6zG1QO4cFRNz5PZnv8fbkbUBBUsJ4qNCh6h84L1qfVUnuraAKRXfjpB5wcEYu9rhytpL4NiCpHPP9K0uHuHCgWnKbDHVfsUGRZRpx1k63biK8ZlUCHP9I38M6k9ySA6XUT6MpdLED2gz92FxEOZma8GRtAJDCxUGZPOqB5PLyXF2nP0LDEUSPrt6FpIa51i-3kC7NqvFs3PRhVD8DF61kl216MQggu1qpWHgXeeXLB3tiRTfjJBZmXAX9nI_8Cl-19u7UcvusUmMpHK0xvCwrABA4PMp3P4yHhGc2eyEDwdSH7pXsg0g6cuyNiiP33upV3u5KMRYWZ9NUktYrBuSGNxPLgpkjOR1BWPBT4w4KWPG9EkmQcH38WOKOJKxp_yqiDTkcXjUmI0T5nUHSEBPepfhrg7cOwx7bcDBshGaKS_2wPDPuq0tEv7TEQAvlh7H_4JIYc&sig=Cg0ArKJSzIw4z6B8FQosEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgtUI1uF3aQR4OD88OqLqBNODGUrIJ4ipS5MLBMWnq9h5jZtDHQ8c6xh1ZLRC7SgmndkudXOI31nfz_ZGPmuIcAWOPvPJi26tkuLZU0bORVp_COF-WdnCeUK2Qnmj5oVn6cZkftMHo3lRNzUQjKi5x4fVIK7CvNrOGwGqrPkgygev70qaz6xKX_QgeHup42x-nXFuRNDDcZsIxR1s_QCWB4nxEoYZTLDywbljvLji0k3iOBmUB3ZrLzfQGFX6MClnGCHt1OYG2IlXAMT587EYn9ezjVuF-O-NieK2DGJi1lTvDTcszZ7-vxUicvk2EhrRfz9yoGkS6dyM9b5nTj_wYLLtpHCvcGvTd3AUlo7zfH-UsVGZv-WsBm3Oj3EYZlICVdSH_jHrEBUGrL6K7fWcaFO4OuymTSgDCEzNuBGbBqlRZjnY-GovQa20CqokrlI1T5rM&sai=AMfl-YS6ZXasFRPG7iJ7I6qXOg5Dx2kjJ6BqCfPmk9pTyiV2gkMxKvwGw5RzfBkhBUhQG-CiIXqPATG6Zu5Pcz3YvbqbYQ2VsY6sI2Uf1EHCi06NtSMqP4oUFtd16A9obDo52UM6Xkufa9pdN8Dvz_mTYP0&sig=Cg0ArKJSzJZ72jq2kREyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 18:31:37	Name: __cf_bm Value: gFENHtfBqKvbpvaDg77hYCxd.Za0cSHrl4Ey1C4AvO0-1708296003-1.0-AfFKPaX3c5G+Tgdn9H7ClsEUqtUbEX7VpFPm/E7DkPgCqpX2gaK8pB6mmRXLYJWqfScXlje81S2eJ8sEhuCh3ro=
.bajartiktoks.com/	1970-01-21 03:53:12	Name: __gads Value: ID=1de4500cfebd2d93:T=1708296003:RT=1708296003:S=ALNI_MbjtlebSt-kpFuup0BwjtPmplZCKQ
.bajartiktoks.com/	1970-01-21 03:53:12	Name: __gpi Value: UID=00000d5c4e2ddeee:T=1708296003:RT=1708296003:S=ALNI_MZLNxS69Y1WvfZId-bhUB3YZLW5fA
.bajartiktoks.com/	1970-01-20 22:50:48	Name: __eoi Value: ID=da20a68fa8e59644:T=1708296003:RT=1708296003:S=AA-AfjbAhj_aMUAyH-oU6119tdHu
.doubleclick.net/	1970-01-21 03:53:12	Name: IDE Value: AHWqTUlOsl7wE0UDx6R66R0GhK0MuyGMOFhzs-7gcVUzbsaW3zS6RHxXUoGPm210XQs
.adnxs.com/	1970-01-21 04:07:36	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 03:53:12	Name: MUID Value: 2A4599184958676A35AB8D3148F466E0
.simpli.fi/	1970-01-21 03:18:38	Name: suid Value: 47A408586A154204A622E0F6CF60914B
.travelaudience.com/	1970-01-21 03:58:57	Name: _tracker Value: %7B%22UUID%22%3A%227C7476D8-7B58-4887-3EF7-2657F665E8C0%22%7D
.adsby.bidtheatre.com/	1970-01-20 18:41:40	Name: __kuid Value: 7c7610ff-4383-4a3d-8687-1c24f21a3927.477510005
.adform.net/	1970-01-20 19:13:21	Name: C Value: 1
.yahoo.com/	1970-01-21 03:17:33	Name: A3 Value: d=AQABBEWH0mUCEMVOpBIkVNmJJkR_gjEroZQFEgEBAQHY02XcZQAAAAAA_eMAAA&S=AQAAArHWhcTRXK2yMs6AGOF76vc
.lijit.com/	1970-01-21 03:17:12	Name: ljt_reader Value: ILzwAGZHp-h0kHCKQ2ik30zH
.adform.net/	1970-01-20 19:58:00	Name: uid Value: 4288967638195234548
.tribalfusion.com/	1970-01-20 20:41:12	Name: ANON_ID Value: a4ntuJSZdIijSTnMSXONpawVZa1B9NY96eVxFk1kWtvlZcU7K4DswQbESnRvBIRnhnwfHDeHmw8xv3D7IdqZd1bHZaS6C
.zemanta.com/	1970-01-21 03:17:12	Name: zuid Value: 6smXFrTqNrtb2aKzBVGk

