tikytoky.com Open in urlscan Pro
103.155.93.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tikytoky.com/
Effective URL:
https://tikytoky.com/
Submission Tags: falconsandbox
Submission: On April 21 via api (April 21st 2022, 8:14:18 am UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 27 domains to perform 194 HTTP transactions. The main IP is 103.155.93.103, located in Malaysia and belongs to HOSTKEY-AS, NL. The main domain is tikytoky.com.
TLS certificate: Issued by R3 on February 23rd 2022. Valid for: 3 months.

This is the only time tikytoky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	103.155.93.103 103.155.93.103	57043 (HOSTKEY-AS) (HOSTKEY-AS)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	92.123.225.17 92.123.225.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	92.123.225.73 92.123.225.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	199.232.190.73 199.232.190.73	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.57 23.111.9.57	33438 (STACKPATH) (STACKPATH)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	158.69.139.225 158.69.139.225	16276 (OVH) (OVH)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.27.154 142.250.27.154	15169 (GOOGLE) (GOOGLE)
1	108.157.4.26 108.157.4.26	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3 6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
8	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2c0f:fb50:400... 2c0f:fb50:4003:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5e::9	15169 (GOOGLE) (GOOGLE)
3	108.157.4.24 108.157.4.24	16509 (AMAZON-02) (AMAZON-02)
194	39

15 103.155.93.103 (Malaysia) 3 redirects

ASN57043 (HOSTKEY-AS, NL)
PTR: mail.chimerapharma.com

tikytoky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.transparenttextures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 92.123.225.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-17.deploy.static.akamaitechnologies.com

p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p16-sign-sg.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 92.123.225.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-73.deploy.static.akamaitechnologies.com

p16-sign.tiktokcdn-us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.190.73 (Munich, Germany)

ASN54113 (FASTLY, US)

p19-sign.tiktokcdn-us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (STACKPATH, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.27.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-26.dus51.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.20.157.55 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2c0f:fb50:4003:802::2003 (Kenya)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5e::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-24.dus51.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	236 KB
32	tiktokcdn.com p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1030 p16-sign-sg.tiktokcdn.com — Cisco Umbrella Rank: 1277	635 KB
22	tiktokcdn-us.com p16-sign.tiktokcdn-us.com — Cisco Umbrella Rank: 1223 p19-sign.tiktokcdn-us.com — Cisco Umbrella Rank: 1387	2 MB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 bid.g.doubleclick.net — Cisco Umbrella Rank: 500 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	288 KB
15	tikytoky.com 3 redirects tikytoky.com	2 MB
11	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 262 gcdn.2mdn.net — Cisco Umbrella Rank: 1008 r4---sn-4g5e6nss.c.2mdn.net — Cisco Umbrella Rank: 357580	2 MB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 7684 ic.tynt.com — Cisco Umbrella Rank: 4493 de.tynt.com — Cisco Umbrella Rank: 1348	8 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	71 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	126 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	4 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388	117 KB
3	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 737	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	101 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 12980	3 KB
2	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 38071	46 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	5 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 722	10 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12875	145 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7579	792 B
1	transparenttextures.com www.transparenttextures.com — Cisco Umbrella Rank: 165945	92 KB
1	maxcdn.com twemoji.maxcdn.com — Cisco Umbrella Rank: 8617	5 KB
1	waust.at waust.at — Cisco Umbrella Rank: 40780	7 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	3 KB
1	ad.plus ad.plus — Cisco Umbrella Rank: 70317	1 KB
194	27

	Domain	Requested by
25	p16-sign-va.tiktokcdn.com	tikytoky.com
19	tpc.googlesyndication.com	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com tikytoky.com imasdk.googleapis.com securepubads.g.doubleclick.net
15	tikytoky.com	3 redirects tikytoky.com web.webpushs.com
14	pagead2.googlesyndication.com	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com bid.g.doubleclick.net tpc.googlesyndication.com tikytoky.com www.googletagservices.com securepubads.g.doubleclick.net
14	p16-sign.tiktokcdn-us.com	tikytoky.com
11	securepubads.g.doubleclick.net	tikytoky.com www.googletagservices.com securepubads.g.doubleclick.net a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
8	s0.2mdn.net	tikytoky.com s0.2mdn.net
8	p19-sign.tiktokcdn-us.com	tikytoky.com
7	ic.tynt.com	tikytoky.com
7	p16-sign-sg.tiktokcdn.com	tikytoky.com
6	www.google.com	1 redirects a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com tikytoky.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.googleapis.com	tikytoky.com a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
3	choices.trustarc.com	choices.truste.com tikytoky.com
3	www.gstatic.com	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com tikytoky.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	tikytoky.com a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
3	stackpath.bootstrapcdn.com	tikytoky.com stackpath.bootstrapcdn.com
2	r4---sn-4g5e6nss.c.2mdn.net	tikytoky.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	tikytoky.com
2	bid.g.doubleclick.net	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com imasdk.googleapis.com
2	t.dtscout.com	waust.at t.dtscout.com
2	web.webpushs.com	tikytoky.com web.webpushs.com
2	cdnjs.cloudflare.com	tikytoky.com
1	gcdn.2mdn.net	1 redirects
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	choices.truste.com	a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
1	whos.amung.us	waust.at
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.transparenttextures.com	tikytoky.com
1	twemoji.maxcdn.com	tikytoky.com
1	waust.at	tikytoky.com
1	cdn.jsdelivr.net	tikytoky.com
1	ad.plus	tikytoky.com
1	maxcdn.bootstrapcdn.com	tikytoky.com
194	44

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.tiktok.com
whos.amung.us

Subject Issuer	Validity	Valid
tikytoky.com R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-05` - `2023-01-16`	a year	crt.sh
*.tiktokcdn.com RapidSSL RSA CA 2018	`2020-06-11` - `2022-06-12`	2 years	crt.sh
*.tiktokcdn-us.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-19` - `2022-09-19`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-04-12` - `2022-06-21`	2 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://tikytoky.com/
Frame ID: 7D6DA3C5CFB1AE717F080900FB4F8089
Requests: 109 HTTP requests in this frame

Frame: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C7CFB230B26C7A62142605C7D1F8101
Requests: 1 HTTP requests in this frame

Frame: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 417623A9B519FD0492BEBE2BBF9B6785
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj85-i7ATAB&v=APEucNUamDewYZ6Mpw8QWADfhAUewaqCNiGXxcydh3Yk7JAnlx1BlcdlK2PreTzW0UTpqLQ7xZ1KaPV_UC94ql3S2D8uprK9OVr0GUxHScRPluPj6AWr1uex5I7HM1rier43L9SUQCjF8etq36x0b1YgYCiYExNarIQZF8_Myc2SqOFgxQKOlRI
Frame ID: D0A3F9F6A914ADBEB060B4D9E88DDCD4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38BFB162995E2424F6AD5FE9FEEDF4B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
Frame ID: BF8FDE552E2401BAEA4FFE08F56060EF
Requests: 7 HTTP requests in this frame

Frame: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D554001B1264FD7DC7882FC31F18766
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5702204BF043E1DCA60BAB95F136D9F7
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 23C7E06B4EE6ABE25EFEA6F59A383535
Requests: 14 HTTP requests in this frame

Frame: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F8D55F54FF4F0EF8E2B0C3B58A7F0F8
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1A6AC4A1DC5CE8D314C03DB49C51A601
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3502E35F32E2A470C1A582A9AD33F58F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6BA65865ABA0BC2073848562526BAD3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TikTok Online Viewer • TikyToky

Page URL History Show full URLs

http://tikytoky.com/ HTTP 301
https://tikytoky.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

194
Requests

95 %
HTTPS

59 %
IPv6

27
Domains

44
Subdomains

39
IPs

6
Countries

7348 kB
Transfer

9456 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/US/app/id835599320
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically
Title: Android

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/
Title: TikTok

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/91uy1rl1bu/
Title: 20

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tikytoky.com/ HTTP 301
https://tikytoky.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://tikytoky.com/images/loading.gif HTTP 302
https://tikytoky.com/

Request Chain 81

https://tikytoky.com/images/shattered.png HTTP 302
https://tikytoky.com/

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1&C=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmESVPk9fjB7MSAgWglUvAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIASeuL-TcS-ntZ7iuew8es&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGTqglGT80WKI_1ucFxRlWM&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwOTkxMjUyMzQ5NjE2MTU2OQ%3D%3D

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://gcdn.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/36922E6AB9EE24FD8385890A01E5802674440C3B.4F74837F6E0CEC8587B1A4F96D67BD96A6ED5E93/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/27A4A3F281BEB70B027765AC718D7773B4BCD91D.3ED08272CED21B7E591516AE994EB741C794733F/key/cms1/cms_redirect/yes/mh/w3/mip/2001:ac8:20:3d00:1012:1167:d7ed:3661/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1650528516/mv/m/mvi/4/pl/49/file/file.mp4

194 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
tikytoky.com/
Redirect Chain

http://tikytoky.com/
https://tikytoky.com/

86 KB
16 KB

74ms
46ms

Document
text/html

103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: fafaf1eb4fdf5bc482077a733614b3c812fdef8e9cb294a3167b4c50255dccc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Apr 2022 08:14:11 GMT
ETag: W/"15728-rfY6901X/fCMYLvPBvnx/wH728A"
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 21 Apr 2022 08:14:11 GMT
Location: https://tikytoky.com/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/css/ 19 KB
3 KB 48ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/css/swiper.min.css

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

289a425744bb9c0329c9570774ce5218404550d049b9d38a017ddaf479e70886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1256284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2540
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rg4dnxvQ4b5VOKDTP%2Ba0jf4JUqDwzjXWzVUV1IS4cHvAR964Yw1ImxJC%2FO71%2F1iZVvb5kRZu5F0GhhXcSyJscXYGcLaUsWh%2FEXERRZ%2BegzUeM2lqAxUNY5SQrmAtDM%2Bl1n7U%2Bg%2BjurYpOPa6qDds642D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ff4aa28ec790225-ZRH
expires: Tue, 11 Apr 2023 08:14:11 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
18 KB 51ms
23ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 31031915
cdn-cachedat: 2021-04-26 22:37:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c9a844d6c5a3e1e2f94ceac783be2e75
cf-ray: 6ff4aa28d8ed0200-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.3.0/css/ 33 KB
2 KB 53ms
24ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.3.0/css/flag-icon.min.css

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1415027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1467
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-841a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fvh0bmTXmcnN77Nz%2F5CycdxfEZPIiWsI%2Fq4tSK1Bn8Zwcjj6Drwy6fzZ3IOyK1kgdABGGupZJyJYp0LLKaLSO0xbQWMkm0Md3ZNEeINHsO3LeicSYbYMQddzyh0ujWHTq9dvVhvnw4HtIOMqi39V8%2B4P"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ff4aa28ec7b0225-ZRH
expires: Tue, 11 Apr 2023 08:14:11 GMT

GET
H/1.1 200
OK common.css
tikytoky.com/css/ 2 KB
2 KB 15ms
14ms Stylesheet
text/css 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/css/common.css
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 2a9ca09a2eaa79828af825473bc0ba1b649bfcec50c7ca0dd886f182bd783cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"800-17e45de68c6"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2048

GET
H/1.1 200
OK style.css
tikytoky.com/css/ 50 KB
50 KB 30ms
14ms Stylesheet
text/css 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/css/style.css
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 405af8360a3d70af6ed4e1c79bf4d498ebe33b3f5181bdc52e30e270e60512d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Sun, 16 Jan 2022 13:59:17 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"c85c-17e632f6678"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51292

GET
H/1.1 200
OK font-awesome.css
tikytoky.com/css/ 34 KB
34 KB 54ms
28ms Stylesheet
text/css 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/css/font-awesome.css
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 7c342484c38f8bba5f2071e66771a2d925d81762be2cfec170b2fe28f9806880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"8759-17e45de68c6"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34649

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 66ms
25ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tikytoky.com/
Origin: https://tikytoky.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 1240752
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c279211ce63474230d78f0ecf55e3d1c
cf-ray: 6ff4aa28fd0023af-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1006 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans:400,700,900

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58367b0b9c9387d9bad144df871a34d4dea5a5e7ceca1aa9741dd60c0374bd70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 08:14:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 08:14:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 08:14:11 GMT

GET
H/1.1 200
OK discover.css
tikytoky.com/css/ 670 B
993 B 43ms
17ms Stylesheet
text/css 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/css/discover.css
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 898a982d956099877581b8741dc7547078df09cecf44bcad112731635ca8a3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"29e-17e45de68c6"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 670

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 62ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

bef8f9821fa7e69005df4149664afedccfad155111755874492fdb851c7f6cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28657
x-xss-protection: 0
server: sffe
etag: "1192 / 344 of 1000 / last-modified: 1650492553"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 08:14:11 GMT

GET
H2 200 7ba1d3b1d9fbf66a57585e89f8a72e1a_1.js Show response
web.webpushs.com/js/push/ 116 KB
35 KB 138ms
54ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/7ba1d3b1d9fbf66a57585e89f8a72e1a_1.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

e05f2f625425d40b4538b14204896fe5c08049bba633918569e0f1d6b8bc9b23

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
x-age: 143564
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ryzPdnf/zDACAA
x-accel-expires: @1650990087
x-sp-ma: sp-ma-0
last-modified: Tue, 15 Mar 2022 14:32:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: Yc4z1KsGaI8
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=604800
etag: W/"1d02c-5da42a91877b8"
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Tue, 22 Mar 2022 15:16:42 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e90f64685201bd680980d9c53447457174adfb7ca2736184ea7719badd2151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28510
x-xss-protection: 0
server: sffe
etag: "1192 / 718 of 1000 / last-modified: 1650492483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 08:14:11 GMT

GET
H2 200 adplus-advertising.svg
ad.plus/ 735 B
1 KB 172ms
51ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.plus/adplus-advertising.svg
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 20:49:12 GMT
server: cloudflare
age: 5864
etag: W/"2df-5a27d2a9698fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXy5eiSR3jiXp%2BydqBDcnH%2F4IF6KqHP9vp5NYO11%2Fuw%2FIa21IybPFsagxJltjkaSWhVONXMtkDIn4GzjSd5KADV5MBWel1s688n5vmAn%2BYYV5Nvjypsh2fEwE4sXWkoph4wBOq6y"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ff4aa29fd07e934-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1646200190228485~c5_100x100.webp
p16-sign-va.tiktokcdn.com/musically-maliva-obj/ 3 KB
3 KB 59ms
12ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/musically-maliva-obj/1646200190228485~c5_100x100.webp?x-expires=1650610800&x-signature=VSqbSGxCSo6HPg4PGEvSQGYLokQ%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 328d2351a42243e1c7d53381f808cf0d4dc5f1e7ecbad2b2b9411efb74c4ff7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa1b
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(2217,2217)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-84987776105fbe39e88b108605c904d1-84987776105fbe39-01
nw-session-id: 202106172334130101890901001CA0D2A3-7b1724cd-bf47-46fe-ae14-00cf8a4149b021df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 4,23.204.146.37
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=0
x-length: 2570
content-length: 2570
akamai-mon-iucid-del: 971653
last-modified: Thu, 17 Jun 2021 23:34:13 GMT
server: nginx
x-tt-logid: 202106172334130101890901001CA0D2A3
x-response-date: Thu, 17 Jun 2021 23:34:13 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-06-17T23:34:13.447655358Z 213
cache-control: max-age=4979936
x-tt-trace-host: 017c82f38ea188ebfb823efdfd23de17164568127de92bf23850f767908f7051e5a6a4c453440d3a443f659ea367cce8b4b3aeb22df36dbadbe46f2aad0624f3f9cc0988d60ab716d4d224527ab4127ad715ca5623dc4cdc4f3c28888ccb84400bbc4e1ea4025883c78cb9ff13a6b27821
timing-allow-origin: *

GET
H2 200 8f0570d49123449ebdcdee98dbc36fca_1646533640
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 115 KB
116 KB 262ms
25ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/8f0570d49123449ebdcdee98dbc36fca_1646533640?x-expires=1650546000&x-signature=nTZssoMEYR%2BiRguzmsZw%2F%2BcYrJA%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 717967a266c469b39efe535451827dbd938b534d227d02e7b68275a04c1af615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-9d8bfe3e106234978549a0c62e2e049c-9d8bfe3e10623497-01
nw-session-id: 2022031815011201011300603706FA72AD9589q41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 6,72.246.244.30
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=13
x-length: 117614
content-length: 117614
last-modified: Fri, 18 Mar 2022 15:01:12 GMT
server: nginx
x-tt-logid: 2022031815011201011300603706FA72AD
x-response-date: Fri, 18 Mar 2022 15:01:12 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-18T15:01:12.92882754Z 11
cache-control: max-age=28622641
x-tt-trace-host: 01ec100b5a0cf85a36774cfdcf632e3163d6d1be8d31124cd42752d1232647d619436e463a3627ccd98a87363633dd1ef010cf74c0f6e497d0fa66d7fd48dd58fa7f7dd5366aef067ffc6df93ab80ebc7117ac77d253f9f27e9adcef30dcd75ce15f15ade7ee7527a960a962d7ec7a38a7cfed2c55ff7d89a94630bce5ed15e411
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 1658757660906502~c5_100x100.webp
p16-sign-va.tiktokcdn.com/musically-maliva-obj/ 3 KB
4 KB 41ms
13ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/musically-maliva-obj/1658757660906502~c5_100x100.webp?x-expires=1650607200&x-signature=06mwsLdkob6G0BP2FsjN95h12xU%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: e281cba07478ad58bf4da8ec234e145182115fee61fbb00ca73d7f331300c578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 2a0d215.409aa1c
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(828,828)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-b9a0277d105fccb2fbb357c6056c04d1-b9a0277d105fccb2-01
nw-session-id: 202109060541260101890792133E726B79lbt4g21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1,23.55.60.15, 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=92
x-length: 2596
content-length: 2596
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Mon, 06 Sep 2021 05:41:26 GMT
x-cache-remote: TCP_HIT from a92-123-225-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202109060541260101890792133E726B79
x-response-date: Mon, 06 Sep 2021 05:41:26 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-09-06T05:41:26.585709514Z 89
cache-control: max-age=11913648
x-tt-trace-host: 014a606f05cf54ddba5b3a3c4a4158947ec6305ba1a50927d4192a4f084515c7638270e44f4ae777a4073fda5da7b7c536d00b3e6fb8d308ea158d60ad013ac113f04d9c6c97c1dc0e5169f8d4402426ad7f37c679cccb45f1ce696e06b093e71f6ec12e0699906c7cfb457eec30a8331c
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 397f1ed2d36d4bcd8d63275a8eee5dee_1646265413
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 84 KB
85 KB 278ms
57ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/397f1ed2d36d4bcd8d63275a8eee5dee_1646265413?x-expires=1650542400&x-signature=DXg3x%2BECLF7ixSKId%2Bna9TsisoA%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 8031da787866f63e00c988e62a74e7037ef9e2928f4a38f7a725a7417a3af1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4d4ec23e1061c7cfdf64080606e904d1-4d4ec23e1061c7cf-01
nw-session-id: 2022030301044101011300603718200348rr7hm41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=22
x-length: 86122
content-length: 86122
last-modified: Thu, 03 Mar 2022 01:04:41 GMT
server: nginx
x-tt-logid: 2022030301044101011300603718200348
x-response-date: Thu, 03 Mar 2022 01:04:41 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-03T01:04:41.809448457Z 20
cache-control: max-age=27276668
x-tt-trace-host: 01abb72c8acc32f58bfff932232746fa028837da07d84c849c8b3ff85ec87267cb41850b5f99d966b0c004df3e750ca699c5f1cb5ffd8dab576cf9323e31e9ba5412dc251abd4895bf6758cec98d842b44b0ca4454040299a4b4a7f58f8682f69cc98c3e77c619f9c3415b0f4c26cc9829a9170370fc5e68cbe20c4b255229fb20
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 9f3d1152ba5a4719d3a596a50ced1706~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 20ms
15ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/9f3d1152ba5a4719d3a596a50ced1706~c5_100x100.webp?x-expires=1650607200&x-signature=0VimcQs%2B65jDkVhW386vu%2Ffpoz8%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: b2a27a3c76b14ce90df2a3f227b162847ee09630e7f23e5e800476945f94d2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 73a03e.409aa1f
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1170,1170)
x-check-cacheable: YES
x-tt-trace-id: 00-9c35c4b11061a4dbaff4534606fa04d1-9c35c4b11061a4db-01
nw-session-id: 2022031314332201019205116224ED634529m2w21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=1
x-length: 2528
content-length: 2528
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Sun, 13 Mar 2022 14:33:22 GMT
x-cache-remote: TCP_HIT from a92-123-225-31.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 2022031314332201019205116224ED6345
x-response-date: Sun, 13 Mar 2022 14:33:22 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-13T14:33:22.857637307Z 94
cache-control: max-age=28189158
x-origin-response-time: 19,23.55.62.31
x-tt-trace-host: 01b55056735530183da8454f2329faacc21b31bab293fb7175d76dc8918ebfa1a2d7f71d3ed0d32cb4544fb6549dc6237b26879c74905a5a2ed1d14ed0e060c958e2d3b7e88b9d7ec9d8b3004dc411ad3804bb4b91bf58f9b95d14dd9d5ddf9154384a8620a717f3ffdd0d00f2e841a60b
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 c1a0ba78a0ef47bfac2dd09cc292a80f_1643649997
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 52 KB
53 KB 299ms
90ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/c1a0ba78a0ef47bfac2dd09cc292a80f_1643649997?x-expires=1650542400&x-signature=1FpjJnITsKDYovq3eagoOLuvESc%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: b1a88cf28a8dd7555871de0d041757c3c37ede702499bd08134a2b1e9db5bf39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-b1cb20111061959a5e7e95c6060b04d1-b1cb20111061959a-01
nw-session-id: 2022013120194601011300617712DF3833r8b9d41ff
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 5,92.123.225.69
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=0, inner; dur=19
x-length: 53682
content-length: 53682
server: nginx
last-modified: Mon, 31 Jan 2022 20:19:46 GMT
x-cache-remote: TCP_HIT from a2-16-111-21.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 2022013120194601011300617712DF3833
x-response-date: Mon, 31 Jan 2022 20:19:46 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-01-31T20:19:46.885885192Z 17
cache-control: max-age=24667387
x-tt-trace-host: 01d3e8af8c5927757bade823a2f5eaf3af633a67eff0a5c2a8e72ca4303c99a7340e672a03b58c0b033395e1260096f333acdef14c81b4dd0258d038da27dff2c69f839cb933982d4a2f5a9e90ddba79e1f872e0572469d8e00cb8ed0a4fcf1b2b6ad445c22e38cd2ae51c714d28ee9c83
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 1662583439932422~c5_100x100.webp
p16-sign-va.tiktokcdn.com/musically-maliva-obj/ 2 KB
3 KB 15ms
14ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/musically-maliva-obj/1662583439932422~c5_100x100.webp?x-expires=1650610800&x-signature=Fa5YuLQmhmMy04nR4JZq6Nfqfsw%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 808028672096e67542bad2ae600ee71303aa083ee27c1fee2cde8d1da5d36349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 1c4a351.409aa21
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(843,843)
x-check-cacheable: YES
x-tt-trace-id: 00-2f6cf2d010604472fde08406057304d1-2f6cf2d010604472-01
nw-session-id: 20220224030206010189073165036F095Ablzbx21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 4,23.55.60.28, 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=1
x-length: 1770
content-length: 1770
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Thu, 24 Feb 2022 03:02:06 GMT
x-cache-remote: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 20220224030206010189073165036F095A
x-response-date: Thu, 24 Feb 2022 03:02:06 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-02-24T03:02:06.727220393Z 58
cache-control: max-age=26678792
x-tt-trace-host: 0150df83f49e6fbe23b9b87eb5f6141fded991aee9dfe8e26103e3ce29530008eb7f84229caf86f05425dbb4611cc20fda58e78b3e7016757d74fc2de91e2da15ea8c673b888265ba683a61895c58056516b67f5119d4d6ae0b4eab06a7092ae15fa3c1050b9e3e5e4c404e7697cdfe72174ea1dad05c1a4eee645d2fc7070dac3
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 dafd574cfcb64949adcfc285920a3b7e_1646739549
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ 88 KB
89 KB 16ms
16ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/dafd574cfcb64949adcfc285920a3b7e_1646739549?x-expires=1650546000&x-signature=vhoxyZyZs2baiqAeFIfR10d1P%2FI%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 20648114012e60c5485bdbf3de3c726879d4aa736050caca19c6f521f98a1690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 3a59855.409aa22
date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202204062212020101920511622304988Fgk6rc21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=1
x-length: 90142
content-length: 90142
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Wed, 06 Apr 2022 22:12:02 GMT
x-cache-remote: TCP_HIT from a92-123-225-20.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 202204062212020101920511622304988F
x-response-date: Wed, 06 Apr 2022 22:12:02 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-04-06T22:12:02.793456081Z 103
cache-control: max-age=30290336
x-tt-trace-host: 0108c098a302878325471afc36d5e671e2c2b256dc7f15470e539947a16cae68abadf6b2bb05de9575e6202fe5cf0edb943478551d1d53418ccc3486c9e6dbf1b7e325c905eeab8a801347482af1540e4042d5b811c3d73324eaf3d9ae004f4776dabfcc79dc4ec364a2e5d81e19f06d88055cd6f89644d9611cd1494fe0009d7c
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 2c41856a07c6c02b07df85119ed13de9~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 35ms
35ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/2c41856a07c6c02b07df85119ed13de9~c5_100x100.webp?x-expires=1650610800&x-signature=poeR1AMr6SvEM6xkCBz6wJSiVF8%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 25e4e4310001261664fc9a8456e23ecb4deba24068e2134547ee76e32932596d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 3a5984a.409aa25
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1242,1242)
x-check-cacheable: YES
x-tt-trace-id: 00-283ec9cb10613493a798d746022b049c-283ec9cb10613493-01
nw-session-id: 202202221129140101902192151640383B8z6ng21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 6,184.25.50.197, 2,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=1
x-length: 1870
content-length: 1870
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Tue, 22 Feb 2022 11:29:14 GMT
x-cache-remote: TCP_HIT from a92-123-225-20.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 202202221129140101902192151640383B
x-response-date: Tue, 22 Feb 2022 11:29:14 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-02-22T11:29:14.308340871Z 84
cache-control: max-age=26536690
x-tt-trace-host: 010cf461029b45844ba55ae717ababd6184907bb33bb750039e62f4ea636cd2c79e7f5d358953ecfa77c2eb6443529ec7af43dd4694577a0fbb2fa968fd572f338df1f67c00783c0f325e5bf6341f0630d3268845311f1c6ee4c95117fbaa162a43a6607fe18cf4c62cccdca27312ce7e4
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 a12694d331d049bc9fa809beea8410a1_1647201425
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 36 KB
37 KB 288ms
90ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/a12694d331d049bc9fa809beea8410a1_1647201425?x-expires=1650546000&x-signature=FC%2Fv1Wr6Jgz9HTq7C3K3HAMlTKs%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 2baa546d9807f242426bcceb7cafa6418fe980fa7fc8b0643cbbb2deaca9da5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-1d027d5a1060d4e8a3e1d3c6059904d1-1d027d5a1060d4e8-01
nw-session-id: 20220412090223010113006089123C3C87wr6vd41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=41
x-length: 37256
content-length: 37256
last-modified: Tue, 12 Apr 2022 09:02:24 GMT
server: nginx
x-tt-logid: 20220412090223010113006089123C3C87
x-response-date: Tue, 12 Apr 2022 09:02:24 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-12T09:02:24.031289009Z 39
cache-control: max-age=30761409
x-tt-trace-host: 01b64f197c85d762a21662e2586d0067afa4fb86f4e293a57b90501e450849550ca429acb34a77e860775beab5a0f7a95a05183546fc89055dadc399c64eb95caaf07ebd22b482a1fb3931f698ac265f080039233763686ccfc3525f7c4ce19ad40827435ad277d3f8e79f09ca5270dadb7bca2b0f1f07630e487c589642c9bbe6
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 8317e26a91e497104a8fd02fecf44306.webp
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ 5 KB
6 KB 28ms
27ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/8317e26a91e497104a8fd02fecf44306.webp?x-expires=1650610800&x-signature=JReZZZvQWWwxRiMOMxZOTWwxVt0%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 0db2cd768a9f0ff007862eb2bd3c4b256b4f2c5077e151974beee51094c5fc62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa29
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1167,1167)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-2fec1737105b2e8b27bd4446063b04d1-2fec1737105b2e8b-01
nw-session-id: 20220225080755010245247202253382A1tvzcl12df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1,23.48.148.185
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=80
x-length: 5254
content-length: 5254
akamai-mon-iucid-del: 971652
last-modified: Fri, 25 Feb 2022 08:07:55 GMT
server: nginx
x-tt-logid: 20220225080755010245247202253382A1
x-response-date: Fri, 25 Feb 2022 08:07:55 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-02-25T08:07:55.850265319Z 74
cache-control: max-age=26783564
x-tt-trace-host: 0176d66843f7211fb897f68901b413a290e474d757c56a1632125c48a1d52ac87a41f7345424d9a0dbeee229798eeed2bd9cf0949eaad912e008cad7375b4a4c9e0a2e5de146a73b91b970f62abb5540dc4b5c1b60fb4bed59938847ff3510221789e876aa58a60b359d54cdc582507a46aec16a7c334a6a088c1f4a82c5a53364
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 5caeb6c15d3e4d648aa5076a9917b939_1644444288
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ 116 KB
118 KB 27ms
23ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/5caeb6c15d3e4d648aa5076a9917b939_1644444288?x-expires=1650546000&x-signature=usMHMkPurdyxWfYvJ3n8xEXyOWY%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 255f2a6d9c26d802f51efddbf9d532016185f27ffbedd35091eeda89350545a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 7216439.409aa30
date: Thu, 21 Apr 2022 08:14:11 GMT
x-check-cacheable: YES
x-tt-trace-id: 00-e09f132b105c47d910998646065c04d1-e09f132b105c47d9-01
nw-session-id: 20220209223348010245247202000B1C5Ct2hjw12df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 4,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=100
x-length: 119176
content-length: 119176
server: nginx
akamai-mon-iucid-del: 971652
last-modified: Wed, 09 Feb 2022 22:33:48 GMT
x-cache-remote: TCP_HIT from a92-123-225-29.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 20220209223348010245247202000B1C5C
x-response-date: Wed, 09 Feb 2022 22:33:48 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-02-09T22:33:48.724184589Z 94
cache-control: max-age=25453045
x-tt-trace-host: 01e33c5a09884ef6fc4e80c3af202be38954fe095e85b562ec9c7429c84ee20982b370b039e02b4beb8f9d78863d3747484ca642020bcacf19aa9f6092db8d493642ed66052a79887410ce921afa2006d9c90a1002940abdbdd2c654c88e519282647263ccb0b457a21745278ba5f768a3b4e9ae36ee4b4ce3e9881a71d647643a
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 6af502fc7955373c71857bfd0f17e1c6~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 23ms
19ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/6af502fc7955373c71857bfd0f17e1c6~c5_100x100.webp?x-expires=1650610800&x-signature=wHcjvypYlzEn%2BQvTWOmO1DMRiRs%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 55950e140a226a36593dadc478f93d2b069335e2651cfde3a3c855fe9f99b8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa32
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(499,499)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-db7986bc10621b54b9a70706062504d1-db7986bc10621b54-01
nw-session-id: 2022033015372801019017516605315C0F4cdm421df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,72.246.244.70, 1,184.25.50.167
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=380
x-length: 1650
content-length: 1650
akamai-mon-iucid-del: 971653
last-modified: Wed, 30 Mar 2022 15:37:29 GMT
server: nginx
x-tt-logid: 2022033015372801019017516605315C0F
x-response-date: Wed, 30 Mar 2022 15:37:29 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-30T15:37:29.136406258Z 49
cache-control: max-age=29661783
x-tt-trace-host: 011f826e1febd1d4e9fdc4e0d76303883debcc78c9ac6a12143bbe0b4a9b6351c6491fc4ec4ee1821b9db45fcdad49e1612796091981028d29c0e2202624cfb65f51a0c3e99ba7d4a9dc365f296a45143d9e6ae759bc6719fb6fe99d88b58a378289f4c76aed4e7c59ceec0a74f43d242e492de11e40541ba90081b8d1fc4ac253
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 1c1651577e954f4cacb0398236b65c45_1649508951
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 72 KB
73 KB 282ms
90ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/1c1651577e954f4cacb0398236b65c45_1649508951?x-expires=1650546000&x-signature=aq7XmwtE%2FDiMXg1uC99jwdzsyVs%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 01cbcb681c868792c94ad54fa998ba2bc570091acc29ce7fdd14d6f35a1fb221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-0f035d1e10623fa2024951c62bc804d1-0f035d1e10623fa2-01
nw-session-id: 2022040915484801011300603707B83D54dp76c41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=13
x-length: 73780
content-length: 73780
last-modified: Sat, 09 Apr 2022 15:48:48 GMT
server: nginx
x-tt-logid: 2022040915484801011300603707B83D54
x-response-date: Sat, 09 Apr 2022 15:48:48 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-09T15:48:48.216459984Z 11
cache-control: max-age=30526566
x-tt-trace-host: 01828ba53c47b8c229d8ee284267ba8b50089c643e23a90c3e246306b5d9656fb98991baf2a0c932855bcc8dff2e8651d086f7bd7e84c92fb2dcd735f6878c62cb14d6ba8445395c633088af30f37dafd27d3fc18a265c529bcaef2c92f2a45d319477cd542090556c27316c5ccb590cd23da389e20e67825cae695725bf0ba89b
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 addb76913908ca43c880919c8cab0d45~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 26ms
23ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/addb76913908ca43c880919c8cab0d45~c5_100x100.webp?x-expires=1650610800&x-signature=Xik2ZgIJNSjtLBRY3zEI0m6qab8%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: aaf694e77d570418314be38e56934b6477b0182a8edd2b1a4bbdadbb13dc93f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa33
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(462,462)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4cb8450a1060217b6350d886062404d1-4cb8450a1060217b-01
nw-session-id: 2021061208352001018908114620961619-8694cf27-d4dd-47a8-bb3f-2226ada25fa121df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=0
x-length: 2236
content-length: 2236
akamai-mon-iucid-del: 971653
last-modified: Sat, 12 Jun 2021 08:35:20 GMT
server: nginx
x-tt-logid: 2021061208352001018908114620961619
x-response-date: Sat, 12 Jun 2021 08:35:20 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-06-12T08:35:20.218877114Z 53
cache-control: max-age=4493901
x-tt-trace-host: 01232f9120d809cd359754da8b5ba4b8dbb106e18e7d6fb0b213a33ff3451405aed92d9a0e9381e6250cfa4a93f71091284403a31518785ff3cee4d6efacc6cc2f2d8b8396d84e95629061911896823c20adc9e5bb08cec1c3d778e1bd62a0f323f6a5efbdf4752890dde683dc353e3eb0
timing-allow-origin: *

GET
H2 200 53413895f1eb447ab93cd9939519dd3f_1648337534
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 148 KB
148 KB 133ms
30ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/53413895f1eb447ab93cd9939519dd3f_1648337534?x-expires=1650546000&x-signature=6DfjHNHHFh8pGmMjyW9FawogJ%2Fk%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 865c59892f29410b33341e301173c8161d746cf1314e6da6a89586fe62be87cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-f9a71482106148963ad25786050104d1-f9a7148210614896-01
age: 1367898
nw-session-id: 202204051215520101131351530DA52A8Frclmk41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=21, cdn-cache;desc=hit, edge;dur=1
x-length: 151300
content-length: 151300
x-served-by: cache-iad-kiad7000132-IAD, cache-muc13931-MUC
last-modified: Tue, 05 Apr 2022 12:15:52 GMT
server: nginx
x-tt-logid: 202204051215520101131351530DA52A8F
x-response-date: Tue, 05 Apr 2022 12:15:52 GMT
x-timer: S1650528852.548826,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-05T12:15:52.905768887Z 17
cache-control: max-age=31536000
x-tt-trace-host: 0184541e4a6cba11e02cf48b2fb5a6ceb97fd497efc71a94a761a8f1025a6fe4ec0d86437bb3f3589e7175766fa30076d1b6e543386879a1e34d57a6ecf728979ca3090964c94727256c43c0c3865d6cc4961abeb64069542007716da3516cea18ecfea4c19c2e910a13122d003cfbe467
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 be1943240d87e2a4e04bd087c3a0788b~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 48ms
46ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/be1943240d87e2a4e04bd087c3a0788b~c5_100x100.webp?x-expires=1650610800&x-signature=SXRXfNvSmqpxNQzVS1afJQdJIvg%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: f739a3f437c80ac1e7356a10c602ceeac0813a9b9c97889723a7a8aca1122769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 2a0d500.409aa36
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1092,1092)
x-check-cacheable: YES
nw-session-id: 202204162021480102230160871F5922B4s6m9q21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=87
x-length: 1788
content-length: 1788
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Sat, 16 Apr 2022 20:21:48 GMT
x-cache-remote: TCP_HIT from a92-123-225-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202204162021480102230160871F5922B4
x-response-date: Sat, 16 Apr 2022 20:21:48 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-16T20:21:48.706449409Z 84
cache-control: max-age=31147597
x-tt-trace-host: 01117d192b59991142afd29385b1a3fc241d0d2d317198ee9d86c549c71a79fdfdca913f3b835a7d8f4c6ba65512f08648122418c023d4829bd3e49c14fc34028dbc540a584e6baac8c09120ee340783765f177649f17bc0fdf20805a5f7a146abce143c3f340faf80c44f8f046c55757798a6d345466f4f47cba06d7b31649c97
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 98c9a3451ffa47ed9f396c381a3990f5_1649649324
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 78 KB
79 KB 277ms
88ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/98c9a3451ffa47ed9f396c381a3990f5_1649649324?x-expires=1650546000&x-signature=yJ1usJynEg2pRX0%2FP8GRv6rhxT4%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: ac180f877e9da47e2db33eaa6bb3dbfc564cb976d13351fb2660c10a1c862cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-1d3561b7106250f8e22296462a5d04d1-1d3561b7106250f8-01
nw-session-id: 20220412095759010113006089085FEB1Eppklh41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=14
x-length: 79690
content-length: 79690
last-modified: Tue, 12 Apr 2022 09:57:59 GMT
server: nginx
x-tt-logid: 20220412095759010113006089085FEB1E
x-response-date: Tue, 12 Apr 2022 09:57:59 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-12T09:57:59.814330185Z 11
cache-control: max-age=30764515
x-tt-trace-host: 0149830ac9c78d8c917942bb5349900c49f40a22e56773d28b641d5a4008f6a0abd44466da7515d4ebd37468470fddc94e28314e0377f543780dbef20b9c923865ca552e9c479a85394c0b1186edc65fadc0031cd4aedf54a53a3381116246a5e404f3f8096751112fdc15cc42ea319778
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 68119d01cc35d94a270616e81480848a~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
2 KB 47ms
46ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/68119d01cc35d94a270616e81480848a~c5_100x100.webp?x-expires=1650607200&x-signature=eJYRcGZ2Dw4QP%2Fg40eRYjDYCN18%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 58487c97b1707cc655b5bc28631c6ea5173122a4f8c12475bd2f4d49346b6a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa38
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1037,1037)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4951288c10605f40fbc4ce86050504d1-4951288c10605f40-01
nw-session-id: 2022030206262001019017516603E50835h8mwx21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=3
x-length: 1654
content-length: 1654
akamai-mon-iucid-del: 971653
last-modified: Wed, 02 Mar 2022 06:26:20 GMT
server: nginx
x-tt-logid: 2022030206262001019017516603E50835
x-response-date: Wed, 02 Mar 2022 06:26:20 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-02T06:26:20.466970613Z 137
cache-control: max-age=27209645
x-tt-trace-host: 019a6a9cd831778a3e967f1e7c7069b3c38c1cc3462ab302bf72ff822f3288cdc71117fe051b20acd25c8e5803f745c25692042eb0454b2f6427941a9b4e0267ec9bb4e7cd4492880065e63a9a7653a854393d7e6aa1fc075fe34cb76837bb9fb059ea5e9306fc958f14f0560500f31fd03f682d735ba63a5599d4de2670cad6dc
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 6dcff5c5c14d41e18e82c7edb5a7b13c_1647723079
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 23 KB
23 KB 89ms
89ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/6dcff5c5c14d41e18e82c7edb5a7b13c_1647723079?x-expires=1650542400&x-signature=y2JKwoVqlWQeUtBPTkLvUb3PE%2FY%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 3b105f944e4820d92a77544f4ad3951b18dc263ac954054d4f22111a433d7633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-ae67e6d0105f14a485554b06068104d1-ae67e6d0105f14a4-01
nw-session-id: 2022032121330901011313500904EB0A8C5wl9t41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=12
x-length: 23068
content-length: 23068
last-modified: Mon, 21 Mar 2022 21:33:09 GMT
server: nginx
x-tt-logid: 2022032121330901011313500904EB0A8C
x-response-date: Mon, 21 Mar 2022 21:33:09 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-21T21:33:09.06180473Z 9
cache-control: max-age=28905556
x-origin-response-time: 32,23.55.62.31
x-tt-trace-host: 014fae0eeb016583818fffbeab3b38a59404cb7378b909ba2f1805bb3b8c3022665d502f954a0070701f3a15907466cd0c3b02f77cc5a93c11e09479f92b4d43c7fd3ed3ef32d30284334828f6991286ea41998af61c894d4ac4daee2ee8fa0d0743f0d02ec7b18190a4cceed41827e29e
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 addb76913908ca43c880919c8cab0d45~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 24ms
24ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/addb76913908ca43c880919c8cab0d45~c5_100x100.webp?x-expires=1650607200&x-signature=rplM0gBZ6C4DfKnlzP8QFImkyko%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: aaf694e77d570418314be38e56934b6477b0182a8edd2b1a4bbdadbb13dc93f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa39
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(462,462)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4cb8450a1060217b6350d886062404d1-4cb8450a1060217b-01
nw-session-id: 2021061208352001018908114620961619-8694cf27-d4dd-47a8-bb3f-2226ada25fa121df
x-powered-by: ImageX
x-cache: TCP_MEM_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=0
x-length: 2236
content-length: 2236
akamai-mon-iucid-del: 971653
last-modified: Sat, 12 Jun 2021 08:35:20 GMT
server: nginx
x-tt-logid: 2021061208352001018908114620961619
x-response-date: Sat, 12 Jun 2021 08:35:20 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-06-12T08:35:20.218877114Z 53
cache-control: max-age=4493901
x-tt-trace-host: 01232f9120d809cd359754da8b5ba4b8dbb106e18e7d6fb0b213a33ff3451405aed92d9a0e9381e6250cfa4a93f71091284403a31518785ff3cee4d6efacc6cc2f2d8b8396d84e95629061911896823c20adc9e5bb08cec1c3d778e1bd62a0f323f6a5efbdf4752890dde683dc353e3eb0
timing-allow-origin: *

GET
H2 200 69d72eb8596b488da03171b10de9a933_1650152343
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 65 KB
66 KB 126ms
26ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/69d72eb8596b488da03171b10de9a933_1650152343?x-expires=1650542400&x-signature=Ry%2BCgxGIWP0Tvct9Q9%2B7aqTeEoM%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 81c182a2d3b4cad4c0b7dad53926531ed607d1f69ea924f6b17d7171194e550c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-34cc7fb11062293c178ed2862e6704d1-34cc7fb11062293c-01
age: 375593
nw-session-id: 2022041623541801011313515303106F032sjh841ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=6, cdn-cache;desc=hit, edge;dur=1
x-length: 66896
content-length: 66896
x-served-by: cache-iad-kiad7000069-IAD, cache-muc13931-MUC
last-modified: Sat, 16 Apr 2022 23:54:18 GMT
server: nginx
x-tt-logid: 2022041623541801011313515303106F03
x-response-date: Sat, 16 Apr 2022 23:54:18 GMT
x-timer: S1650528852.548914,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-16T23:54:18.122575445Z 4
cache-control: max-age=31536000
x-tt-trace-host: 01cd1ccd3ed86a15e9c82f23d82d8800531a8e3240e98c4d81e3355dfa6cff1272b750ad4db3d57845ffdd19fd4a593486ce3fafd842fd0e65276e8f6661a4ac073ee8d8a99531b0d1d68c36cae5e7302c7e8f709958938cb5ca5fc8be516390fd
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 8305a7fc5b618b7a99c819937704e994~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
2 KB 36ms
35ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/8305a7fc5b618b7a99c819937704e994~c5_100x100.webp?x-expires=1650607200&x-signature=sv15M4hhgZ%2B17rc3etZxeasCxCo%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: ecf256e109a9060b938aae7fed41980c2816c92874644ae05b63f4852e13edd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa40
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1192,1192)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
nw-session-id: 202106201347340101901860425683DDBC-5d7066e6-988d-48c0-a605-1d13ebe0e90b21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=88
x-length: 1636
content-length: 1636
akamai-mon-iucid-del: 971653
last-modified: Sun, 20 Jun 2021 13:47:34 GMT
server: nginx
x-tt-logid: 202106201347340101901860425683DDBC
x-response-date: Sun, 20 Jun 2021 13:47:34 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-06-20T13:47:34.324170378Z 84
cache-control: max-age=5204016
x-tt-trace-host: 01c6599ca6727c4f5b5132b944a23434f6aa5cd354a7b5a1092d79a86ff37e8386e0727ec4beef9b00aa58e544bb18d7434119419ea9862982d174919bdf82a463a19779b19c838f4cba348eb7e6f4da742335d5ba0cad6e10be145e621c7c5af73f2bbf44e816b3c6beddcab57466da716714092665d05e423fd2231548a88e63
timing-allow-origin: *