56 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://bajartiktoks.com/(Line 586) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://bajartiktoks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adsdk.microsoft.com
ams3-ib.adnxs.com
ap.lijit.com
b1sync.zemanta.com
bajartiktoks.com
c1.adform.net
cc.adingo.jp
cdn.adnxs.com
cdn.ampproject.org
cm.g.doubleclick.net
d4f979a980dd0897cd1219ce674bc144.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
live.demand.supply
match.adsby.bidtheatre.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
www.bing.com
www.google.com
www.gstatic.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
151.101.65.108
154.59.122.79
172.217.16.130
185.89.210.82
2606:4700:3031::6815:5725
2606:4700:3031::ac43:8c77
2606:4700::6810:8616
2606:4700::6812:18ad
2620:1ec:bdf::60
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a02:26f0:480:22::1726:62f9
2a05:d018:d29:3601:8a10:6709:5018:5354
34.249.135.188
35.190.0.66
35.204.158.49
35.76.25.149
37.157.3.26
51.75.86.98
64.227.64.62
64.74.236.159
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
023afcda2802497227b8c84551db99fa0ffff2a57996a1ee9b558c8102212f56
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
129206b0382b41bbcc5d6345d82103285b94d2f9cefa148bddb4414137d3f89f
15f8ff69c708341b722f67ef089b624c9c963046edabc81f0675995fdadd4bff
1b0b1672430f51849dbbbe758b870bf57b1a6a4ffd4ec32729eda3f0e229c416
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2cf7928eba91b4ec1caf2c312d690dfca5b7d91b3ff51ec4cf81fdc9d187ecd7
2f2b8bc4471465659c673e5d6151998c4c82c91bad31c2bb611ec90b1f407925
2f38483bd801f58db0fb0828f3a3c5bf44de3871739caa8dc2407c83d8938e1d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4062685fe3e5b5d61aedc28be03f89044a05cf818ca3dcea358d96dc287af3d4
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
45c912062ccb86647960ad8f1f1bfe1ac816f3f934f4c17b78e49c2449f9cc53
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
486a013de214b1deda4274c87e880ee2c19774c9b47ffc173600b581342710bd
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50d82ad02d157775cc9ae97718184343e08f4f15744345e6c7c224e4bac90499
510adc8efb75a34a478cc2125a546996ea4a11f32f7584c36ef4b17a03f51b30
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
59d0f336fd0ecad9ea0d7ef6a0761e3fbd4adda60fa7809a7ba08f7a8468e413
5a3851e32381d1d0ac6c514cc7eae923700b8d08460199bc0a47c6a6d7447d07
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f6176aba37dd88aa2372e01eab674a3940f9cee6c49b532a0f7edee7b56b3a1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620e650135367f175a542a88c0646be2b716930cc42e01e291eb24d63722616f
630351600fef5eff668e3900eae175f0bb70a898d5cfb0b92feb58f314c31e9c
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
67ba02e4a2dd5a780e658509c91d8efc0eba22534017c3e33506a30abec10ab3
6b2b5be1496cdd8ccf3e793be799ac8c076149827f50da8ec848d9a70b74c248
6ec19efadb3c091c9b18622be0a04bb3f5c610deb7d8f6392419e210553d545c