GET
H2 200 5e76902633eb42cb8bc279789193753f_1650332167
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 156 KB
157 KB 194ms
105ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/5e76902633eb42cb8bc279789193753f_1650332167?x-expires=1650542400&x-signature=6jA9YnGPWOEedrRHUmygUyW3ITM%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: f4080d791288cfbba49ab903bc464581dbd755242ac6f2fd62c500886a31c8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-3f81ede210602491f1238046051b04d1-3f81ede210602491-01
age: 195931
nw-session-id: 202204190148410101130062360329B2C1xft6r41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=12, cdn-cache;desc=hit, edge;dur=1
x-length: 160044
content-length: 160044
x-served-by: cache-iad-kiad7000082-IAD, cache-muc13931-MUC
last-modified: Tue, 19 Apr 2022 01:48:41 GMT
server: nginx
x-tt-logid: 202204190148410101130062360329B2C1
x-response-date: Tue, 19 Apr 2022 01:48:41 GMT
x-timer: S1650528852.549102,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-19T01:48:41.195556897Z 8
cache-control: max-age=31536000
x-tt-trace-host: 01dc25409e992ad0da09728d4e9ba09df54a83e470e879a87337885192cbc5a3ebc9945abdd9f5be1cd5a95ac79fe9d5f63158f273112e7c4e64258b348fc70481c74eb9655002658b51cdfeac8aaf78a892dbfaf55abaa20a07eb28843465cdedfd9f07341e64f368500f3a6873438ed7
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 ea840a16d942a145ba614bc208c45860~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 30ms
29ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ea840a16d942a145ba614bc208c45860~c5_100x100.webp?x-expires=1650607200&x-signature=ZH9QW0ZSp3MkWtaVhAgzT6XxRvQ%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 624c99d8692af4af3b2301159f78af9b1521a9eec26d19094583208a3a397395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 2703653.409aa46
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1173,1173)
x-check-cacheable: YES
nw-session-id: 202204200049240101901921431E3A4CA5p67zp21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1,23.55.62.53, 3,184.25.50.198, 2,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=106
x-length: 2064
content-length: 2064
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Wed, 20 Apr 2022 00:49:24 GMT
x-cache-remote: TCP_HIT from a92-123-225-5.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 202204200049240101901921431E3A4CA5
x-response-date: Wed, 20 Apr 2022 00:49:24 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-20T00:49:24.345172328Z 95
cache-control: max-age=31422838
x-tt-trace-host: 01448487093214880c0ce8244edf08926410761ff4f94199699c55c03158694dab2c3a547c0f0d6758e8983371de71d0868fb6b71b44f47cfd07019417d8240f09d61e29dfeb4d1ed26d44cb90c19aadb54a78ed2791d437b27b8780b089cf8fa11191157a993c51c522e75e964d9885d38b0788ca41b488fbf1c4292a4c91a41e
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 4a9e1a01cad141fc942e7a60c1530b73_1649287656
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 115 KB
115 KB 186ms
105ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/4a9e1a01cad141fc942e7a60c1530b73_1649287656?x-expires=1650542400&x-signature=3z6GHJOGYBi4aS0JLyBKXKCG8bI%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: f32ac25937c37494d99745980df45eed7404074a447692b46ee781a4e146e7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-44bd95f710617f6a85658206067004d1-44bd95f710617f6a-01
age: 108133
nw-session-id: 2022042002115801011300603706E0C51Dgkcng41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=35, cdn-cache;desc=hit, edge;dur=1
x-length: 117276
content-length: 117276
x-served-by: cache-iad-kiad7000143-IAD, cache-muc13931-MUC
last-modified: Wed, 20 Apr 2022 02:11:58 GMT
server: nginx
x-tt-logid: 2022042002115801011300603706E0C51D
x-response-date: Wed, 20 Apr 2022 02:11:58 GMT
x-timer: S1650528852.549093,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-20T02:11:58.39585556Z 32
cache-control: max-age=31536000
x-tt-trace-host: 01f8115d9bd66dfd50b35232d3d868ee9b734e24645fcfd0d492f85f801b8ce9eb3ea772f65e041db028c158994b486de1b4b6c05f95b8fbc042fc983dc6b86585f05ad97e39ca8bdb331d0517b3c7866eb0dea1e4d5a2d849da3100dcb23627b3e9a7a5edd00f631964e6c4e3254fe623
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 8bf0bcbb36a9e828f9352de51622657f~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 1 KB
2 KB 22ms
20ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/8bf0bcbb36a9e828f9352de51622657f~c5_100x100.webp?x-expires=1650610800&x-signature=tZ9YnyR%2BZuUzvNdOtgCUQwfPDXM%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: b5f1de640fe1bab7721e4e75f46c2e272b284589d8fc6b45f4c494acb01e496d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa58
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(910,910)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-3648f5f010623f853ed50186067704d1-3648f5f010623f85-01
nw-session-id: 202204170649520102231061630011D0CDkbbqs21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,184.51.7.22, 3,184.25.50.126
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=121
x-length: 1436
content-length: 1436
akamai-mon-iucid-del: 971653
last-modified: Sun, 17 Apr 2022 06:49:52 GMT
server: nginx
x-tt-logid: 202204170649520102231061630011D0CD
x-response-date: Sun, 17 Apr 2022 06:49:52 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-04-17T06:49:52.661649126Z 116
cache-control: max-age=31185290
x-tt-trace-host: 01e81433a83ad8268b75b7273019cd6962bb8fdf37bfc76328832aac2323e6ae5e4cbc278ab11fe31efe3ab57471ad68f9352093b58fc1c8f0f43ca9bed6abaf3691b2a5c97232704e77e160978e6a6bae3abe55022777035a2521cf8e984b982c5aeffe037ee32989c31e007833c384d7
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 a135f1402290476aadf9bbc3d169d556_1650167919
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 72 KB
74 KB 92ms
91ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/a135f1402290476aadf9bbc3d169d556_1650167919?x-expires=1650546000&x-signature=nwONfBLM%2BJwZHyjfLpedkG1LQUU%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: b20904ecc57f66332ddcab359ca6aa0950933638428b7db56dd243b6518e2502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-396f8d81106039fa1198c8c605f604d1-396f8d81106039fa-01
nw-session-id: 202204172130520101131351530A144CEBfzh2d41ff
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 5,72.246.244.61, 2,92.123.225.69
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=37
x-length: 74216
content-length: 74216
server: nginx
last-modified: Sun, 17 Apr 2022 21:30:52 GMT
x-cache-remote: TCP_HIT from a92-123-225-70.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202204172130520101131351530A144CEB
x-response-date: Sun, 17 Apr 2022 21:30:52 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-17T21:30:52.335075668Z 35
cache-control: max-age=31238267
x-tt-trace-host: 013a33220415774833cb4435a5db98547c8cce996c1b0c4539edfb9a535e8aa271c890d198e5d169cd237f3887106cfe1953cd7579f4257122ba8a242ddd3029b262fc112be34178f4a71573d9c35e282a98d2a5fb9bc9e4520a05d1b34f42399034fdc7e6fd43c8f7675b1bbb08187cb48b6a9fa741344ab2fab4436846cab8c1
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 1644305826710533~c5_100x100.webp
p16-sign-va.tiktokcdn.com/musically-maliva-obj/ 2 KB
3 KB 22ms
20ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/musically-maliva-obj/1644305826710533~c5_100x100.webp?x-expires=1650607200&x-signature=DOCOBZhUOkgik2eGm48VTd7Nj94%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 5a7f7f134313f705d491dc90ee2e8519ebe7d49497ec79a678f3565b801fbc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 3a59882.409aa5a
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1080,1080)
x-check-cacheable: YES
x-tt-trace-id: 00-f1481aa41060de4e114ad046067904d1-f1481aa41060de4e-01
nw-session-id: 2022040321150801019019115722D6F926g6k8c21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,23.55.60.31, 2,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=127
x-length: 2052
content-length: 2052
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Sun, 03 Apr 2022 21:15:08 GMT
x-cache-remote: TCP_HIT from a92-123-225-20.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 2022040321150801019019115722D6F926
x-response-date: Sun, 03 Apr 2022 21:15:08 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-03T21:15:08.615748641Z 122
cache-control: max-age=30027703
x-tt-trace-host: 01b6db5d1e8958c70e08b4ae81355a37b018ea9d2b1e8fa02a80e11ae69fa9bf7f4e8065744bdf71b1799c81ecdddff18bf896cee8392cbd3a75c82e7cb6c7f85df756d2343b741b66c751db6e92fffe11ea971f7907d3bf3b0b125763c5ffb61c2f07e1509d7df6c9596ce78cfd756995
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 14fd65b16a2e43a5a54f3123c76f0e3f_1649275393
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 155 KB
156 KB 157ms
105ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/14fd65b16a2e43a5a54f3123c76f0e3f_1649275393?x-expires=1650542400&x-signature=5koZraIEC%2FUu07MoMo2odeVvsgY%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 14730355004c060494b4d945dce2d7175bda15b1530f57c72e4c2059156a3356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-0763b6541062491de38c50c62b5804d1-0763b6541062491d-01
age: 1137436
nw-session-id: 202204080416550101131350771B1A13F7wf5fg41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=54, cdn-cache;desc=hit, edge;dur=1
x-length: 158500
content-length: 158500
x-served-by: cache-iad-kiad7000171-IAD, cache-muc13931-MUC
last-modified: Fri, 08 Apr 2022 04:16:55 GMT
server: nginx
x-tt-logid: 202204080416550101131350771B1A13F7
x-response-date: Fri, 08 Apr 2022 04:16:55 GMT
x-timer: S1650528852.549105,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-08T04:16:55.212102416Z 51
cache-control: max-age=31536000
x-tt-trace-host: 01b233652801b655bae4281c8da3f0033dd225c5ffbf502318a1a30f5f6ae2113a605d8cd8d132662f0637cf0ab25fce142142a18d51addc81a3c139b0b3deb7b728b8ee95aafbfb1212912541d4f4b5bb3f0d08a2f9440f4d0d018f39b2ebce72b5d89fd9610a8091a3b996520bf68b1c
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 af1cee933687127794a77bb4692b7504~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 740 B
2 KB 22ms
22ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/af1cee933687127794a77bb4692b7504~c5_100x100.webp?x-expires=1650610800&x-signature=f88ZpMwPX9gcJpJTcdnhqF8U9K4%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: c2d3f0478afec4c25433e4d724c1d4e250ebca7f91c5f5a7a1dbbdd8b9614bc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aa6e
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1125,1125)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-b7f076c91061d18b6f321846066604d1-b7f076c91061d18b-01
nw-session-id: 202203231801030101890731651DB50EBCtbqs421df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 8,23.55.62.55
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=158
x-length: 740
content-length: 740
akamai-mon-iucid-del: 971653
last-modified: Wed, 23 Mar 2022 18:01:03 GMT
server: nginx
x-tt-logid: 202203231801030101890731651DB50EBC
x-response-date: Wed, 23 Mar 2022 18:01:03 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-23T18:01:03.912274114Z 153
cache-control: max-age=29065765
x-tt-trace-host: 01f5ba2841676ebc77eaba38a068b763614eab7efdbb72cb6ce475db2a6fe0bcd5c390b791ef84c1bfed1836ecd1ab0ffe6840088b57cfc36574e21fd997cec4eccbfad322a7030715ac64305ebf5577503498962348aa34125d20e36d25fce0fe81252ebc7fa9058d29e0b70017db7fd8cc923b6a8c8d8e6bada06937aea67f27
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 167d419c601f4ce69d5378470f9258cb_1648129740
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 49 KB
50 KB 118ms
104ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/167d419c601f4ce69d5378470f9258cb_1648129740?x-expires=1650546000&x-signature=1nbK4hLdyDlf3fICJO31UUdNInY%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 3019e3fa5b0d3eafbd4cfcaf4dbe3d43218322c745ca98ce0614ce1fb9f93395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-bd1d121c1061f15c31659186066804d1-bd1d121c1061f15c-01
age: 2383614
nw-session-id: 202203241807160101131351530C7EC030mq5vj41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=10, cdn-cache;desc=hit, edge;dur=1
x-length: 50482
content-length: 50482
x-served-by: cache-iad-kcgs7200092-IAD, cache-muc13931-MUC
last-modified: Thu, 24 Mar 2022 18:07:17 GMT
server: nginx
x-tt-logid: 202203241807160101131351530C7EC030
x-response-date: Thu, 24 Mar 2022 18:07:17 GMT
x-timer: S1650528852.549091,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-24T18:07:17.005054237Z 7
cache-control: max-age=31536000
x-tt-trace-host: 018baaf0842b2674109635748703e178324f2f34fda73fd416441901bea1575b7b926c189770dfd6c8bdfbb66183d1dbc208b1bd102979db02a10681b1cd51849ed8bd828052fc32c231159639440beab15a817f4f7e3472c759ba59a2b43026867bed472e0a2edbfe390f0279e7b280d1
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 0d133d3d09ea976e97b0859ca746f02c.webp
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ 3 KB
4 KB 25ms
25ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/0d133d3d09ea976e97b0859ca746f02c.webp?x-expires=1650607200&x-signature=Yn6znhrJ%2BlfAHD2or8nBxbPQQeM%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 9afba5a9e99e3dfa4b25a23a641e394b387eb69fd09dcf4217f295156b229e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aac1
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1170,1170)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-9eb6d637105d62c347165186050904d1-9eb6d637105d62c3-01
nw-session-id: 20220318202736010245243038138AF1ACnlc6c12df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=70
x-length: 3570
content-length: 3570
akamai-mon-iucid-del: 971652
last-modified: Fri, 18 Mar 2022 20:27:36 GMT
server: nginx
x-tt-logid: 20220318202736010245243038138AF1AC
x-response-date: Fri, 18 Mar 2022 20:27:36 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-18T20:27:36.717472447Z 66
cache-control: max-age=28642550
x-tt-trace-host: 01dd1a627ccdf23cfd263518a01fe858e28adc505e9f1dec39e96f78b255125ea5b72d794a305a96f3599f1b7f18a1482d5be72033d3ed109e9e5258424d94d7304759f70eb745b561c232d23416e5087d5a136b96e340cf0cabc45e457476b4d7e9f765eeb65c39617a879d7cd0c67536268617d7ebab203e9c8b1eaa1879a719
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 bb477bdbd953444b8914ea950197ab11_1650395526
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ 134 KB
135 KB 35ms
34ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/bb477bdbd953444b8914ea950197ab11_1650395526?x-expires=1650542400&x-signature=Da%2FJqMplbvJ0Z7OYYOUwrbfJYZk%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: bd67a1294998f449f854a68e6fdf476cd02e856c72780fbc4160a85d82cc32d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 589ac57.409aad5
date: Thu, 21 Apr 2022 08:14:11 GMT
x-check-cacheable: YES
x-tt-trace-id: 00-4347c26b105c5dbe093f0b46055e04d1-4347c26b105c5dbe-01
nw-session-id: 202204191923380102452471950B54788Bxqnqf12df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 4,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=83
x-length: 137056
content-length: 137056
server: nginx
akamai-mon-iucid-del: 971652
last-modified: Tue, 19 Apr 2022 19:23:39 GMT
x-cache-remote: TCP_HIT from a92-123-225-6.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202204191923380102452471950B54788B
x-response-date: Tue, 19 Apr 2022 19:23:39 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-19T19:23:39.059652847Z 74
cache-control: max-age=31403408
x-tt-trace-host: 0195537c0ae15944575a1e93defe1e660b09897b82e954e1331a0fd54ae3d10618423c24ddbee0f663f8a4e473a1216fe91537bec0aa3b4ed1ca95c83ba42077bf6ebad1c2497a3be919d6b6dade9b4d97404dea675ff83bf738394f6444781dfcda5ab8492df5f5a7aa90f851e9bf1bb12ae7ed1bbc934c6fc2445b36b1eeb689
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 a557946443d00eafb66053a5f39d9a5f~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
2 KB 32ms
31ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/a557946443d00eafb66053a5f39d9a5f~c5_100x100.webp?x-expires=1650607200&x-signature=G9HwUZ9BYxXdUw3Ggtv51htEl2M%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: f23cef3afe26bac43a5fef149b88c491940441729d6f870748aedcce83dc370c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aad7
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,1)-(588,589)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-8c707f3610611ba0086fcc8606ea04d1-8c707f3610611ba0-01
nw-session-id: 202112052112020101890741600883142952f2t21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 1,184.25.50.126
server-timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=1
x-length: 1562
content-length: 1562
akamai-mon-iucid-del: 971653
last-modified: Sun, 05 Dec 2021 21:12:02 GMT
server: nginx
x-tt-logid: 2021120521120201018907416008831429
x-response-date: Sun, 05 Dec 2021 21:12:02 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-12-05T21:12:02.436160703Z 54
cache-control: max-age=19745884
x-tt-trace-host: 01079e174fe05551c8a5ae68be5deaa1c585c2f79d80fd3ff600d673f9c378d00e05261af1773a4cbea82349e8e14d2d6185b4982e8d37c3c1697ae937308b487b24c905cc9f59383603ddeed6a46295c3090ac21f9fe3022dec6a9f45febfd7bcc2dcb06e8a29c961f9b0f35496b8a17c9bdbf03a2f1b5b0b00b4cf9a0abb8851
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 a7b1fa6a6ff641f4921da10f44801793_1646404325
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 91 KB
92 KB 122ms
121ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/a7b1fa6a6ff641f4921da10f44801793_1646404325?x-expires=1650542400&x-signature=zAUzpwIjogozC9%2FpuNe7dx4UG28%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 64a56767d899b4ac74b405c5e7eb7410e7c3088c7b08d7fcb78cd70f88f5f591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-8a4d34691061653f51238f06056e04d1-8a4d34691061653f-01
nw-session-id: 202203142119500101130061770860ACE7srw4841ff
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,92.123.225.69
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=18
x-length: 92826
content-length: 92826
server: nginx
last-modified: Mon, 14 Mar 2022 21:19:50 GMT
x-cache-remote: TCP_HIT from a92-123-225-70.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202203142119500101130061770860ACE7
x-response-date: Mon, 14 Mar 2022 21:19:50 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-03-14T21:19:50.942496037Z 16
cache-control: max-age=28299981
x-tt-trace-host: 01a69261249760c8e1cc69ada0ce0d74a8d25e624e7d6471fba2f169e00a3cd1531013bacc6d3ed48900001937f25baa2b035d378cf95076acc39a274b6cc939e62ae852689ea62c0887a58cb027c2d5624d130116a7859eb4dfc1c8e6df8ba37b75331ccaf75182cbd10e86c84d51cbdd62df34e7f0f0e69a99742335dc35a3f9
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 701bccae16777e7c83e23427a3fbcee5~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 1 KB
2 KB 33ms
32ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/701bccae16777e7c83e23427a3fbcee5~c5_100x100.webp?x-expires=1650607200&x-signature=FGvZgsx2C7SKOx720zbJ3qLFsS8%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 7e92dff617d4400b144e361522c875dd82bcd08dfdd6e120b78b9e339ddcb8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aad9
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(480,480)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4951ad661061cfde3a1607c6067004d1-4951ad661061cfde-01
nw-session-id: 202203020629230102231061631CE43132j77vv21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 4,23.55.60.28
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=94
x-length: 1238
content-length: 1238
akamai-mon-iucid-del: 971653
last-modified: Wed, 02 Mar 2022 06:29:23 GMT
server: nginx
x-tt-logid: 202203020629230102231061631CE43132
x-response-date: Wed, 02 Mar 2022 06:29:23 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-02T06:29:23.779967232Z 89
cache-control: max-age=27209722
x-tt-trace-host: 017157417104a3cffa4af668739f49e976cda8b521f944e406fcd52fb35754ac4b3a32db19a86ff904a03234a9138767a16116c7ed3ec2f62b67ee46f40f852152a529bdb0774b78c129275ec0dfa1928950fb28764482c046204d3d0e4b373e37a94f9373408fde8190e01ba07c55bd26dbc3ceb11b629c84eea3cea265eb785e
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 a79e9afba88b41c988e2377eda47cece_1650264844
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 103 KB
104 KB 122ms
122ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/a79e9afba88b41c988e2377eda47cece_1650264844?x-expires=1650542400&x-signature=zv2geOL9aqUdR0LFAF44X4zguLE%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: e9dd25ef64b2023ff1572c14a8c92aa5198b4d8607cf4cebdbb8702f27f53184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-3f0536ae1061d0ee46580686054304d1-3f0536ae1061d0ee-01
nw-session-id: 2022041823322401011313517515019260k8fl841ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=37
x-length: 105160
content-length: 105160
last-modified: Mon, 18 Apr 2022 23:32:24 GMT
server: nginx
x-tt-logid: 2022041823322401011313517515019260
x-response-date: Mon, 18 Apr 2022 23:32:24 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-18T23:32:24.989939976Z 35
cache-control: max-age=31331821
x-tt-trace-host: 01356c9ba3019b14937958569761c0a2a531d8861dc91a888380b052738295b1a31d585211dc323833cb884504ed0e74a1e881e74a28b6ea415db3f0df293bc4d8b3a5a8df24c46eea1e7e7aa9b6591f83a7684abc9b10c1741cfcaa61bf49b5a2def24d59beee0eab01926deda69a49c1516e64a425d61d750734d910c78b9b5f
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 72d778718bb03dda655acaa851139dec.webp
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ 3 KB
4 KB 40ms
39ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/72d778718bb03dda655acaa851139dec.webp?x-expires=1650610800&x-signature=c9Lkz7Dz3ZjkSL9%2BG9rBPoxJ1Ck%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 8596a2c90be14c460dbc1940c98eef8f8d2005235a4b787ffcd26846e004ef2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aae2
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(838,838)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-345a749f105fba38f55a4d06054504d1-345a749f105fba38-01
nw-session-id: 202108110835490102440770683F429621x627t12df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=76
x-length: 3370
content-length: 3370
akamai-mon-iucid-del: 971652
last-modified: Wed, 11 Aug 2021 08:35:49 GMT
server: nginx
x-tt-logid: 202108110835490102440770683F429621
x-response-date: Wed, 11 Aug 2021 08:35:49 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-08-11T08:35:49.544062119Z 73
cache-control: max-age=9678255
x-tt-trace-host: 016554a16144bc6568f144337bd7723de2d4d21e8906bddc031dd4e3616f14427dbef6a0f92934305f416de28f26cd3e0965e581c376fba7dfa4e01978bd8d7ab13682867d8c46d0b1c777dd5a04481fc9c7abaff74019becf60a2d0da975589f579d68eae71613d31a57d6c9d54cb1c60a3b2613f2ed706d7b43bcff473b70408
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 1532fcce52ca43a3bdca7e3612495d79_1650225629
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ 139 KB
140 KB 47ms
46ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/1532fcce52ca43a3bdca7e3612495d79_1650225629?x-expires=1650546000&x-signature=0ITw3d3p4pVWiPRUmWKrpZoxb1I%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 654584de7d667f9a4726bd793fb80a0ad1fa53d536bfe23eb2aaa32256359d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 485dfd7.409aaf2
date: Thu, 21 Apr 2022 08:14:11 GMT
x-check-cacheable: YES
nw-session-id: 2022041720094701024524719506A600B1scln612df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=43
x-length: 141896
content-length: 141896
server: nginx
akamai-mon-iucid-del: 971652
last-modified: Sun, 17 Apr 2022 20:09:47 GMT
x-cache-remote: TCP_HIT from a92-123-225-52.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 2022041720094701024524719506A600B1
x-response-date: Sun, 17 Apr 2022 20:09:47 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-17T20:09:47.275379693Z 37
cache-control: max-age=31233422
x-tt-trace-host: 01aa105bbbd3f6ffa182f8b1da17991cb00f1ff769b8f320bf4b7223d1b76068358fa6cc0a45e5b34212512b19baa65f34520452fff58587aeee16d30b289f6c9e3365ccc1384c6ec76d7acfcccdbbb91d3d7bc67d4b2b63967611f976166b50a57552d3e31f07992c3ee89ded1e7494c0314c3342807440ca85450a44b295526a
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 6f8d31ae8b576737c11cf02179369872~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 46ms
46ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/6f8d31ae8b576737c11cf02179369872~c5_100x100.webp?x-expires=1650610800&x-signature=BhzfmR207X9zepXcN0hdobl0P7s%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 105823a1c8120834c3110caf18060a9125b32f5280a79d6df9c8eb2de8eb16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 1fb339.409aaf3
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(940,940)
x-check-cacheable: YES
x-tt-trace-id: 00-4985cf4a105d9c9ae6e70d06063d04d1-4985cf4a105d9c9a-01
nw-session-id: 202204210029070101901921431974B9FEzcghb21df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,23.55.62.4, 2,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=60
x-length: 2178
content-length: 2178
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Thu, 21 Apr 2022 00:29:07 GMT
x-cache-remote: TCP_HIT from a92-123-225-23.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 202204210029070101901921431974B9FE
x-response-date: Thu, 21 Apr 2022 00:29:07 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-21T00:29:07.528723483Z 56
cache-control: max-age=31508132
x-tt-trace-host: 0151669c5d9013baf0ebc0ca92a6003cc8dde67e290158a223afe2ba0475ec7e40b216dbbfffbc4778ec00b81199ba17a61c37d6642c6311b6ce7e1bf06c82b2bc6bb1c635f58c32a98694e23675649c00851bd6e32534fd581eae995cfce5dc161177b369655d5eba24430737dc958b2da1e34dabae1400c9105292bc952de086
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 3e5d32224bf14a22a60122aad91cbb08_1643433070
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 95 KB
96 KB 153ms
152ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/3e5d32224bf14a22a60122aad91cbb08_1643433070?x-expires=1650546000&x-signature=%2Fl%2BfDO%2FNnLGGaEWH9T%2BdwgRq1Z8%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 6812858756f0ed871402b2e9948899a7ad10c9dec0ef3fdd7f403da53893e0bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-29f73bcb105c1e551eecc446064304d1-29f73bcb105c1e55-01
nw-session-id: 20220414212510010113135175234ADE25xf2bk41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=61
x-length: 97536
content-length: 97536
last-modified: Thu, 14 Apr 2022 21:25:10 GMT
server: nginx
x-tt-logid: 20220414212510010113135175234ADE25
x-response-date: Thu, 14 Apr 2022 21:25:10 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-14T21:25:10.549346683Z 57
cache-control: max-age=30978536
x-tt-trace-host: 0196f4163e79a16cf11d4ba3466be0670a06c2c239578416413116f6a04b515e80043b467db7af4630802b5418e1f21066eadab0aa9b7b624efb0b59a48cef9e496bd158b974dc52e6da3ade6fdbc6e2f9fdfc43392d2c3f42eee5566ec8ef63d6e4bae4abd0dad52e661b0a997c50e50080b9721111d936101d8169a1eaae2741
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 d5332d675dd8e874c03329f5ad1d51f2~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 1 KB
2 KB 67ms
66ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/d5332d675dd8e874c03329f5ad1d51f2~c5_100x100.webp?x-expires=1650610800&x-signature=JY7HVccNTG54uGOyB9TmiUNSg04%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 73c0d58efe283913dec6ca3dc08fe5634cc193323993d794e9697e3a84c144e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aaf5
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1087,1087)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-494b520f1061cae4e98f9bc606aa04d1-494b520f1061cae4-01
nw-session-id: 2022030206222701018903608100E358DEx84vf21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,23.204.146.20
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=108
x-length: 1380
content-length: 1380
akamai-mon-iucid-del: 971653
last-modified: Wed, 02 Mar 2022 06:22:27 GMT
server: nginx
x-tt-logid: 2022030206222701018903608100E358DE
x-response-date: Wed, 02 Mar 2022 06:22:27 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-03-02T06:22:27.422306475Z 103
cache-control: max-age=27209075
x-tt-trace-host: 01f8106b47cb123ac169d1fd20f090aa6056c27d45a1697bfdd426f06fac1900676325db0eda00a9eeaf7b69a0303a1f2dffe43467acf8d1806b8558bf4db27e0b78b2b4bda2010cb628c4da10008b612515bd73147ede0b0f5f93085102f1f38ede5215064a4b184b511644acd484ae93e605085b02a00ac9bbab11a775a80bd4
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 f0a33201216a43ffa4c3af10920f324e_1650513545
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 146 KB
147 KB 173ms
172ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/f0a33201216a43ffa4c3af10920f324e_1650513545?x-expires=1650546000&x-signature=DZjDws4I8CC3gPQHBLX0o4Db2ag%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: ad35fbca793fb8c30b78a9ef9ad9f1859d645605e9d33f6b710c0551376824f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-4a52caa410624f959f28f1062ee204d1-4a52caa410624f95-01
age: 14470
nw-session-id: 20220421041301010113006037243C94D3nbs7n41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=9, cdn-cache;desc=hit, edge;dur=1
x-length: 149918
content-length: 149918
x-served-by: cache-iad-kcgs7200160-IAD, cache-muc13931-MUC
last-modified: Thu, 21 Apr 2022 04:13:01 GMT
server: nginx
x-tt-logid: 20220421041301010113006037243C94D3
x-response-date: Thu, 21 Apr 2022 04:13:01 GMT
x-timer: S1650528852.722308,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-21T04:13:01.333396201Z 3
cache-control: max-age=31536000
x-tt-trace-host: 01a971adbf43dca68ade57f798d574ee9de59d9e813c6ef13c59c94af37d0e84bfe07bc35c2b5dd3776bb1bb806f6128027234a5ba0ebabf0a228508da353c4472414dfa129889b4ad8bc950aed904611291e0f1eeb91b7536ca3121d26d3cf0ec35b9a020f0c130ba7b0b595f34972f16
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 39f9df5d86398b65624e17799bfcaf62~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 1 KB
2 KB 68ms
67ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/39f9df5d86398b65624e17799bfcaf62~c5_100x100.webp?x-expires=1650607200&x-signature=FfShOU%2BJXsiF18kbs3nvQrXsNoM%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 966fc0b373054978730d306c0c3382c6073efffe230aba7779fa5d02f8ece027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aaf6
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(923,923)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-10d06d8710600c3f6e04cac606e704d1-10d06d8710600c3f-01
nw-session-id: 202106151755360101880612182BD2EF69-804700e1-6ff5-485a-802e-062cab05416e21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 5,184.25.50.197
server-timing: cdn-cache; desc=HIT, edge; dur=4, inner; dur=92
x-length: 1262
content-length: 1262
akamai-mon-iucid-del: 971653
last-modified: Tue, 15 Jun 2021 17:55:36 GMT
server: nginx
x-tt-logid: 202106151755360101880612182BD2EF69
x-response-date: Tue, 15 Jun 2021 17:55:36 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-06-15T17:55:36.301599269Z 90
cache-control: max-age=4786900
x-tt-trace-host: 019cd34a38d70c9acbb0bbb6c02dd50c1efa743071331a27491ba794532544b19f496b3caff0e67003d00c37574019384d4ab540f75f5e4d543a3fac641037749048d692ce550986c31e46068e67c69e5b788d80ead5c6a0039ba4ae811b8d8142cb1f17d6ec02692b6713fae01947933a
timing-allow-origin: *

GET
H2 200 ab7b409e339046538298feb4c7de6a17_1648923055
p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 95 KB
96 KB 173ms
172ms Image
image/webp 199.232.190.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p19-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ab7b409e339046538298feb4c7de6a17_1648923055?x-expires=1650542400&x-signature=Ce8yYBJ7hGCXsXXcbhzWbKV0N1k%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.190.73 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: d1c421f20170befdf78f2cdff81e8988ba367b2ffb7920a76aab5835305329e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-f9b9e2071060e5ddc8e4ca06065004d1-f9b9e2071060e5dd-01
age: 1366669
nw-session-id: 20220405123622010113006037124E561B8qpmg41ff
x-powered-by: ImageX
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=23, cdn-cache;desc=hit, edge;dur=1
x-length: 97668
content-length: 97668
x-served-by: cache-iad-kjyo7100147-IAD, cache-muc13931-MUC
last-modified: Tue, 05 Apr 2022 12:36:22 GMT
server: nginx
x-tt-logid: 20220405123622010113006037124E561B
x-response-date: Tue, 05 Apr 2022 12:36:22 GMT
x-timer: S1650528852.722274,VS0,VE1
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-05T12:36:22.295911525Z 20
cache-control: max-age=31536000
x-tt-trace-host: 019f2776021681aec8e74994bc249aeca4eb43d9255c26f3eec46b933b327424dfd5c9aea01e3585534e009b32ba2047ef56f606affe6af4b39386914c5cef832a345d586f68017ddda7560c7368e2d767c6815429419b318795ad741a0ae9699fa71c1181fc1dcc217bfab8f4968209f6
imagex-fmt: awebp2awebp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 4e78ff5af48c7a41e240db747133de39~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 68ms
67ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/4e78ff5af48c7a41e240db747133de39~c5_100x100.webp?x-expires=1650610800&x-signature=kA%2FAiG3bmSHN9ZH3BqwC8u7ENyk%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 742c67f88bb642346ccad1b8c47fc44e34884ce05ff56a6c238d92a16280f423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aaf8
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,3)-(1165,1168)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-bb67edc7106007f7444dd086068504d1-bb67edc7106007f7-01
nw-session-id: 20211026070202010189085152201BEDB4spr4m21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=76
x-length: 1812
content-length: 1812
akamai-mon-iucid-del: 971653
last-modified: Tue, 26 Oct 2021 07:02:02 GMT
server: nginx
x-tt-logid: 20211026070202010189085152201BEDB4
x-response-date: Tue, 26 Oct 2021 07:02:02 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-10-26T07:02:02.91731469Z 73
cache-control: max-age=16238737
x-tt-trace-host: 0108bc30a688e2e7cd25f650cde5a7ec066f7e75b98c8b3ec66894b94bedd8b227417b3995cc35ce8dee17605179b367017f03ce0df7d28eb668613f9d29b276bc0a2659ec419521106bfcd32133f3300dc2b627878b398759ab72152728cd01aafce1934751daed12d9c72a3897b432e9f56d88702545ef140e57a0431b592224
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 f6e5f4d2dc2a4f3ea4058b5f0a420285.image
p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/5c8846f97e9446e1960f305aa1a48c14_1650395616~tplv-dmt-logom:tos-useast5-p-0000-tx/ 51 KB
52 KB 153ms
152ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/5c8846f97e9446e1960f305aa1a48c14_1650395616~tplv-dmt-logom:tos-useast5-p-0000-tx/f6e5f4d2dc2a4f3ea4058b5f0a420285.image?x-expires=1650546000&x-signature=w%2Bbfs86fLzLbUqAxZS7QBt4fBeA%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: ee611af1be3b78c1d04cbe1a5989f24212d280c3ac542cd91ae6888cd8121148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-4345845f1061c093581c0cc6052204d1-4345845f1061c093-01
nw-session-id: 2022041919211001011313507705A61650npv8741ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=392
x-length: 52388
content-length: 52388
last-modified: Tue, 19 Apr 2022 19:21:10 GMT
server: nginx
x-tt-logid: 2022041919211001011313507705A61650
x-response-date: Tue, 19 Apr 2022 19:21:10 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-19T19:21:10.691507781Z 389
cache-control: max-age=31403168
x-origin-response-time: 409,23.55.62.36
x-tt-trace-host: 0154a2750db8b1d3ccd5b167617c9f7f9e65839f7039e16117d2b6b0a73275188d575fa0c4ab36870fbeeac41fcf130efc2d6052e7e58c16fa6e73aa4b7da18bcd288680122fb6230e1c23d8c237a5a415701ab2a63d2c029ff067decb572b448c45154413059799b4e9676fb083563e2e1ad977b4991ba928a886f40743a6f73f
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 7cdf4b6d99942545e3b91ec5e8614e98~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
2 KB 69ms
68ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/7cdf4b6d99942545e3b91ec5e8614e98~c5_100x100.webp?x-expires=1650610800&x-signature=nCB55UW3OF%2BgT4gaEiAi1maIN00%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 2035441d98ae0c1fb4c4e46a1383f9a0412fa707bca239156ac876ff9ebd555e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aaf9
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(1122,1122)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
nw-session-id: 2021082319450701018806121856EACBFFqzfsf21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=3, inner; dur=88
x-length: 1720
content-length: 1720
akamai-mon-iucid-del: 971653
last-modified: Mon, 23 Aug 2021 19:45:07 GMT
server: nginx
x-tt-logid: 2021082319450701018806121856EACBFF
x-response-date: Mon, 23 Aug 2021 19:45:07 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2021-08-23T19:45:07.924636723Z 84
cache-control: max-age=10754847
x-tt-trace-host: 012c461de41c72d5a6dc73f7c7d88f47c990af1f690b479903dc7c8bdaf277f437c2accd8c9f11ae3e4271aa265e292283d931e5cbeddb5105137d3ebc1c294462815e4a540d87a11fbb176bdefad6f7775536987e1bf5bd422b003e865bb4c4edb4571d8ee4e60d4b845be09d94169e4cad85892426f7343d1b302ccf36554b91
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 3120de0ba12c46df959a019dc53199fa_1650391698
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ 72 KB
73 KB 103ms
103ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/3120de0ba12c46df959a019dc53199fa_1650391698?x-expires=1650546000&x-signature=Ixy6Gq7jUSCDBuqx1a%2FhF76Gi6o%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 59aa665beb045922194df9c1505ae148c7d2072e83f1998dd6e17c4e9369993e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 3a598aa.409aafa
date: Thu, 21 Apr 2022 08:14:11 GMT
x-check-cacheable: YES
x-tt-trace-id: 00-43099273105d344caee14dc6064c04d1-43099273105d344c-01
nw-session-id: 2022041918154301023312822606D98B0Alpw8821df
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,92.123.225.13
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=97
x-length: 73768
content-length: 73768
server: nginx
akamai-mon-iucid-del: 971653
last-modified: Tue, 19 Apr 2022 18:15:43 GMT
x-cache-remote: TCP_HIT from a92-123-225-20.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-tt-logid: 2022041918154301023312822606D98B0A
x-response-date: Tue, 19 Apr 2022 18:15:43 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-19T18:15:43.638887626Z 88
cache-control: max-age=31399334
x-tt-trace-host: 01c07975b842181e844627a2b0353e1f860c1c9605e87f151a3b900c89d4ecadf0b02572091f9b40b3a9e5ab6230fb774c473a3dfd83564fcc99e1b9de21247e54a809774ebe2d116189af98060b5351e97737bf779627fc09c5d27d0ea5ab323fff71595a08acd584fc0209235145746f2ae09768bde14d4886fa5cbcb325922e
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 smg2f3121ba2528f49e4284070b744dfddd.webp
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ 3 KB
3 KB 100ms
99ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/smg2f3121ba2528f49e4284070b744dfddd.webp?x-expires=1650607200&x-signature=NcBOpLzCEREStgJeJUrsANOQpGQ%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: adc832b83593639b8878e7587acdec884c8b429c8964f2cfb98bc93f2a89f579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aafb
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(400,400)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-24cae85410610570966e81c6056404d1-24cae85410610570-01
nw-session-id: 202201041113040102452410131CC361049jcw412df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1,23.192.44.246
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=92
x-length: 2574
content-length: 2574
akamai-mon-iucid-del: 971652
last-modified: Tue, 04 Jan 2022 11:13:04 GMT
server: nginx
x-tt-logid: 202201041113040102452410131CC36104
x-response-date: Tue, 04 Jan 2022 11:13:04 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-01-04T11:13:04.59985459Z 87
cache-control: max-age=22302224
x-tt-trace-host: 019259bebf2cd64f71db2292805144e96c3da495a4e9f6797d84f3a4a052deefc7c1706b85b530080cbc32f6bb41739649561c9dab25c447ffed47082011c2ce89cd9f6c0dced6204cd56ddaaf76eca0c91ac4193db8e87846aafb19982999493b15c14e71f006d818b490385d3fcf1fb8440cb02e896a905f71b02c82a5adbbdf
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 5107334450c34a7b891a20cf6fd8f484_1648777050
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 158 KB
159 KB 151ms
151ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/5107334450c34a7b891a20cf6fd8f484_1648777050?x-expires=1650542400&x-signature=Q%2Fk%2FXi1JQCy%2FTV%2FZ0Rvbv94ftJ0%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 183ea6e6dfa036c3c95c954ad003d9ab133b656d1f3c4270b50966fb59c4845b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-00e7152a106169d329204646058004d1-00e7152a106169d3-01
nw-session-id: 202204062203060101130060370DE9571Adxfpz41ff
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=19
x-length: 162142
content-length: 162142
last-modified: Wed, 06 Apr 2022 22:03:06 GMT
server: nginx
x-tt-logid: 202204062203060101130060370DE9571A
x-response-date: Wed, 06 Apr 2022 22:03:06 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-06T22:03:06.237872548Z 16
cache-control: max-age=30289803
x-tt-trace-host: 0196d2b2618da68d581952aaf5700d32233eddad0b8a44cf4ff22a473322d571d2588f7bbd283e4e608c851270b2afdbf46dbee69f2d539fad43c63f71851b84309eff57069ad0d63228aecfeda6456c181999bbd80a128677f063c0c4a5bcaba976555798ff4fe3dc0a005d28f5b6870e
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 b6e996b2be3e1f89b30ffe523cdcc6a5~c5_100x100.webp
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ 2 KB
3 KB 106ms
106ms Image
image/webp 92.123.225.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/b6e996b2be3e1f89b30ffe523cdcc6a5~c5_100x100.webp?x-expires=1650607200&x-signature=WDXUfcOVw5bbmqUHrd5na6J5YC4%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-17.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: dd79631018894e203af8ef121364314c97de4d2fb81193d6fe3bafe937566f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 409aafd
date: Thu, 21 Apr 2022 08:14:11 GMT
x-crop-loc: (0,0)-(809,809)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-tt-trace-id: 00-3437b50510613c2f153c530605da04d1-3437b50510613c2f-01
nw-session-id: 20220416211146010190219215135460944kvtm21df
x-powered-by: ImageX
x-cache: TCP_HIT from a92-123-225-13.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=73
x-length: 2056
content-length: 2056
akamai-mon-iucid-del: 971653
last-modified: Sat, 16 Apr 2022 21:11:47 GMT
server: nginx
x-tt-logid: 2022041621114601019021921513546094
x-response-date: Sat, 16 Apr 2022 21:11:47 GMT
content-type: image/webp
access-control-allow-origin: *
x-check-cacheable: YES
nw-session-trace: 2022-04-16T21:11:47.023818581Z 68
cache-control: max-age=31150682
x-tt-trace-host: 012e9aa54b218d5505ac06478f70548ab2c9bd6015e7e2de982e140ebc4cc4c103b222e13ae6f5717bcb050f8919c1f8ddf25dea61942ef9f31cdc9a935402b7d0ffa75b41512f04e7e1eacba92cbd107d1613a4b11c8ac9c9347f95c45975ad065f36987b1dcd7b6a963f65815c2daf58dd9a4323275c627f49fa0e893bad4575
imagex-fmt: webp2webp
timing-allow-origin: *

GET
H2 200 ad07636db85243ce990e9ea5a82bcd0b_1650019159
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ 75 KB
76 KB 151ms
151ms Image
image/webp 92.123.225.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ad07636db85243ce990e9ea5a82bcd0b_1650019159?x-expires=1650542400&x-signature=ctThOUpTu%2BOMFjzG2I9S0aRK1v4%3D
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-73.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: da1ab4f623111ce0e322f36d5a6102584bee62262a0784ca76e209c87ea53a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-2d2d0efe105e9f32a98c1386066604d1-2d2d0efe105e9f32-01
nw-session-id: 2022041512224901011300608919CA3D84vnbfd41ff
x-powered-by: ImageX
x-cache: TCP_MISS from a92-123-225-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.55.60.15, 2,92.123.225.69
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=15
x-length: 76618
content-length: 76618
server: nginx
last-modified: Fri, 15 Apr 2022 12:22:49 GMT
x-cache-remote: TCP_MEM_HIT from a23-213-160-23.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-logid: 2022041512224901011300608919CA3D84
x-response-date: Fri, 15 Apr 2022 12:22:49 GMT
content-type: image/webp
access-control-allow-origin: *
nw-session-trace: 2022-04-15T12:22:49.994420847Z 13
cache-control: max-age=31032471
x-tt-trace-host: 010f2c1dd9db18d912c64bba0d5003546dfef55b81d8128290f61df1f0947410607157cc64bab1829258a73d01481b5c373a46259be2398f983c2e1ef2ea96f637d7a9a8aa2c922eb035e70b485095f070a305c363a6a2146d0c66f79cde4be995de8381775f53369481ba1dbc82c60cbe
imagex-fmt: awebp2awebp
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 6 KB
3 KB 55ms
23ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2674338
x-jsd-version: 12.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTLZg0%2FBfjr3aOR8jjaeKBSXt2%2BfarFC%2BnY6SOJhN0RRJnVHxHNCABROjw2%2FKrQuVSZrMqjWUceVhJu%2Fe%2FbpVuP6TaiN1Tmu7xUIUFW%2BzMNlHaicWepmiuKit%2FRpTAp1%2FJE6euWWucY7TdswdOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ff4aa294c5d23c7-ZRH