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
722117cb3654f60fe9c913d636106dd30b90c0d805b0828ebf6f06d1f0d3b32c
76d2970ec15e8c3b85b2ba2d805ab8e7223f49736cfac114e615819cda50234b
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b4a089a7e7b88e8b1e5abbc3ac0a6896728f92535be02e7c5cec719f2776533
7b97ab27478e1402ec7f35c1e1e4468e31f226fd5a36d55c73ccca2080c8b15d
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
88e746ee32e3b86955fc005852c7563ea18e3effc821d65c8c20c4cd0a9fe475
89e4921ae914f6f14bd8326f6f0d90f57f68793101e5c1e34d551637bd77127d
9088c85467b9f61eacb95b84980388afb71e25dc20068467ef7293ab593e4420
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256
93ebfd8ee71c3ce7a33659d236d6403b04c3fa62d7bdce8b480975f257c192d0
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
9772979b357c269704be0e8e977c20feb278696d490ef35da00ffbb3d66d432b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9baf63013d74acaddb439c3696da2bbdf045c9f49b924b5c2f4b6cd270428600
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
ab5249ce649e8e8d046e6810d15dfdb0a559e3255f26bbdd0dd45f099bc816a6
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b162e6d54ed38d028e486a77450c08b85638f9d1ec10e825b26f70b1fd61a363
b1e46ba7ba312eb9f1888dd96c0167a491035dbfbdb8b2976af88636e9e302e6
b4ec68e736a39282a728361a7a2b56eb486fcf10afb9ac4e71e86c97c6f6c2ab
b72110ad314201e19922480e9b6b6c641e47b183c2a4b2cb3234b2c97ba885f3
bb5a1519d693b4edcbb11f538b41f5e99646f23e4674ee569595b39b13f56f29
bb5e8eef5efe4f00b4a4bb3df651d1418ecf8072ec98393dd773454f814f477c
bd5ab9ec90fbf3aa5b63ac56ac559e1424d529fd040d9e3b7f391b069e325063
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be45e3cad5738b33f05b101ef9fff8716fdc0b4326245b29eba2e23e64ddc310
c3931bffd71d3d21af5cea0706aa3d3ba7147650c6fe5fcaddb819e7a80af0b8
c89ee8863df29dfc6f0a0fa3b90674c9eabaaac152f3fe75dd9eb6cda55c3714
cb32df9ddbb6a9a4d6ce87cd263d6dc9ccbe156e91bb6fa1d5eb6f63f9795085
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cdfb7a6c28b778059aa6b6c71a53751ff287ff3e93a5aaa2ef47743c96424df1
df7d2801d702efbce3bcde148da43583f5e186fbd8480581847013b84afaa80e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b77d24fd26957deac9b2ec87faa71acd3f7f40e27716bb28f071c1c0f9b0ae
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fa5fe3a2a94bb535edff05f9df9b44ecf5c5f9d4d5b6fa4a37d2e7980788c920
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5

bajartiktoks.com Open in urlscan Pro 2606:4700:3031::6815:5725 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

80 %HTTPS

56 %IPv6

22 Domains

28 Subdomains

21 IPs

7 Countries

1509 kBTransfer

3232 kBSize

16 Cookies

1 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bajartiktoks.com Open in urlscan Pro
2606:4700:3031::6815:5725 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

80 %
HTTPS

56 %
IPv6

22
Domains

28
Subdomains

21
IPs

7
Countries

1509 kB
Transfer

3232 kB
Size

16
Cookies

136 HTTP transactions
3 data transactions