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 203ms
40ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187790b0d2481fdbe5b949f1c05c1401f7e44b605764eb372ba08a9ce5284df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3061
last-modified: Thu, 10 Mar 2022 23:23:36 GMT
server: cloudflare
etag: W/"622a8878-34b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqN5zhfmA5YNdE8sgFQMbEydmMmlm8vxew%2BNGvmymj9ROPKhq7EWLv60Vp%2FAzzYvRc4irFxmlq3wfNUG2LEEjuMPTJ3Nm7DIVCMNCrUmWG4Y1rT5c9goHScGHNK6J9pDCrzE83aI"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6ff4aa2c6bd15995-MXP
expires: Fri, 22 Apr 2022 07:23:10 GMT

GET
H/1.1 200
OK jquery.js Show response
tikytoky.com/js/ 143 KB
144 KB 16ms
15ms Script
application/javascript 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/js/jquery.js
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: bf77b032518ddbd9a4362a2428f7f3de1a77c3216ee68e74a6b3f7da77532fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"23d65-17e45de6935"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146789

GET
H/1.1 200
OK jquery.lazy.min.js Show response
tikytoky.com/js/ 5 KB
5 KB 18ms
17ms Script
application/javascript 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/js/jquery.lazy.min.js
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: ceeb9fd8c675b06c44f70509e84221462e18c313f58b145d9d8d043be8dd2635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"136c-17e45de6935"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4972

GET
H/1.1 200
OK site.js Show response
tikytoky.com/js/ 10 KB
10 KB 20ms
17ms Script
application/javascript 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/js/site.js
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e4781e30299218c31c1bb7a2935893492469348189986412694f9403835a708b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2637-17e45de6935"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9783

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 50ms
44ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tikytoky.com/
Origin: https://tikytoky.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 2331496
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a24443473457d36de3fb48c2624ca5ea
cf-ray: 6ff4aa292d5f23af-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 twemoji.min.js Show response
twemoji.maxcdn.com/ 15 KB
5 KB 56ms
11ms Script
application/javascript 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://twemoji.maxcdn.com/twemoji.min.js
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id: e88cafddc51bb6e519d8c5233aa98155a705ea7e
date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-cache: HIT
powered-by: MaxCDN
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
server: NetDNA-cache/2.2
x-github-request-id: 6910:BF44:1512B8:15C630:625F08EF
etag: W/"62451edf-3bc8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Sat, 21 May 2022 08:14:11 GMT

GET
H2 200 ice-age.png
www.transparenttextures.com/patterns/ 92 KB
92 KB 164ms
58ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.transparenttextures.com/patterns/ice-age.png
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee634716f7568ff6ecbd6858e8e5282202446e43a607afa8a309b943c821570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 599641
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93808
last-modified: Mon, 04 Jul 2016 09:04:22 GMT
server: cloudflare
etag: "577a2696-16e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LzpCLH4G7Ahc1XQQZ8W1vMD9KNO93T2FQ4f0p34XlDWHAPZ1HunBGZ2txbrbdpoY2oISiKUeZphG7easxZr0iZQKHaD9Zn3lsM6n%2BF46xRU7bwWI9XbCf4Jj9FAG3puTjmj9fw8sKGjiGO2BoEcpYhHd1HeHTaFyaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6ff4aa2a0d505fa1-MRS
expires: Tue, 03 May 2022 18:33:20 GMT

GET
H/1.1 200
OK islands_trees_water_151034_1920x1080.jpg
tikytoky.com/images/ 1 MB
1 MB 18ms
18ms Image
image/jpeg 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tikytoky.com/images/islands_trees_water_151034_1920x1080.jpg
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 311c4ff924dcaeaf69be0bea1ef1b4b073a9b92b1cbfbcd6446ebefcff2f3f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Last-Modified: Mon, 10 Jan 2022 21:21:50 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"13decd-17e45de6900"
Content-Type: image/jpeg
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1302221

GET
H2 200 LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v8/ 25 KB
26 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesans/v8/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a0f9d67c4a4d2f8e1cab3162a589485df17e0856db8584da75bc4e72d671cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tikytoky.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:59:11 GMT
x-content-type-options: nosniff
age: 94500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26040
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:04:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 05:59:11 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
27ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://tikytoky.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 15190
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fdd0412323bffd8892dcdabfd4a381a2
accept-ranges: bytes
cf-ray: 6ff4aa292d6223af-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

/
tikytoky.com/
Redirect Chain

https://tikytoky.com/images/loading.gif
https://tikytoky.com/

86 KB
86 KB

46ms
46ms

Image
text/html

103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tikytoky.com/
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/css/common.css
Protocol: HTTP/1.1
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Content-Encoding: gzip
ETag: W/"15727-7q4hZ5hc4IFeIBfUr/QkWSiihr4"
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Connection: keep-alive

Redirect headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: /
Connection: keep-alive
Content-Length: 23

GET
H3 200 pubads_impl_2022041401.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 49ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 07:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125916
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 08:34:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Apr 2023 07:16:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
96 B 63ms
34ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tikytoky.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c887d3667e8514e262b0b4c21a26a1fa272b65808bec1d665917cfd3c2f1dec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Thu, 21 Apr 2022 08:14:11 GMT

GET
H/1.1

200
OK

/
tikytoky.com/
Redirect Chain

https://tikytoky.com/images/shattered.png
https://tikytoky.com/

86 KB
86 KB

71ms
71ms

Image
text/html

103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tikytoky.com/
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/css/style.css
Protocol: HTTP/1.1
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Content-Encoding: gzip
ETag: W/"15728-ZII7waWK3hn1UY2WpA/f0iCw3XM"
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Connection: keep-alive

Redirect headers

Date: Thu, 21 Apr 2022 08:14:11 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: /
Connection: keep-alive
Content-Length: 23

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 172ms
64ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tikytoky.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tikytoky.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
31 KB 531ms
530ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455391320613448&correlator=3300491160779951&eid=31060888&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21849154601%3A22401882940%2CAd.Plus-Mobile-Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3002877104&sfv=1-0-38&ecs=20220421&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650528851661&lmt=1650528851&dlt=1650528851289&idt=337&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftikytoky.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1833605403.1650528852&ga_sid=1650528852&ga_hid=1769816453&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1ae7aa336ed6231e9797409232132e13a1c104c7d91a54b628283b34067bbca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31221
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tikytoky.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 786ms
786ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455391320613448&correlator=3300491160779951&eid=31060888&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21849154601%3A22401882940%2CAd.Plus-Anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C960x90%7C750x100%7C950x90%7C468x60&ifi=2&adks=712443154&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=site%3Dtikytoky.com&sc=1&cookie_enabled=1&abxe=1&dt=1650528851664&lmt=1650528851&dlt=1650528851289&idt=337&biw=1600&bih=1200&adxs=315&adys=1200&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftikytoky.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=516&ohw=970&ga_vid=1833605403.1650528852&ga_sid=1650528852&ga_hid=1769816453&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bbe1f492507586ed954fd1c3baedc8099e0e4a493b92585905d92f34b7523073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10448
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tikytoky.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 265ms
265ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455391320613448&correlator=3300491160779951&eid=31060888&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21849154601%3A22401882940%2CAd.Plus-300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x446%7C240x400%7C250x250%7C250x360%7C120x600%7C300x250%7C160x600&ifi=3&adks=2441796612&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=site%3Dtikytoky.com&sc=1&cookie_enabled=1&abxe=1&dt=1650528851667&lmt=1650528851&dlt=1650528851289&idt=337&biw=1600&bih=1200&adxs=248&adys=950&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftikytoky.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=364x0&msz=364x0&fws=4&ohw=364&ga_vid=1833605403.1650528852&ga_sid=1650528852&ga_hid=1769816453&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

71622dc5d938cda3edce772cd844fecde684a16c4ddf1ecbab4ed448caca5f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10385
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tikytoky.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
22 KB 996ms
996ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455391320613448&correlator=3300491160779951&eid=31060888&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=21849154601%3A22401882940%2CAd.Plus-300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x446%7C240x400%7C250x250%7C250x360%7C120x600%7C300x250%7C160x600&ifi=4&adks=2441796610&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=site%3Dtikytoky.com&sc=1&cookie_enabled=1&abxe=1&dt=1650528851669&lmt=1650528851&dlt=1650528851289&idt=337&biw=1600&bih=1200&adxs=618&adys=1580&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftikytoky.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=364x0&msz=364x0&fws=4&ohw=364&ga_vid=1833605403.1650528852&ga_sid=1650528852&ga_hid=1769816453&ga_fc=false&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

55ce5626fee96a7d421fcdfa1f15f4a06a71ba76b1996185b93f3d20d24d557c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22685
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tikytoky.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C7C 6 KB
4 KB 239ms
18ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:11 GMT
expires: Fri, 21 Apr 2023 08:14:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022041401.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022041401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c321245e6d62047e34eb64d468495376a05026060a19408588ba2dd9e552f1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13283
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 08:34:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 10:47:45 GMT

GET
H3 200 container.html Show response
a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4176 6 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:11 GMT
expires: Fri, 21 Apr 2023 08:14:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 334ms
105ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ftikytoky.com%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:12 GMT
X-T: 0.632
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Thu, 21 Apr 2022 08:14:11 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
145 B 350ms
119ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=91uy1rl1bu&t=TikTok%20Online%20Viewer%20%E2%80%A2%20TikyToky&c=d&x=https%3A%2F%2Ftikytoky.com%2F&y=&a=0&d=0.345&v=29&r=2443
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 8657a186c813f1822093967e457fa5f13c202a85aefb50c15b1399568f21dc64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D0A3 624 B
973 B 49ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj85-i7ATAB&v=APEucNUamDewYZ6Mpw8QWADfhAUewaqCNiGXxcydh3Yk7JAnlx1BlcdlK2PreTzW0UTpqLQ7xZ1KaPV_UC94ql3S2D8uprK9OVr0GUxHScRPluPj6AWr1uex5I7HM1rier43L9SUQCjF8etq36x0b1YgYCiYExNarIQZF8_Myc2SqOFgxQKOlRI

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:12 GMT
expires: Thu, 21 Apr 2022 08:14:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4176 14 KB
11 KB 68ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN0Cv19MNnRzT3zkRNIzD_ZuGwM6bZ-2SKfRc5aCykBJFWOWucgplVsrWXEHX6wVh0LIb_viJy6RsmK6gB4eP3PpkI_VjKdoqBEoAzvIUbbbS7OxtRBdKw7HgJ3qK0mPOgeMG3nxs-ri11JEUhkqsoCYox1A&dbm_d=AKAmf-AZUE-5TR6O4-kB9Rrv12KisBQ51HtRafQRn3KsCjCuZGEEL6wSSwcouj_KqAwygXky-Uuo-Z9Yv6BHlXhfQSMPE84gnE-TjycZ_oi7xXR3Z0ji-6bxzG3wsi-4i-CZTPGTyaB87d_F3liKTVQLVBGx0i7G4iYudr8OttFQ2iIegmUCH9MhoieuQOzXp59qekhy3X84j8yOIVQoZuOsdEU0RCOyM5GmtvwsaOCbGFeZIesdF4maQVbk5J8tPfY8d-zf10y9FVaPkoGl-yG3x1IpcD1j6_wMncEOusPNkWisreCtemdN_Uf4sdea_uaucfUpbJ5xz_ryl5-7ZrqND6hiE-V2AlKtWvaW2Xtfj_Td83v1Xj3J26RxlvbbIts6vxfChT3HTcebokMW6mrq6LZtVPqZyt1ZInfHhOxsqcHEN6XECVhsjtPF1fYEW9_qbxXMdLLAn84zcoI0WeZ-cekovdBfF-V2X8-LKJ23gS5Z0WEOR11-XLwYhF0Sj_lE2kvOlpPRrzE9GDplGAwP1s42aUL54s0hsdHOrRJC-I37Z80twPDytSSRpjKVbFqcvZBT3RyPSeOAhafJAQcsy4dcwMsijLUn81PQqWcrpIOYbw-64rIs6jk4gqSHiEeL9PFLwg7c3y9zBKapS6jJV-whvZC6Cqx3PyQGKM_cU3aFjbBr3wb3SMUVG4GfW8kCHrw4lZI86oaxlQ53aLGr1Fxg6gnh0CmAJrEAMATiARrzlT8x41PUw-ymwn4n67ZyNAcUeK9madLY1cFCnxDnL_GrUb0PRpYWVR-7ZFWdnn5JodTZe3P2G8GedzEj_BMmnggpPBbKXqqsgc6S8lXucb5CfpWesVE1NXEmyChSLY02qcQ6zhpX1lDlXxQlMWRZmCQ1ZiaQkwbgMawFMccqDu482ytpG4rq5z8R2m336TQKcqufjFD1bzdM3wO6vTkVuhC9ofmw_45Uk-SiyCku_atJ5cx5nvMSOrKUmT-_Hpn5zmSV9XCJ3tMK0l6vdgJz7hfVo8kRhVYDi08qff-poHV7LRNq3UGbeIyi0B5EGVKGicBQbNqa-HuMbK-CnFBhnOpsx6VTqfJWH9yZKJAyJ-B8CNRZ_zReO-8nRHhA9i_yX2yYBfMP8vNcNc5OU5TyeaCkyAYjPlBbg0vCtkLbajw5vkC7g3P4P7-kxJD7_KCQbU-GtMdJpvqv3yoyv38Ivok0rMcOwYr9QbBSfDZhgmu770VGKR760t-H7gUrZO81JKUkhGwBj6yLVjLK-_19QejBb3TLXVWTQo3J-eXYp4lw0TuxVkga98qgSGYvGIi8JKG1MWTTM2fRMwMrd-iTmjQxjVv1OLtunguUYAgOiCqybaIWoxZpWzMcEHpnWvQYlxzHx1ScPyGbZtjvuKiTSJSKQq8lVumR50G6GVvWZBsw-GH1rDHBJHn-sLDjvXFXjNehGJ0_z9DazUaouN51ZeR-ZRNyM77hIG8yeSJ-EFMH2tDkPg_nCfepdjsdnXVRc_jc-dlRhfHzODE7laKVRDriM13bBLQRpN4gWK5WMr1ajPsEqFeGUVIL4FyY2UO1feDlRp5wnDbKK33_0ghXL_yOH0bOPBn7JyNM8wWe9pJXlBzq9unnU5CasSh48QUKzkwkwANmJs-gxW1S58BkGth06BqcDqIO9teNeiZ8RudjlPDYLdoeh_Zvm3M3NjU9s9-PeJP72dqx0vQmxtarUQn6CKueX9QvsC5lSMthzzLwN-_dYlo6e2QlIyD5Xm3R3nvCvyuKVsm15J4MLGpqaCxypId2rxJpv0XJDzrPjKIFP-_xrobbAL1o5sZJ4uT8Q0dWaUguIjm4wxXpZrcckzTtMRSyU-Vbzf-WgJmsKp_RGJpXqDeoCgvw_dbXErcylEDRyQH85lkzy5PfYiokqMpb2s5HANJwAHF67Tsgd1qpb8-j3bhyBkFUbP2CzInobDDWz-KlhTr066kNwDZZ2bGynrnM3FoMwUTMQEdJHmgvP7AoNvY2kuV0-48AkqA8qX5yfCQFu-MJX3uYXUU_jBnLcM99-T88xPQI45eP6YWYbZDYcPR0ZrxiAOVTL_Vz6frrl27Hp1B3JZmxw8ezbRCwtkxBpgGm-uFrUws4vMtNLFcgQVsG5ueEYGLXIOyWwVjBkM4cJw09FIvv8uQMiorUjKx8Gmnx7TCCjyDULjUEHG8QirDe8ovu8SINX17sbneoDvRlFfOhLdsWEm16j8j-POZOO_HK5FVsheD65-UGUl_2uCXO7ShY-7ZHHabsDgvyx0ipGSfqh3IVvtdMS0OxHqfl6E0GSWo3Torce_301VKkklZit_OGRLAcRnCEAHTHlSBf36pmHW4XOHLXBzRuhXzidqKnY6-2NNtCkQrlvkLhkChteSpWAAvHTwB-MetsNvX-mD1uUs4oiOh0Q6CG7gJixiIpvRCS9J07e6Ifs2OQIc3A3TOkcL8rL2YjYcIRgy8P6IRZewIhzX1RGIO3_RnL9J2Xpql3__m8WRu-hNMyYDZ6Yq7NenKFulm2u-0HPbBmxSYOKn58nVvpbLluu3Uc87oXMBNUSKNP5kxNF0ZcC0NT4mToPGD25EiGzLF-yw74IUE-eHhBOBoqVV29Byh4J6F0SSDkcZXPtjo4-dTvQtZWX6QeQ1k7xZtYBx1KvwMnKqN8PXs16AK74Sg_7bxV&cid=CAQSPwCNIrLMk-5_Z6aS_sMozItgPAqJTOfQiCd7hDhdgi4AtV-FfxTo5yVgeS_5rwnnvDk-Pvuff791QYYDmJj-sBgB&rfl=1%2Chttps%253A%252F%252Ftikytoky.com%252F%240

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3a83c88a5c4639b1a07bfb9033a3d9f1deb4d4d4c0d44d52a61ef900ce41a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4176 42 B
494 B 69ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0eEbjevXEzRrV7rP6XIwbjRX6ULlfNuISScetF3fjVpO_Tzskg0rimR20sWJZ_nuTI9Jy26fJMAdaHR3cZjPGR5CXAbzMThXiZ_qcI240I0dLP6c

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4176 61 KB
22 KB 109ms
49ms Script
text/javascript 142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWmwznIIaCuZ-EitXCsjqZbSeIgpL6u1fcUtkordYfUfFXUqFA&d=CnkAoCZ_4Iin4RW8qs2uC4U7_xiD2fDKL3wtDMixhkDxxdyQoOGUBPH0yUtd4jT0z8AyRxx6pd5zQ3vL7GmUJH83Hd1WBZYXpE1rwBvnumSUGT1xXlHQA0knOJg9e8qppuRvnXYEeOMQHWab3JCOeX82MjKc8P8V77YqEokSAKAmf-BNGOcdLZoQullDUesirt2pSM246LmvFrGToDxka9mCKywDxLLC41NQ5r72J3W8m4-S7FsfhS7slVHksCkNLVG9x-_sh8FwiDIyaxCod1upBXK_Q7ZuXOvFFJFox2-VNqcGINj5lE7cNn2A0mGi7ORu1izCTLF6UP4RwzOpOxmptJRsg9lcNPJfk9xFGIWHWoBt4TPa69f4F1TrNhCzkNMjDoXpHtlwv9ipXC3QvdMYA604Yn0ICaFwapXAgQwfG8uNznmHaR3K3NHgOv8edXj3vuUCb63qw3DnvUo7QvidcTzrp97dgzhaW17mM6_mHNsyJZZicCIX4emTbv4yGUDjJEQPZOidEwqzmKaxsAuL4Lb9WAly9KOjgcLDfL8RFqAwscQbFuVjvHt0y3e-ZFdWQV9HTR-X0T_jypeWho6ac7JORavM8Scjc4W33BuzYpkvjeerimNtBC4P0AIC-vr3Q7bzDDTXnFbVKwHA-wBt8ULBPlPlHcFqQpwP7w-4z524aRN3KkED1Y7OTKmYMY400WGwtGCd4DPOP4ze-hMbmv6SbAW5whEIEwkO2U5uWnG2doDzTns5t0gIB5BoFvctSaZpKWefI_VK7lRjPcLIXkWSkOnm0Ihe0GA_i7lwfUMODVqb7NQ0L4BcLnTJQqtVms4bmxa0VG-nYHeQiuYhHI2kKSBaDMm8_WlisHJb2YeWUq1R0RO2dAt41R8mX28pwo6oJ4ULbWl81nZGkaAoBY7j64e6Y3CsHRCTWP54P751N-PU8L510aob9sIzEne3eLqs6iY_o0YHXc5K0mV1YE5krtjZY8jWpKeWJPnMX1VZvSSz5z6pyqaZp_ij_EUxJWnh83MGptQFfWLFGGWhhRb6DIGMWiA304Y8JY6d9dsaLMMsc1hOC1sWRqVkqO2I29B2jgkNUSLt4WNaqdz1pPrVJRSXDvRTQZfoDy_fsJWNhsZGisx-XtsnwE_XYxOpKAdilkqFEsftKDVFLnhYBnhPPgy0ahXAaXkZX1d95s0vkw7Q2QWUCNNGJdWCbhxvyTVZZiIEkyUkfSOxeK2Z5RSB1n-Kh5q-zeKxWYcLO0q-Bk-RX7Lhq5MARPHrSnBjKzBs5kYuAmMidbm7hAqp1CWaCuSHcKQVsFcMCZcX5KjAnYysqasugqfFqyNaHjT_bc2iCJKQabRxdshmo_6s5BzBKqnS3aaMdZz4BIL1CHMa75xv_s6NCoPYyB4p0JN1K4_iQXRV26u7tKmYRQ8cFLbpQkM1jWV1ymGXfWWBoxDqYvNhpF0wMZK8VXEzXKaCZMrX5NYXHYTRDEKelwJNXWm291iaC_sr1KEUW8JompDmWVSsM64Keejhdc4ZagBFB00SM5-ei351oaqle5WgIpIVSIT1l1NsYXvfVEGjwyiYez-h85wXzZdzslFxPfjClsY60aZwnc_f8gE9281lR07m_n3f3DYvYyTk7rh1oZ6yPij6JVfdd-I6JC4SFfWzpZ_2rG_IBqo8sRSlzbfadMyufbBrk5Bl7PxpBfmRwNipEkXDTlH1vm_V1tPoOcisaHhPidCTK91fokPfc0md3dnhnfbptF4Jqpz6RZ8X6oO89W1X2L6hR5dkLJnigFP1RM0IMBHfYXv64wyfKN1yMSjyV3B9wREQwWIBU6rCIPGVeiL1oYEG9SRI1qA0UJt78LcYalQSSw4GUd5iH6ELcBNaEYtLh_nVyly1HFmuAAXLEm6TQvbm67IHCW2AcXrBDCgB7UofhVh9bNJmJZ9c3fyCYx3CDZ1rA_i3BL2EI_dmD3S--SQpzJXPCN5IOV11rSCzhRbJCNsVYIYRPu0q2RvOvRxjz2Qr8I3quG3REiOutQ--UiqqrXsC3Ck3Xdbsvcn8Qr9l-jgXG3k9bPvp3ksbMAK7bOHoF-t0imUlaqsbYeQH8US6SN_FxgeGDEN6ar3agtJemAd0lz4xd1BvKNCv6p9CQHECgU75kxhJqaz_48xnGX7WwTP4H-eIBZOOJZPV-1yeFFSCQdsUBvDRne63-NrIFGliB3Ru4Rn6TrNux1Ki5U08ynf5ZkB5qxCNH0Kj_ZJg5pJqtKg_TMezHK-nFWilcQWgIq9rp2S6ucW-G9QvXIOeDARpP4ib1PFhbj7H20L1f-s_vv136mHz7GQL8hHfC72DU24dMHcP3AvTRDcyq58_Zg8_9Dbt70UkUX-z07ZWjzbpQ-vgGwE0gWsM5Hdps_eJtTzs948fjS09SPCO9FHd3doMmZMQJj0LzLsHWQxbkmlcq3dHfzwceSM5ops7VurM7GrL31F8d9yP0s-n-6pMsyLI1JBJ42DdNpbshLrebUfd7LLDm1Mc4BYhCOW1qandZQ8YvkTLZaJ1fKJqXNuMlwWrqcZB56TfH7Is3yxJzuWUagj_us8Ea6g84mCaTR3qp94GssUDtLPE0MwboZ4ZeqI4l2xLR98kPN1PvOk9XZ1PRSUJgPeEzuPIxWpyaEUFdkpPotO6HH15U16cJLmRn7M9jGwTqzxTIVQ1Ul10WpwvjqKiWz4-dpHvGKY5lf6pBYW8ez2X_nqsxisEGSgQ7yxcOZHszuvk9Su7eAdq5CWjLUeMRAq4Yq3PfE57qxXtskvWJ4MOESRMNMJX5i_0Qu1CGkzw5rLAW7H6IltRnjMMFk2sL9L9gsTY-qEpNTOTA8ymKNCM5yEkR9AOGKOfIAKzXqrivdsasz4viY2Sioja_6wZ3lLf7vkz6Kxi17gzvizj5shtwPCAYU8bJdJWIYFmTNYXdzt-0fmfrzYR64I8CPQDsrhcee1sIAYE3OCccjeUhXsiCfLwRFHW2c_VMio19SIAIVhOh1oe67mQ_PL7g7G1wNZz4j0v4mUVYrHJ0ZZxRX0hXO2YtR9dqIoSlfNOVrLnBMPGdzQDePj2z3PrzHkWEoYCUPLQgroXBF-tnNFqTURahvD00Uy7_NieDiThkQQHI0WLcWpx7C871YeULroepePD4DvszPoNUgqcUeBBAIscpxmURh3CRvcZgg8YDzMFp4M-7EcVF0PdB8StxkTn1Ej6Kx9FdlLAxo6uMT0Ec_BDWw7fnzr1GkUIBBI_AI0issyT7n9nppL-wyjMi2A8ColM59CIJ3uEOF2CLgC1X4V_FOjnJWB5L_mvCee8OT4--59_v3VBhgOYmP6wGAFgAQ

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

cafe /

Resource Hash

6b58ec677d812417df13c4dc6eb5894d3fae7089a38ae90a8376ad6afeed7c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 4176 27 KB
10 KB 99ms
29ms Script
text/javascript 108.157.4.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Requested by: Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-26.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e3f8f337b0486e980312ab6911c9acd32a5cd6bc4e40c9a2ba6c96372d7910a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 09:08:46 GMT
content-encoding: gzip
server: nginx
age: 83126
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Z7Enqh8qeTpyIuUgjNOwW1qyNxnO41aG38aTrHWOnwqJbyf3Wr_SGA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4176 3 KB
1 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:06:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4176 119 KB
36 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4176 15 KB
7 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:11:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4176 0
0 44ms
17ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfvPCCOrtK5RoR6MW47vnr2UA2shcWk6K8sCicbMnFNpWJo3Wwgt1Dltjwwzq5H9f6Mziyh3d1FlfG0tJJzkURuL9rOg
Requested by: Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D0A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1&C=1

43 B
1014 B

68ms
67ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj85-i7ATAB&v=APEucNUamDewYZ6Mpw8QWADfhAUewaqCNiGXxcydh3Yk7JAnlx1BlcdlK2PreTzW0UTpqLQ7xZ1KaPV_UC94ql3S2D8uprK9OVr0GUxHScRPluPj6AWr1uex5I7HM1rier43L9SUQCjF8etq36x0b1YgYCiYExNarIQZF8_Myc2SqOFgxQKOlRI
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 08:14:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 08:14:12 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 08:14:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED2xcqMaLDPkpLBNLRNV61E&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D0A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmESVPk9fjB7MSAgWglUvAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIASeuL-TcS-ntZ7iuew8es&google_cver=1

43 B
894 B

45ms
45ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIASeuL-TcS-ntZ7iuew8es&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj85-i7ATAB&v=APEucNUamDewYZ6Mpw8QWADfhAUewaqCNiGXxcydh3Yk7JAnlx1BlcdlK2PreTzW0UTpqLQ7xZ1KaPV_UC94ql3S2D8uprK9OVr0GUxHScRPluPj6AWr1uex5I7HM1rier43L9SUQCjF8etq36x0b1YgYCiYExNarIQZF8_Myc2SqOFgxQKOlRI
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 08:14:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 08:14:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIASeuL-TcS-ntZ7iuew8es&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D0A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGTqglGT80WKI_1ucFxRlWM&google_cver=1

43 B
1016 B

59ms
59ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGTqglGT80WKI_1ucFxRlWM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj85-i7ATAB&v=APEucNUamDewYZ6Mpw8QWADfhAUewaqCNiGXxcydh3Yk7JAnlx1BlcdlK2PreTzW0UTpqLQ7xZ1KaPV_UC94ql3S2D8uprK9OVr0GUxHScRPluPj6AWr1uex5I7HM1rier43L9SUQCjF8etq36x0b1YgYCiYExNarIQZF8_Myc2SqOFgxQKOlRI

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 08:14:12 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 316665a5-6ff3-4f3b-9e29-06072d8c0230
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGTqglGT80WKI_1ucFxRlWM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0A3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwOTkxMjUyMzQ5NjE2MTU2OQ%3D%3D

170 B
188 B

34ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwOTkxMjUyMzQ5NjE2MTU2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 08:14:12 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 65e039f5-6646-4aa9-a44f-87abc77bc549
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwOTkxMjUyMzQ5NjE2MTU2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4176 41 KB
15 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN0Cv19MNnRzT3zkRNIzD_ZuGwM6bZ-2SKfRc5aCykBJFWOWucgplVsrWXEHX6wVh0LIb_viJy6RsmK6gB4eP3PpkI_VjKdoqBEoAzvIUbbbS7OxtRBdKw7HgJ3qK0mPOgeMG3nxs-ri11JEUhkqsoCYox1A&dbm_d=AKAmf-AZUE-5TR6O4-kB9Rrv12KisBQ51HtRafQRn3KsCjCuZGEEL6wSSwcouj_KqAwygXky-Uuo-Z9Yv6BHlXhfQSMPE84gnE-TjycZ_oi7xXR3Z0ji-6bxzG3wsi-4i-CZTPGTyaB87d_F3liKTVQLVBGx0i7G4iYudr8OttFQ2iIegmUCH9MhoieuQOzXp59qekhy3X84j8yOIVQoZuOsdEU0RCOyM5GmtvwsaOCbGFeZIesdF4maQVbk5J8tPfY8d-zf10y9FVaPkoGl-yG3x1IpcD1j6_wMncEOusPNkWisreCtemdN_Uf4sdea_uaucfUpbJ5xz_ryl5-7ZrqND6hiE-V2AlKtWvaW2Xtfj_Td83v1Xj3J26RxlvbbIts6vxfChT3HTcebokMW6mrq6LZtVPqZyt1ZInfHhOxsqcHEN6XECVhsjtPF1fYEW9_qbxXMdLLAn84zcoI0WeZ-cekovdBfF-V2X8-LKJ23gS5Z0WEOR11-XLwYhF0Sj_lE2kvOlpPRrzE9GDplGAwP1s42aUL54s0hsdHOrRJC-I37Z80twPDytSSRpjKVbFqcvZBT3RyPSeOAhafJAQcsy4dcwMsijLUn81PQqWcrpIOYbw-64rIs6jk4gqSHiEeL9PFLwg7c3y9zBKapS6jJV-whvZC6Cqx3PyQGKM_cU3aFjbBr3wb3SMUVG4GfW8kCHrw4lZI86oaxlQ53aLGr1Fxg6gnh0CmAJrEAMATiARrzlT8x41PUw-ymwn4n67ZyNAcUeK9madLY1cFCnxDnL_GrUb0PRpYWVR-7ZFWdnn5JodTZe3P2G8GedzEj_BMmnggpPBbKXqqsgc6S8lXucb5CfpWesVE1NXEmyChSLY02qcQ6zhpX1lDlXxQlMWRZmCQ1ZiaQkwbgMawFMccqDu482ytpG4rq5z8R2m336TQKcqufjFD1bzdM3wO6vTkVuhC9ofmw_45Uk-SiyCku_atJ5cx5nvMSOrKUmT-_Hpn5zmSV9XCJ3tMK0l6vdgJz7hfVo8kRhVYDi08qff-poHV7LRNq3UGbeIyi0B5EGVKGicBQbNqa-HuMbK-CnFBhnOpsx6VTqfJWH9yZKJAyJ-B8CNRZ_zReO-8nRHhA9i_yX2yYBfMP8vNcNc5OU5TyeaCkyAYjPlBbg0vCtkLbajw5vkC7g3P4P7-kxJD7_KCQbU-GtMdJpvqv3yoyv38Ivok0rMcOwYr9QbBSfDZhgmu770VGKR760t-H7gUrZO81JKUkhGwBj6yLVjLK-_19QejBb3TLXVWTQo3J-eXYp4lw0TuxVkga98qgSGYvGIi8JKG1MWTTM2fRMwMrd-iTmjQxjVv1OLtunguUYAgOiCqybaIWoxZpWzMcEHpnWvQYlxzHx1ScPyGbZtjvuKiTSJSKQq8lVumR50G6GVvWZBsw-GH1rDHBJHn-sLDjvXFXjNehGJ0_z9DazUaouN51ZeR-ZRNyM77hIG8yeSJ-EFMH2tDkPg_nCfepdjsdnXVRc_jc-dlRhfHzODE7laKVRDriM13bBLQRpN4gWK5WMr1ajPsEqFeGUVIL4FyY2UO1feDlRp5wnDbKK33_0ghXL_yOH0bOPBn7JyNM8wWe9pJXlBzq9unnU5CasSh48QUKzkwkwANmJs-gxW1S58BkGth06BqcDqIO9teNeiZ8RudjlPDYLdoeh_Zvm3M3NjU9s9-PeJP72dqx0vQmxtarUQn6CKueX9QvsC5lSMthzzLwN-_dYlo6e2QlIyD5Xm3R3nvCvyuKVsm15J4MLGpqaCxypId2rxJpv0XJDzrPjKIFP-_xrobbAL1o5sZJ4uT8Q0dWaUguIjm4wxXpZrcckzTtMRSyU-Vbzf-WgJmsKp_RGJpXqDeoCgvw_dbXErcylEDRyQH85lkzy5PfYiokqMpb2s5HANJwAHF67Tsgd1qpb8-j3bhyBkFUbP2CzInobDDWz-KlhTr066kNwDZZ2bGynrnM3FoMwUTMQEdJHmgvP7AoNvY2kuV0-48AkqA8qX5yfCQFu-MJX3uYXUU_jBnLcM99-T88xPQI45eP6YWYbZDYcPR0ZrxiAOVTL_Vz6frrl27Hp1B3JZmxw8ezbRCwtkxBpgGm-uFrUws4vMtNLFcgQVsG5ueEYGLXIOyWwVjBkM4cJw09FIvv8uQMiorUjKx8Gmnx7TCCjyDULjUEHG8QirDe8ovu8SINX17sbneoDvRlFfOhLdsWEm16j8j-POZOO_HK5FVsheD65-UGUl_2uCXO7ShY-7ZHHabsDgvyx0ipGSfqh3IVvtdMS0OxHqfl6E0GSWo3Torce_301VKkklZit_OGRLAcRnCEAHTHlSBf36pmHW4XOHLXBzRuhXzidqKnY6-2NNtCkQrlvkLhkChteSpWAAvHTwB-MetsNvX-mD1uUs4oiOh0Q6CG7gJixiIpvRCS9J07e6Ifs2OQIc3A3TOkcL8rL2YjYcIRgy8P6IRZewIhzX1RGIO3_RnL9J2Xpql3__m8WRu-hNMyYDZ6Yq7NenKFulm2u-0HPbBmxSYOKn58nVvpbLluu3Uc87oXMBNUSKNP5kxNF0ZcC0NT4mToPGD25EiGzLF-yw74IUE-eHhBOBoqVV29Byh4J6F0SSDkcZXPtjo4-dTvQtZWX6QeQ1k7xZtYBx1KvwMnKqN8PXs16AK74Sg_7bxV&cid=CAQSPwCNIrLMk-5_Z6aS_sMozItgPAqJTOfQiCd7hDhdgi4AtV-FfxTo5yVgeS_5rwnnvDk-Pvuff791QYYDmJj-sBgB&rfl=1%2Chttps%253A%252F%252Ftikytoky.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 15:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 15:03:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38BF 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:38:34 GMT
expires: Thu, 20 Apr 2023 19:38:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4176 106 KB
38 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 09:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Apr 2022 09:48:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 4176 8 KB
3 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWmwznIIaCuZ-EitXCsjqZbSeIgpL6u1fcUtkordYfUfFXUqFA&d=CnkAoCZ_4Iin4RW8qs2uC4U7_xiD2fDKL3wtDMixhkDxxdyQoOGUBPH0yUtd4jT0z8AyRxx6pd5zQ3vL7GmUJH83Hd1WBZYXpE1rwBvnumSUGT1xXlHQA0knOJg9e8qppuRvnXYEeOMQHWab3JCOeX82MjKc8P8V77YqEokSAKAmf-BNGOcdLZoQullDUesirt2pSM246LmvFrGToDxka9mCKywDxLLC41NQ5r72J3W8m4-S7FsfhS7slVHksCkNLVG9x-_sh8FwiDIyaxCod1upBXK_Q7ZuXOvFFJFox2-VNqcGINj5lE7cNn2A0mGi7ORu1izCTLF6UP4RwzOpOxmptJRsg9lcNPJfk9xFGIWHWoBt4TPa69f4F1TrNhCzkNMjDoXpHtlwv9ipXC3QvdMYA604Yn0ICaFwapXAgQwfG8uNznmHaR3K3NHgOv8edXj3vuUCb63qw3DnvUo7QvidcTzrp97dgzhaW17mM6_mHNsyJZZicCIX4emTbv4yGUDjJEQPZOidEwqzmKaxsAuL4Lb9WAly9KOjgcLDfL8RFqAwscQbFuVjvHt0y3e-ZFdWQV9HTR-X0T_jypeWho6ac7JORavM8Scjc4W33BuzYpkvjeerimNtBC4P0AIC-vr3Q7bzDDTXnFbVKwHA-wBt8ULBPlPlHcFqQpwP7w-4z524aRN3KkED1Y7OTKmYMY400WGwtGCd4DPOP4ze-hMbmv6SbAW5whEIEwkO2U5uWnG2doDzTns5t0gIB5BoFvctSaZpKWefI_VK7lRjPcLIXkWSkOnm0Ihe0GA_i7lwfUMODVqb7NQ0L4BcLnTJQqtVms4bmxa0VG-nYHeQiuYhHI2kKSBaDMm8_WlisHJb2YeWUq1R0RO2dAt41R8mX28pwo6oJ4ULbWl81nZGkaAoBY7j64e6Y3CsHRCTWP54P751N-PU8L510aob9sIzEne3eLqs6iY_o0YHXc5K0mV1YE5krtjZY8jWpKeWJPnMX1VZvSSz5z6pyqaZp_ij_EUxJWnh83MGptQFfWLFGGWhhRb6DIGMWiA304Y8JY6d9dsaLMMsc1hOC1sWRqVkqO2I29B2jgkNUSLt4WNaqdz1pPrVJRSXDvRTQZfoDy_fsJWNhsZGisx-XtsnwE_XYxOpKAdilkqFEsftKDVFLnhYBnhPPgy0ahXAaXkZX1d95s0vkw7Q2QWUCNNGJdWCbhxvyTVZZiIEkyUkfSOxeK2Z5RSB1n-Kh5q-zeKxWYcLO0q-Bk-RX7Lhq5MARPHrSnBjKzBs5kYuAmMidbm7hAqp1CWaCuSHcKQVsFcMCZcX5KjAnYysqasugqfFqyNaHjT_bc2iCJKQabRxdshmo_6s5BzBKqnS3aaMdZz4BIL1CHMa75xv_s6NCoPYyB4p0JN1K4_iQXRV26u7tKmYRQ8cFLbpQkM1jWV1ymGXfWWBoxDqYvNhpF0wMZK8VXEzXKaCZMrX5NYXHYTRDEKelwJNXWm291iaC_sr1KEUW8JompDmWVSsM64Keejhdc4ZagBFB00SM5-ei351oaqle5WgIpIVSIT1l1NsYXvfVEGjwyiYez-h85wXzZdzslFxPfjClsY60aZwnc_f8gE9281lR07m_n3f3DYvYyTk7rh1oZ6yPij6JVfdd-I6JC4SFfWzpZ_2rG_IBqo8sRSlzbfadMyufbBrk5Bl7PxpBfmRwNipEkXDTlH1vm_V1tPoOcisaHhPidCTK91fokPfc0md3dnhnfbptF4Jqpz6RZ8X6oO89W1X2L6hR5dkLJnigFP1RM0IMBHfYXv64wyfKN1yMSjyV3B9wREQwWIBU6rCIPGVeiL1oYEG9SRI1qA0UJt78LcYalQSSw4GUd5iH6ELcBNaEYtLh_nVyly1HFmuAAXLEm6TQvbm67IHCW2AcXrBDCgB7UofhVh9bNJmJZ9c3fyCYx3CDZ1rA_i3BL2EI_dmD3S--SQpzJXPCN5IOV11rSCzhRbJCNsVYIYRPu0q2RvOvRxjz2Qr8I3quG3REiOutQ--UiqqrXsC3Ck3Xdbsvcn8Qr9l-jgXG3k9bPvp3ksbMAK7bOHoF-t0imUlaqsbYeQH8US6SN_FxgeGDEN6ar3agtJemAd0lz4xd1BvKNCv6p9CQHECgU75kxhJqaz_48xnGX7WwTP4H-eIBZOOJZPV-1yeFFSCQdsUBvDRne63-NrIFGliB3Ru4Rn6TrNux1Ki5U08ynf5ZkB5qxCNH0Kj_ZJg5pJqtKg_TMezHK-nFWilcQWgIq9rp2S6ucW-G9QvXIOeDARpP4ib1PFhbj7H20L1f-s_vv136mHz7GQL8hHfC72DU24dMHcP3AvTRDcyq58_Zg8_9Dbt70UkUX-z07ZWjzbpQ-vgGwE0gWsM5Hdps_eJtTzs948fjS09SPCO9FHd3doMmZMQJj0LzLsHWQxbkmlcq3dHfzwceSM5ops7VurM7GrL31F8d9yP0s-n-6pMsyLI1JBJ42DdNpbshLrebUfd7LLDm1Mc4BYhCOW1qandZQ8YvkTLZaJ1fKJqXNuMlwWrqcZB56TfH7Is3yxJzuWUagj_us8Ea6g84mCaTR3qp94GssUDtLPE0MwboZ4ZeqI4l2xLR98kPN1PvOk9XZ1PRSUJgPeEzuPIxWpyaEUFdkpPotO6HH15U16cJLmRn7M9jGwTqzxTIVQ1Ul10WpwvjqKiWz4-dpHvGKY5lf6pBYW8ez2X_nqsxisEGSgQ7yxcOZHszuvk9Su7eAdq5CWjLUeMRAq4Yq3PfE57qxXtskvWJ4MOESRMNMJX5i_0Qu1CGkzw5rLAW7H6IltRnjMMFk2sL9L9gsTY-qEpNTOTA8ymKNCM5yEkR9AOGKOfIAKzXqrivdsasz4viY2Sioja_6wZ3lLf7vkz6Kxi17gzvizj5shtwPCAYU8bJdJWIYFmTNYXdzt-0fmfrzYR64I8CPQDsrhcee1sIAYE3OCccjeUhXsiCfLwRFHW2c_VMio19SIAIVhOh1oe67mQ_PL7g7G1wNZz4j0v4mUVYrHJ0ZZxRX0hXO2YtR9dqIoSlfNOVrLnBMPGdzQDePj2z3PrzHkWEoYCUPLQgroXBF-tnNFqTURahvD00Uy7_NieDiThkQQHI0WLcWpx7C871YeULroepePD4DvszPoNUgqcUeBBAIscpxmURh3CRvcZgg8YDzMFp4M-7EcVF0PdB8StxkTn1Ej6Kx9FdlLAxo6uMT0Ec_BDWw7fnzr1GkUIBBI_AI0issyT7n9nppL-wyjMi2A8ColM59CIJ3uEOF2CLgC1X4V_FOjnJWB5L_mvCee8OT4--59_v3VBhgOYmP6wGAFgAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:12:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 4176 25 KB
10 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:10:53 GMT

GET
DATA 200
OK truncated
/ Frame 4176 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bfee47a0241b375809588927992e15e4456926a46784808834bb42170b5542c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 38BF 35 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 06:31:25 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9856549491375726520/ Frame BF8F 13 KB
4 KB 27ms
8ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c878da8d44f6c1ea3d96d6b728931100307c19e3734cadee267922ab8bea8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3747
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 05:00:58 GMT
expires: Thu, 20 Apr 2023 05:00:58 GMT
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4176 0
259 B 51ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiBsk3EBJ_FgQ0U5VAk7KBvOO09qSrUkl34_2IgxY4v95XR0SOQvWvWrX4rHdVP8uQD0Zuz3SWOeazYTlQLko-KcXIp-eDWYVXF3k-iZqQRq37e2jX2DXytIuwR3bZqQ&sai=AMfl-YQKPYVASCs6lHqYZQqR7OQo89N6K3y4NEzbjgeEdug2XrL4awgf4_XrzA8N5ayWs-zKQrNSA2zqgGP4-5878FFS-Cp5Iz8x2AWiBhULVAvAsNOWxl25kvqJtWyuQb1S&sig=Cg0ArKJSzIxrXP7lntq7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&cbvp=1&cstd=100&cisv=r20220413.85466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D55 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:11 GMT
expires: Fri, 21 Apr 2023 08:14:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 d7f1c17162b23a1997e2a6527b94d5e7.js Show response
s0.2mdn.net/sadbundle/9856549491375726520/ Frame BF8F 65 KB
17 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/d7f1c17162b23a1997e2a6527b94d5e7.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89fcc0375149a3f29180c96159cca98bffe1e6bbb2ba93727628c90ccaa91db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17295
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 05:00:58 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2D55 4 KB
634 B 31ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 07:30:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 08:14:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5702 8 KB
892 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 07:26:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 08:14:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5702 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:09:44 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 5702 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:12:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5702 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:08:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5702 119 KB
36 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5702 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:05:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5702 0
0 32ms
15ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1KMs1JqHxucT3yzpVVTC2chI9L3ucy2b0PLWMK2nPTAxc1xG_tSxEKPA8TpxxoeFCk6g1
Requested by: Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame 5702 30 KB
13 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 14:06:22 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 2D55 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 07:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 07:10:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D55 205 B
519 B 29ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 04:58:56 GMT
x-content-type-options: nosniff
age: 11716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 04:58:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D55 604 B
695 B 29ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 22:28:29 GMT
x-content-type-options: nosniff
age: 35143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Apr 2023 22:28:29 GMT

GET
H3 200 e5a24b3fa6e6f64f6058eccac5035ad5.png
s0.2mdn.net/sadbundle/9856549491375726520/media/ Frame BF8F 77 KB
77 KB 9ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/media/e5a24b3fa6e6f64f6058eccac5035ad5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ced12906b2c77bd7f341007b8f4fce8a5d56b5309775dd4f15603fc48caf89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:00:58 GMT
x-content-type-options: nosniff
age: 97994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78576
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 05:00:58 GMT

GET
H3 200 a9aa291790bec5ce7c83bf23abca691b.svg
s0.2mdn.net/sadbundle/9856549491375726520/media/ Frame BF8F 3 KB
801 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/media/a9aa291790bec5ce7c83bf23abca691b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

065af50a0a8a92ed62ba8eb6d6a9d1be377de55f95c7a23c759fa96a52095cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 05:00:58 GMT

GET
H3 200 35e20e4764bc332ae2f4273125898061.svg
s0.2mdn.net/sadbundle/9856549491375726520/media/ Frame BF8F 3 KB
1 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/media/35e20e4764bc332ae2f4273125898061.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9250d462b16ea25a8bdc0b2a5d81f22945bb68729cec3fd60964409961e9e5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 04:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 04:10:02 GMT

GET
H3 200 4a3c55aa330e0a098bfeea49d0cb81f9.svg
s0.2mdn.net/sadbundle/9856549491375726520/media/ Frame BF8F 759 B
459 B 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/media/4a3c55aa330e0a098bfeea49d0cb81f9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5bfa1ed61b73c3d972d5afe73eec2f8750a9570adfabc3003bb9f7b89a049f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 09:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Apr 2023 09:00:08 GMT

GET
H3 200 3986f8998b9de996c13efdbf72a05970.svg
s0.2mdn.net/sadbundle/9856549491375726520/media/ Frame BF8F 7 KB
3 KB 12ms
12ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9856549491375726520/media/3986f8998b9de996c13efdbf72a05970.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0007d23baa268a1cd61074407a65f5d2850f4f78a77d0cf141a0c0fdf8fc403f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9856549491375726520/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3072
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 05:00:58 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 296ms
101ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=tikytoky.com&_ss=uzpfwjhxe0&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=708v&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ftikytoky.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aeec8d433f1f0a47d14736d4138ba01480a8bbd9a3d1aeecbcd830b291d957d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:12 GMT
X-T: 0.258
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 21 Apr 2022 08:14:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4176 0
26 B 42ms
41ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiBsk3EBJ_FgQ0U5VAk7KBvOO09qSrUkl34_2IgxY4v95XR0SOQvWvWrX4rHdVP8uQD0Zuz3SWOeazYTlQLko-KcXIp-eDWYVXF3k-iZqQRq37e2jX2DXytIuwR3bZqQ&sai=AMfl-YQKPYVASCs6lHqYZQqR7OQo89N6K3y4NEzbjgeEdug2XrL4awgf4_XrzA8N5ayWs-zKQrNSA2zqgGP4-5878FFS-Cp5Iz8x2AWiBhULVAvAsNOWxl25kvqJtWyuQb1S&sig=Cg0ArKJSzIxrXP7lntq7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=240&vt=11&dtpt=138&dett=3&cstd=100&cisv=r20220413.85466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 208ms
22ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 57511
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ff4aa306de4915f-FRA
expires: Sun, 24 Apr 2022 08:14:12 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38BF 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWEzEVBJhYs2LApb8gAf1roO4CAAAAAA4AeAEAg&bg=!T0ylTAjNAAZvJBiFTyQ7ACkAdvg8Wj0rLtoEIx7USN7F9ldW8pDiBRe3n-QQTzNCodGQts56B_CYmgIAAACNUgAAAAJoAQeZAuV1rNK102ZADhVtT25BHABcBt2aZI7SpnhgryKfjJSAf8asa5bk1I0UDg225fz1GAAQSkbrg2IISnZHpCxcs9lNgXp5gHAkyP7DU_eOPXQoOnHu5wrh3PFvWfF6JAe-BQSMqMVE6t0oqbseEprIQDpB-oLkbV5pZAvsJMao_-9FmEgZ2vrRJm2XSgXwhUurENf9o0yN4GKoo6vtJ7wNmHUbjpz1ILDMoRsaQUw8bsRIc05eEp5kjxSimOTS-8n4TJr7OwDyIT82S2qpF64goguWE2aHGvF-fz2r8LGXkv4mmmbg8t5nSaLyJj3FC-owaddW_E8jC3fhKP647yD_k2qEXDOfwFqhu_73C5LvG4DaBx4VjLauQjyRJ7JiqlDCmKsESBZu8ZkkSoe82euLhFZjYWF4jydTTt5bCmPJrdbmD4QZW2YQaJ8CCdEpM4RGYrmGEyx95cgB9aVRIYguU01pbZbdSRptE3Pqf9vQiWNEiS6OaYL-vV8akhhnnLXb0hlmxJoCsf3uLxSTpiOLoIyf9fdmM79BAgDhc6CDVv0l0Dz69LDVHD6WjWi2jIY4GvgAC6HXvcOoZUgfrNX6vdtgA7X_xV2VHB4Ga6qFcyFQVpXqMyRqp8Q5cBDlqvJEKogebtnBfkmRQ6XKi_22BLptj1vQKOTLngFM-Cjh5BxG7s-5UvAOjSFiTXjbxXoIaJdvL7pH-LgFBD38ICaGGfMLAQKgfdedWwX7JXWD8-PiMqr15w1r6fGGCipCINwkqKeyEjpj6fBstY0GU0xUlrQLHQutXbvzk0XW0it0JzRBew5VxuaurCgsnib3pAxIYEvlGVFckjBSHOsmChnArwPIuSafh0UWwPpV3hJDF-JoTCd1gYk4bf6WbBh4cuSomJ8hQbkQN9iynzIrc3Q-e54ZMLlPUTVJ-b9RlIPNMGoQNiWySlbeA_6GF3JoCofnS8ZsbcVOSqiQD4bpuYg0LB6EH4HQIag

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 23C7 222 KB
62 KB 82ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Wed, 20 Apr 2022 19:38:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Apr 2023 19:38:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 23C7 16 KB
6 KB 93ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Wed, 20 Apr 2022 19:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Apr 2023 19:38:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 23C7 96 KB
29 KB 94ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Wed, 20 Apr 2022 19:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Apr 2023 19:38:21 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 23C7 5 KB
2 KB 98ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Wed, 20 Apr 2022 19:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Apr 2023 19:38:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 23C7 42 KB
13 KB 98ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Wed, 20 Apr 2022 19:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Apr 2023 19:38:21 GMT

GET
DATA 200
OK truncated
/ Frame 23C7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94a41c2dd8a5eb6a616f6ebe63a07f65df68ced0d65e6a6331f465ec0247ca4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16497488104368884305
tpc.googlesyndication.com/simgad/ Frame 23C7 52 KB
52 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16497488104368884305?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk5MIIkZSCJrKni2Mn6twB0AlCNrw

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc137035b43898c143649f0996e664a981ec563b203869ff183e0c53faf03eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 10:51:19 GMT
x-content-type-options: nosniff
age: 76973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53650
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 09:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 10:51:19 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23C7 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 47664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 21 Apr 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23C7 295 B
319 B 12ms
11ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 9038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 22 Apr 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 23C7 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo3kxAh76pLBqVhCBFu4ByKW44d2X6AhdyGTL8bMVDwgrzRKsMRim11pSqelHn5_QriAEjvms8h-POvHBnl52Dbj0HRQ
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23C7 0
0 43ms
43ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Camy6VBJhYq39CfS2x_AP6euNuAainorhad6R0ozXD9601qudHBABIMb71nlglYq2gsQHoAHJ8pLGA8gBAqkCTxYg8cUtsj7gAgCoAwHIAwiqBOMBT9D-k_MNaZ9o4oQ3cUKs5rW8EwJhUPQ38VuuceRz6WrcFG7HjFxuGABmz3hdVYAmtkgviM3ifPD9vVOpWnmuKPrXDwfjc4ZQEY5rgIT1vm-lfV_N4g0o3545-bhqwi9yltNzbNwGk9-eTc0li3gDLLOBhsmZPFdrxTsNnfs_q-Ny-asImEuFlfduTGDGIgEo670TRVVMtcXYVNM9R2RlxAlgx6npck76eDfo0E6iAJBfZdIil2sIIu6K_WH2oc52J2LMqtktpUh0Tol8td7LXxj51LRGxxAxVOfr1S8VkOER9HnABKvfytf6A-AEAaAGAoAHn43tOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOwMNIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi00NTczMjMxNTUwMzU1MjIxGOqqcg&sigh=7603CCizurw&uach_m=[UACH]
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 320ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0&t=TikTok%20Online%20Viewer%20%E2%80%A2%20TikyToky&cu=https%3A%2F%2Ftikytoky.com%2F
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 23C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

103ms
77ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F8D 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:11 GMT
expires: Fri, 21 Apr 2023 08:14:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 3F8D 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:12:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3F8D 8 KB
714 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 07:29:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 08:14:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 08:14:12 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame 3F8D 14 KB
3 KB 81ms
53ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.css

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 19:38:20 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/ Frame 3F8D 347 KB
120 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0900693ba4018c6de9126b543a8a3c50080eb74d1ed0696e5cc8fca0c0c99513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122258
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 10:38:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 19:38:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3F8D 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 08:05:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3F8D 0
0 16ms
16ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTP33QHMA6GVzVkA5YJkmqbmIjePtEojATrYCNGqWml5p18tX75-2nv7I_jBJhsNDECmRpUiAbbuaemIEenO4r852Ecvw
Requested by: Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 3F8D 0
327 B 605ms
223ms Ping
image/gif 2c0f:fb50:4003:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l28q9hkn&c=2230698568686&slotId=1115349284343&qqid=COHuw4_bpPcCFSfBEQgdmGYDrQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4003:802::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3F8D 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 129977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3F8D 15 KB
15 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 134063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F8D 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CfrVvVBJhYuH0GqeCx_APmM2N6Ar0uZjmaIqDxcbtD42A5LbrAhABIMb71nlglYq2gsQHoAHc-Kq7AsgBBakCTxYg8cUtsj6oAwHIA5sEqgSWAk_QPA4_TbaXNGy5Ha0awQbxcg7d_Gj-D1ImEbNDOkK9KcGeqLbNWjMC-5Kg-V32dT-J-IeLPQIt4tC4Vp9Ud6rbj9MTHZqfA8DHX4Xz4o2RdZycZ6vCgEuEO8s2cJG8Bn11qrfl_lkNlBnbaTZ08LeS-LlHh1S5eiAnxWeBxbTP-HhdZ38vEL34gTLScP9y_o5mvHDPtb_PTVCOFXnfgCqFFwRG5T2SYspLDXA4dY6f3wrL4iwqUsvaUc-2LaG4efZou9OghbrP4_DW73mgVCE6GW69E201fwxuKb08Y3dDsg1NutJdNMIPATMNvHkrpz6CDnlHQQ_b6O84aEFr_kzbaA3kQqnFdieELZrVkDTaheFQsQ8awAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1650528852799&ai=CfrVvVBJhYuH0GqeCx_APmM2N6Ar0uZjmaIqDxcbtD42A5LbrAhABIMb71nlglYq2gsQHoAHc-Kq7AsgBBakCTxYg8cUtsj6oAwHIA5sEqgSWAk_QPA4_TbaXNGy5Ha0awQbxcg7d_Gj-D1ImEbNDOkK9KcGeqLbNWjMC-5Kg-V32dT-J-IeLPQIt4tC4Vp9Ud6rbj9MTHZqfA8DHX4Xz4o2RdZycZ6vCgEuEO8s2cJG8Bn11qrfl_lkNlBnbaTZ08LeS-LlHh1S5eiAnxWeBxbTP-HhdZ38vEL34gTLScP9y_o5mvHDPtb_PTVCOFXnfgCqFFwRG5T2SYspLDXA4dY6f3wrL4iwqUsvaUc-2LaG4efZou9OghbrP4_DW73mgVCE6GW69E201fwxuKb08Y3dDsg1NutJdNMIPATMNvHkrpz6CDnlHQQ_b6O84aEFr_kzbaA3kQqnFdieELZrVkDTaheFQsQ8awAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBNgUAdAVAfgWAYAXAQ

Requested by

Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3F8D 29 KB
15 KB 64ms
44ms XHR
text/xml 142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B00X3Fca6dplRvKR-5KCUPtZjYQULB6-HS-Yliky3MGIF3ZM_sHqDWRzL_m6PCba4Vihd_9gUitxfohOgIJIVmtZI40Q&cry=1&dbm_d=AKAmf-Dj-1JaJJCQGJSPhesQeSPCgJ8DbI95MfNRpEkUKwxmQhqurLflsLhHqzKsLAbOcKrVGb01eq33ApaQtuzwmEYHe1akbcqianPi6489oINjI813fn5lbssrs7GtJewKAQt_CBzOiq8oB0CUuUcURcG4cQPKSeQaoT9zW24p1jsITT3b2Ya4lRycsEyPypf8LVbilRYnSBUi7yFm3_EURKWb-fvCjNr4DEeuYbj1MXls6VOlQcu2ubBuA1J_kZqM4eCt5fQFlF_5Lu5NiH-afjpJEEZQizfsHHeS3aq4MH-X2ZvM7FvE-wGDDthvdkw8Iej4vxX-lOg1C3TQtqAZHJfMZ5d5zBvJWuba5VzMYyCcFdjOBJZAFnbKK0wYeTyvpK_2eUSyhJCQkaVTEF9AIqofGr2ctehJFMdpr0txQhTYhxZJdFgYhrr4_QobRYOugNCkzlE1TAoryybXdrx2PhueT48iI39hbwDvK6KhjwaTeZErP4e13uTg9qFfHYXhCY5OgPSjWvr9ci42eiA32Uorokl7_BJxCZooj53c4AFR_qyrSU9ma9Y6-mTVp-7jvQei0pf6ZbAZ_GSe_Q1ni3-_6uR3MuOdTeDJKePanDpII0lYZnjo4xf5QXcpOIQgzrXzL7nsK-T9rsvaDS5xy3UO3uk5DXyEsT7BUKpPTAw5CJrGGaFWRvV-QZEjsm18QMhg_CClXf6U1ngRn1DyeYzqN7W27QGYtMAYlU0yCWnuW1-o-HDfRe-rWy712N4Tq_3WW-ZIV7IiMa77VqnxLUSl54uy4zOV7kFLabh0p454eN6QZQU_01bPGRgWwbF0d6ffPnuW6QJ-eidtttODhVXS2dsx9vLZgdXVhfxENhzKoSgBmx7QfeMGWbWW_3_PD3bsHTLT-VqFyourdGP5drIN3Lf4RGOgWlTuJBGDGHq9-3xte3RoyUhsqhEyfOX835Qwxy5919v053HV1Jgog6WHOAq9DflwXNGcO99JkfRt0NA0qT10gMsbebTeDDQvWa2MV-gJuquoGbXQg3bG18GXO5Dn5vk2WvhD9zyFt0uLa3AO48dlkfW_lh988UDQZYRNlf0otiUPI_2lFjerKHSAnx9IkNubqiywOT83b9wGYlTpF5mYiJV2C1Rw62ys5h5XYFrUqR83QVRX_flmy_NWBI5CIcfPnpiaUSY9C1D-QuEV_sXjOXzQUf_TvxyrH3KZFDd9sw7NIH24wKZtL1P_OUiixA5CK6npNwEHYHb2w4rQgLTn6YqjuOoNiJhK4oKcF8t57zfBTb-lqvHwCp9ZIJxJihnI4JTgsAagDsfqFiYeay2pdIS_FfewT5AWbgdyVm02TZWF6AnSuneglX0o5Ait_aJmwM4XrFMNQfbj3VQ5fE18Y_wcj4kTSgVun0HGiNpq1yOjeEGryKqOqebNbp58wPZCO68MKhCTZ0x0kzSWvPZLSu4OsvcfYFZOp1EwNW0ltm9EOhRfdRs1gpkGOeS0RZvR8QeUEXBHrZRrMs6USdBvs7uQR7qLOYL3dUjF1g3d2Bc4ZQnAbiPcPi8YUKxx3D-GpwjdfokXLSFcfgtAe-j8gLvGu7eYRls_bZb2b2OAc6qi4CKoWjiAOGsAOngSMy-xXDMbHtOq4QLb4gmKZkKkW5RPLfujt1EgfJBpGeac20Jr4cQTuI3hzh5jl5zfK67fijJSGO8xpI3dsx0uq-YX4-0JvMaj4BqgkERdNb8vrsG756jdEEdobdPcZGB6EFER-JZb5A2R4mk0f-6BGMGojaoh_XlWCyNCu9wtN4EibviS1Gj2SXGdRcDYKjT6uhXiHEEjJYv3nRvHAw-2DuvdUbrV11oXXZ-OoB5s78O0S2I5WN6ZlTx3L_YIl8dLPT0YrcVAD36c-O0XsvDdPQA4PQnMsBGWDLHhHOgndRnwYVppyF6o2nGd-gKyO_6_W-x9O0iGGXZO_CAEHZyNa_AkizuzkpBQXYXOEKapi8lGGoqEyy6R2ef3vqvfuWdW_ZoH8nyzIj4T3ZsfvS5R019h-Qi_gvVlQPEGEXS8f2TMeslDG3WWRvmv3IBCOX9SFPH9K_7Cb3zGYwVkLp00icwVgVBOTGMAFy95r4iaY7ISRbSo6UWJ3N7rBfApS5xS0dRMa1w0fw_5v-v80f86qgZAtAt9unTYuDyBtaG7ZBfgUWOtmJShWgBX1QIoNMqpuaflsiVeurOPo7ZpyZkz2B6mw6MkwDaHGFPfpkFVOnN1F0zfYnS1BakGfM7bP4ovJY3JF9QvLktEeS-Itu0dZvJC9vtQBmkLX0mF36Ai0klewtiMPh-2z1HdM1N0Nbu2_AJ-rvi_FVUbmqe-N9mLT5PZdjnKO-azQs-Cb16IDMjAMVCOjM1GpDL9n1gJnLDs27V9G8-p7nzMvWekAAviMC-v2jDCfTwefyxibXXzcWVZnrgAUhq5Z3TEHSlk1O6azYB4eox0GHv22gm0Pb-8P6XZFu9haQamX7L1FS38t-lKXuemAkKbbKy-PA1boQJKl9iAEQy8auqW7DmG7dvFFeYeNNi0rfy1SPgOP58mGCap3kP1I1kNqXpvBaA51Hno1TehxpNwn9qzfHnKRJqcMC9CE8xqVE4W65n01r2RPXZpMTIMAiqp87e4pv7KfHc951waaC5v7WdM9I7HTHiNjBmkMA_-PnL0xXaN-VwhV-cz3ceSSOZMBOEgZ6LNJvK_VNq1V_9RQoxrdSYwmA95AOe-z73ZNsBo253g2NBDfcEDO95jO66-TkhoFsHza2Wm3MQeGnL8YhBf9nbO4i8c4qZYzaUKA7MZMUvylYoTcbvLfq_EWmeyq-vL0G9afUejhVUlrsoggfOnZNHd7wP0u8OjG3JawIYfhlx5rUyUzkpVkyNNvo92E0wx322jwDc6alda5iSqfI4qiZsSgSW6yw0tXYuMtbUNEmjpex7zrL1Cf-MLtbbiynwpiN2MRFOk6d2uttEPP38B6AZSykEn3g-4ElWv10tHQU292B7iJTYyRUAl7QIwigeAUsEstVLskQCuALDRucevA33PnFp9mDC0oIyTEbSgbn-PxWT4m3Gq4iEVfA1meqx5DsU0axV6fJFwdGiM6FtZY8HskKQvYLJgM46DnkRa_f7oja-DnZyRK2qeFZYthxsmawiQfIjq7Ih1LNrKpaxKQj6CA7YMK6tqtmA3rn4VVMfMuhdJcGH61fH85df6GtEaGCMXOIZlE8K_u4A6h2SBSUecUQ_2WeivCdd4tTOQA5W_xnju-8R5O4FTFCqzTPhPaNLvoxpQmApNeqWbwzew2QcHyGPH2coO98GfK4EegmkQEVUxyuxxWH8AjsPV7VaK9PR3O5iXg3_-q18t2P0GieQxdRf4jNarqi7XLzdAwVRXUoc36nNVyGkUcKi1ji7wXY3CVo_JSIQXeu1OrxyBslqhJj5wmaaooY1QQgOPQ1YPf6vp-h_w-surx9bscWWg2W7cTZjCC4SEnRkqK20KtnwNYRW1zZFhpl5yuFPcQbdjyZwDCBwrovHDvSSBEfXx4hAkdjGfUIQGPCA42JvISfY9OGL89TMSt8fIYGSfskfI9Ghexkha&cid=CAASKORonnoLeINyGLQUZFzXaK3xUECf0fbvoQwwuWltYmhBQQgekvW3pQo&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

cafe /

Resource Hash

32a027f69b9edd223554d3db4373008ab55b4d0d3dde7de0f6c20d07eb8fc6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15476
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F8D 0
0 47ms
47ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C18haVBJhYuH0GqeCx_APmM2N6Ar0uZjmaIqDxcbtD42A5LbrAhABIMb71nlglYq2gsQHoAHc-Kq7AsgBBakCTxYg8cUtsj6oAwGqBJcCT9A8Dj9Ntpc0bLkdrRrBBvFyDt38aP4PUiYRs0M6Qr0pwZ6ots1aMwL7kqD5XfZ1P4n4h4s9Ai3C0GGXJVCzaEhlo76OxiRbd53Yc64L2pd1nN5kq8LER4Q70jNtkXADCDNfvOW7rA7hGtupw3cFdJL4TkRyV7t61SQwZIHFQcwNe11nii7lvviDx9GF_HP-e2V1dM5Hcvt8MsVnTkfOeIE3pEmbCWECiNdfwwZ9jobfGsv7LBJSAnbwzrMmngh4l1-202eMh_ED9tFvGWPSU7Lcb3BbtT19zOfAAPvzTngReUL3WUO5yTI3qBtASiLUnbyF0G9jD9D7CwthMsjKbttkGXFJlPPtE6YtlMMrQNXIas4qkpFmwAS2r6rH7gPgBAOIBaiKlao9kgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEP2jCxjfkeDDAdIICQiI4YAQEAEYHYAKA8gLAbATzaHjDsgTr8jN3wPYEwqIFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDU3MzIzMTU1MDM1NTIyMRjqqnI&sigh=roAvo68lSjI&uach_m=[UACH]&cid=CAQSPwCNIrLMkQtstRu_qII-_VqZui6qhwTqhaMn_MmZ8SOGFNRqIHT64e8JVYrmJ4YQ3AfO2WSlc7E24KG4bfFncg&vt=10
Requested by: Host: a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
URL: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3F8D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbe4da7d1506c27eb95da32317a08550e05e5dd06bf366fb06847c8d1dc03e60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 114ms
107ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!91uy1rl1bu&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Fri, 22 Apr 2022 08:14:12 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F8D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:37:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3F8D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

45ms
7ms

Fetch
video/mp4

2a00:1450:4001:5e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/27A4A3F281BEB70B027765AC718D7773B4BCD91D.3ED08272CED21B7E591516AE994EB741C794733F/key/cms1/cms_redirect/yes/mh/w3/mip/2001:ac8:20:3d00:1012:1167:d7ed:3661/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1650528516/mv/m/mvi/4/pl/49/file/file.mp4

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:5e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:13 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1599486
Last-Modified: Thu, 03 Mar 2022 08:20:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 21 Apr 2022 08:14:13 GMT

Redirect headers

date: Thu, 21 Apr 2022 08:14:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/27A4A3F281BEB70B027765AC718D7773B4BCD91D.3ED08272CED21B7E591516AE994EB741C794733F/key/cms1/cms_redirect/yes/mh/w3/mip/2001:ac8:20:3d00:1012:1167:d7ed:3661/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1650528516/mv/m/mvi/4/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0&t=TikTok%20Online%20Viewer%20%E2%80%A2%20TikyToky&cu=https%3A%2F%2Ftikytoky.com%2F
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A6A 23 KB
9 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:37:31 GMT
expires: Thu, 20 Apr 2023 08:37:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A6A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 06:31:25 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 150ms
150ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0&t=TikTok%20Online%20Viewer%20%E2%80%A2%20TikyToky
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 206 file.mp4
r4---sn-4g5e6nss.c.2mdn.net/videoplayback/id/b4a61272071ab52f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682064852/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3F8D 2 MB
2 MB 16ms
6ms Media
video/mp4 2a00:1450:4001:5e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

50e5f7a2bf36c8cecb7fea9d9f004098c74ccacfbb9f89e48382e03e0396bc60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1599485/1599486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1599486
expires: Thu, 21 Apr 2022 08:14:13 GMT
last-modified: Thu, 03 Mar 2022 08:20:01 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A6A 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B59DfVBJhYr3mM5Hm3wOn37_YDQAAAAA4AeAEAg&bg=!1dal1pLNAAZvJBiFTyQ7ACkAdvg8WsUpDTWzrY5aT4Q6YTMVQcr9JsGBwZWrAmLlT9TnVX8ByYoy1wIAAABIUgAAAAJoAQcKABgLqGfn9B0KgDm3ggrgkcxp19lomxRYEz-ZAu6u1_llBM0tsQo-OFVLR2d-w-Ni20Wmhey5vVyZL2clJzj0YwgAUhduFKLuFT99PoNDG5qXuyr2xvL-G7sKyJzHwve-gyKr5gsJPwJyF9Wm7rqjqIrTVUhlJCuHOBW-PXGGcEDAM_oWGETc1j9s9zSvXHSEjZ3dMYK_Xhl7GxtADQVVmGRMjfKmtJYQLd4FIJ00MVT05gBuwj4GnFB0FwdwSalgz6s7F0468WD1VxeI7JnRS3Q5TIFbhjfVyp5-hFJszjAGu6tIE8Ua9pTNTZBNp9dYE3Th8fqQa_gXdA1Dmzmu9-5UtIbt6otvXFk_HdNt1VCoLIiu-dE1C5VIOJy75IGHTdT_-lcyH2SIo-BKci7NlDXQbdrUaSkTjwqx_KyD5I3GfNmXnBNRhrmfBGTZWWT_iaU1gaFwSWrFcnuWj8x4-tMdt2LDbbfH_jEQdj0ivYrhmXlczXXrnbcbi1MDRL36eXZ9vrdfhbiqvDXkKpefSCValDUF0U_GIQOMumyXuNIjr26l37s_s_3MNKcDUSSFxOiuKB3vmWRWRIvycbtp8S1sai-qdiWysZ_xv1v0ovjtkwS1fj2W1HRFA3hHi5YAxEfwdYxIGfNfAFc_iqBOaY8eznHV_85TEE7XZ1LFkJkp-YUHBWeqiBTQL9kjLG7C5GoC22rlxK_QwSP6SeFwrDpTZE7CG8FGk5raCXGECJVzSWBlffSAQxQsRb1EtUEPIU83yEYwW3pA8BR8clgPXR8Q8dhoUMEJyeLk0XQJ7GjsbqMlVMgtp--nA4WDeakVhsjyWnHG2nPYOHzYe-7VhcD1T_4H5goNYV1ut7ziOHTxFZOtvQfe5KmVIgbSwavhBiaE2GvXidtPXLH_z_mOQNFRQb80CElmyNBKFmi-uqfNzGPwNt-dssV0RcnuPBrdaissAxBgANBIelRT6Tpdpkj5ZZHZ3zktVMPNeEAL0vqx6n8txtk2MIpod7k0IfSWvMHFuTGlgkBh1VI

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 4176 7 KB
3 KB 188ms
12ms Script
text/javascript 108.157.4.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=digitas01cont5&js=pmw1&base=te-clr1-30f27367-f752-47cf-beef-e5d669b03533
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-24.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 648885c5160a220eeb429702068a11eca67d8014ad6b702762655f79c9c6c2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 09:08:47 GMT
content-encoding: gzip
server: nginx
age: 83126
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: DUS51-P2
content-length: 2470
x-amz-cf-id: ytoR5BTIFb6fyyNsBkVc30aVwO0Mq4U72h4_QDqcq2csHVByu14W6A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 4176 38 KB
11 KB 190ms
15ms Script
text/javascript 108.157.4.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=digitas01cont5&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-24.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 16:43:50 GMT
content-encoding: gzip
server: nginx
age: 55823
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: m4mEo0GwX0IWkGKoNnnQRFTb7uCPivsb_x1hw01y-klGisA6E8s8-A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 4176 43 B
1 KB 288ms
113ms Image
image/gif 108.157.4.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=e1b1

Requested by

Host: tikytoky.com
URL: https://tikytoky.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-24.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: kqv8EB_384MTJN0Wxtb5_1EQ1Do-IljGsaefGTBIRzrJ_b9_wlkxkA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 132ms
132ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4176 42 B
64 B 91ms
73ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1J87vmQSqPvnav3095jGZZ1oAq-h3IeDjj1AL0JCv-_Y1jtijoG_WwOdKYS1EnkFj69HijUu4QAVDMRvGokEfdehMEU9iNmnDROwMCsIktQXLSwzzVA&sai=AMfl-YQoBljGF2jLbNO0vsZTnGmjLg4_1t-TyHF_8qx2ApWUcfAacqWGd33mSjVjwuYIgYLpFmK0lSEmuBB0T4x19WtPWZNe8hduSctS8AkrSb5KYBbI03GiFeYPx5PvLXXt&sig=Cg0ArKJSzPbYoDG_WRScEAE&cid=CAQSPwCNIrLMk-5_Z6aS_sMozItgPAqJTOfQiCd7hDhdgi4AtV-FfxTo5yVgeS_5rwnnvDk-Pvuff791QYYDmJj-sBgB&id=lidar2&mcvt=1000&p=938,539,978,580&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2441796612&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650528851950&rpt=238&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!91uy1rl1bu&lm=0&ts=1650528852568&dn=TC&iso=0
Requested by: Host: tikytoky.com
URL: https://tikytoky.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK sp-push-worker-fb.js Show response
tikytoky.com/ 72 B
407 B 14ms
14ms XHR
application/javascript 103.155.93.103
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tikytoky.com/sp-push-worker-fb.js
Requested by: Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/7ba1d3b1d9fbf66a57585e89f8a72e1a_1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.155.93.103 , Malaysia, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: mail.chimerapharma.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 08:14:13 GMT
Last-Modified: Tue, 15 Mar 2022 14:26:26 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"48-17f8df916bc"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 28ms
28ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

418e24b891d5ff636ef9fd798f6257f697d725bde9d66ceb60693e16635eef9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 08:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10629
x-xss-protection: 0

GET sp-push-worker-fb.js
tikytoky.com/ Frame 0
0

GET
H2 200 sendpulse-prompt.min.css
web.webpushs.com/dist/css/push/ 48 KB
11 KB 37ms
36ms Stylesheet
text/css 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=211653091200000

Requested by

Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/7ba1d3b1d9fbf66a57585e89f8a72e1a_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d4a0898a56136b0fe4168208742796e34e77586bf905974c04a58c91a4de6434

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 21 Apr 2022 08:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: Pcv7y/2wFTk
x-77-cache: HIT
x-cache: HIT
x-age: 40831
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ryzSkI3/f58AAA
x-accel-expires: @1651524822
x-sp-ma: sp-ma-0
last-modified: Tue, 08 Feb 2022 10:04:43 GMT
server: CDN77-Turbo
etag: W/"be70-5d77ed8a3199f"
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr7
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 08:14:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23C7 0
0 42ms
41ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2S-2VBJhYq39CfS2x_AP6euNuAainorhad6R0ozXD9601qudHBABIMb71nlglYq2gsQHoAHJ8pLGA8gBAqkCTxYg8cUtsj7gAgCoAwGqBOMBT9D-k_MNaZ9o4oQ3cUKs5rW8EwJhUPQ38VuuceRz6WrcFG7HjFxuGABmz3hdVYAmtkgviM3ifPD9vVOpWnmuKPrXDwfjc4ZQEY5rgIT1vm-lfV_N4g0o3545-bhqwi9yltNzbNwGk9-eTc0li3gDLLOBhsmZPFdrxTsNnfs_q-Ny-asImEuFlfduTGDGIgEo670TRVVMtcXYVNM9R2RlxAlgx6npck76eDfo0E6iAJBfZdIil2sIIu6K_WH2oc52J2LMqtktpUh0Tol8td7LXxj51LRGxxAxVOfr1S8VkOER9HnABKvfytf6A-AEAaAGAoAHn43tOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOwMNIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi00NTczMjMxNTUwMzU1MjIxGOqqcg&sigh=qjy2OkQnUmI&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 23C7 42 B
64 B 43ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRKPcjg6DTaQ-WeLLzGLbsAq4Jn1JeEDOBixQkaC4M7oQgsAA4812o8VIEYU0B6RYVzwzfLBp4OTmld5wHTTCsiv8wrX-cuYLjv_Q-1FeCYrJFRLBMTQ&sai=AMfl-YTETOll_bJ-iY2fWifcDsThCq63To5jVKRI98F0dqsV0yDvA-WLt7btZ09mljFCZX-iybu_yyBnEgv6NEeuN8Px075NPQVIiGsj0qDVdIWyBarLPBRwB7TdQViOFsM&sig=Cg0ArKJSzNukrpFbWllPEAE&id=ampim&o=396,1100&d=809,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=182&tls=1182&g=100&h=100&tt=1183&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=712443154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3502 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 07:52:39 GMT
expires: Fri, 21 Apr 2023 07:52:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F6BA 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41711ff34f1fa8a4c718de75fac0a21f4ebd2f08935acb90daa6a9e3951aceef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6f4h4nHILFsYS7zwYZzhog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tikytoky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-6f4h4nHILFsYS7zwYZzhog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:14:13 GMT
expires: Thu, 21 Apr 2022 08:14:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3502 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 06:31:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F6BA 0
0 46ms
46ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=1455391320613448&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3502 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jfEI_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:14:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 3F8D 0
17 B 454ms
222ms Ping
image/gif 2c0f:fb50:4003:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l28q9hkw&c=2230698568686&slotId=1115349284343&qqid=COHuw4_bpPcCFSfBEQgdmGYDrQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=867&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220413_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2c0f:fb50:4003:802::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 08:14:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=1455391320613448&bg=!ICOlI2fNAAZvJBiFTyQ7ACkAdvg8Wum7go_nyJ0HF4DhVDWupzC__RZ8rusRJvTVCj7kM4HQzSD0iwIAAABNUgAAAAJoAQeZAp8Y-DhVGFQHKMHQ-SnsNjrD9PlZfefCTMaAwoqMxCrc-VX68gm0XhNQRseb5Ozy2-INrhgzHjJGBArA1FgdNoFN01PermCfC20QwESeT2Gi66Gv5RAhwTtrdRgXWROxhVu2X6SdxAWVp2Ky_6dJX7gFsimqpbxmi9rBpCwFsTCmZSMs9cpyLIJTPzR2THVrGRQB-sfnK5lwOUuVUdjWzAus1P1f_9zCMlsIzIXJ9EcQmWyaepju8s60ajME9zf19J3wJr4P6VSaKM0GiEXwQVaI1_3Yhj9Fgp0Eu5ytFV16YymCxP1cWZ-LJElX37x14vZ-lvJVJyOEyoYlRPfPS-DPgXxDNccepqbHQcGOyx3S0Nhm3e8gc5_1pbnil9eNlkKfWkClKzfPbnCV2YhLzfaHklg6MHk8yxn-2B2GyJHQzCATmtbdOy0rrJEdMkWVbras-UMu9yZLwQBOInmUP9zA1BK6AUDTRKzXw6t9eh0QtmPnE3NfQH45yoq0qNnEBHEkGvuwod1viXRMWYjejTWJu3JkF_vu_Dx8Z3RTbfZRvCMoxGDKEwNvculwJkbmYEBinlzSVdl3P2mTA29qAm3ztEWu9rJHH5O4--X_SbC2r6NRN1WjOfUp0zK59Q8jW8Mh1UQ1hDVgZVOfuFHt5LUKcCtgQkdIeMqeIv42OfMPnYFNzfT7pR223fBSPJX7F8rT9crF4eN1YZNHtd9-NdKhTIy2Fwwvu9EGys9BsWzmMmt0iTJKURpqcVT4_fL_Z8dORSYffO4ncEy1Q4VPpEA8bV5-if0uK4IkvB7ypSFl0E6m76s2Z3cfIP4pMmF-S3X9R0xKN9XVnTWmO-ljntlfrfeLI-JlH2BDoVXGWHWAiqbTzgi7H0IWe5fQqLdcQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tikytoky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tikytoky.com
URL: https://tikytoky.com/sp-push-worker-fb.js

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 04:38:24	Name: uuid2 Value: 7209912523496161569
.doubleclick.net/	1970-01-20 11:50:24	Name: IDE Value: AHWqTUmlZO-elyRSxLi8zx52AwfAiDzYgS5KvEUsmzVt0dZwkU3_h2vxtAgjwFv6Clk
.adnxs.com/	1970-01-20 04:38:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVIEF0KL!@wnfH8K6pQK`!5=E<*L5?%KFYgJxT7nK5`lyS]E^Zg'<.y.mtA8d8fUL@vY%nugO%v4VB%nlxN)lQf!
.casalemedia.com/	1970-01-20 04:38:24	Name: CMPS Value: 5225
.casalemedia.com/	1970-01-20 11:14:24	Name: CMID Value: YmESVPk9fjB7MSAgWglUvAAA
.casalemedia.com/	1970-01-20 04:38:24	Name: CMPRO Value: 1162
.casalemedia.com/	1970-01-20 02:30:15	Name: CMST Value: YmESVGJhElQA
.dtscout.com/	1970-01-20 02:28:53	Name: m Value: 1
.dtscout.com/	1970-01-20 02:29:06	Name: b Value: 1
.dtscout.com/	1970-01-20 02:29:03	Name: oa Value: 1
.dtscout.com/	1970-01-20 04:52:48	Name: df Value: 1650528852
.casalemedia.com/	1970-01-20 11:14:24	Name: CMRUM3 Value: 2d626112542760CAESEIASeuL-TcS-ntZ7iuew8es
.tikytoky.com/	1970-01-20 11:50:24	Name: __gads Value: ID=9525adff434b363b-220dc5227ecd00eb:T=1650528851:S=ALNI_MaE_XAggdJWZ6q8PThnxI8ZgG4W6A
.doubleclick.net/	1970-01-20 02:28:52	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1882440cb6b9d99cd3389d71bb193ef.safeframe.googlesyndication.com
ad.plus
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.tynt.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
csi.gstatic.com
de.tynt.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ic.tynt.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
p16-sign-sg.tiktokcdn.com
p16-sign-va.tiktokcdn.com
p16-sign.tiktokcdn-us.com
p19-sign.tiktokcdn-us.com
pagead2.googlesyndication.com
r4---sn-4g5e6nss.c.2mdn.net
s0.2mdn.net
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
t.dtscout.com
tikytoky.com
tpc.googlesyndication.com
twemoji.maxcdn.com
waust.at
web.webpushs.com
whos.amung.us
www.google.com
www.googletagservices.com
www.gstatic.com
www.transparenttextures.com
tikytoky.com
103.155.93.103
108.157.4.24
108.157.4.26
142.250.185.130
142.250.186.98
142.250.27.154
158.69.139.225
172.64.151.83
199.232.190.73
2.20.157.55
23.111.9.57
2606:4700:20::681a:407
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:5e::9
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a02:6ea0:c700::1
2a06:98c1:3120::7
2c0f:fb50:4003:802::2003
37.252.173.215
67.202.105.32
67.202.94.86
92.123.225.17
92.123.225.73
0007d23baa268a1cd61074407a65f5d2850f4f78a77d0cf141a0c0fdf8fc403f
01cbcb681c868792c94ad54fa998ba2bc570091acc29ce7fdd14d6f35a1fb221
065af50a0a8a92ed62ba8eb6d6a9d1be377de55f95c7a23c759fa96a52095cc2
0900693ba4018c6de9126b543a8a3c50080eb74d1ed0696e5cc8fca0c0c99513
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0db2cd768a9f0ff007862eb2bd3c4b256b4f2c5077e151974beee51094c5fc62
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
105823a1c8120834c3110caf18060a9125b32f5280a79d6df9c8eb2de8eb16bc
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14730355004c060494b4d945dce2d7175bda15b1530f57c72e4c2059156a3356
183ea6e6dfa036c3c95c954ad003d9ab133b656d1f3c4270b50966fb59c4845b
187790b0d2481fdbe5b949f1c05c1401f7e44b605764eb372ba08a9ce5284df6
1ae7aa336ed6231e9797409232132e13a1c104c7d91a54b628283b34067bbca4
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2035441d98ae0c1fb4c4e46a1383f9a0412fa707bca239156ac876ff9ebd555e
20648114012e60c5485bdbf3de3c726879d4aa736050caca19c6f521f98a1690
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
255f2a6d9c26d802f51efddbf9d532016185f27ffbedd35091eeda89350545a2
25c878da8d44f6c1ea3d96d6b728931100307c19e3734cadee267922ab8bea8c
25e4e4310001261664fc9a8456e23ecb4deba24068e2134547ee76e32932596d
289a425744bb9c0329c9570774ce5218404550d049b9d38a017ddaf479e70886
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281
2a9ca09a2eaa79828af825473bc0ba1b649bfcec50c7ca0dd886f182bd783cab
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2baa546d9807f242426bcceb7cafa6418fe980fa7fc8b0643cbbb2deaca9da5c
2ced12906b2c77bd7f341007b8f4fce8a5d56b5309775dd4f15603fc48caf89c
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3019e3fa5b0d3eafbd4cfcaf4dbe3d43218322c745ca98ce0614ce1fb9f93395
311c4ff924dcaeaf69be0bea1ef1b4b073a9b92b1cbfbcd6446ebefcff2f3f2a
328d2351a42243e1c7d53381f808cf0d4dc5f1e7ecbad2b2b9411efb74c4ff7f
32a027f69b9edd223554d3db4373008ab55b4d0d3dde7de0f6c20d07eb8fc6d9
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b
3b105f944e4820d92a77544f4ad3951b18dc263ac954054d4f22111a433d7633
405af8360a3d70af6ed4e1c79bf4d498ebe33b3f5181bdc52e30e270e60512d3
41711ff34f1fa8a4c718de75fac0a21f4ebd2f08935acb90daa6a9e3951aceef
418e24b891d5ff636ef9fd798f6257f697d725bde9d66ceb60693e16635eef9e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49a0f9d67c4a4d2f8e1cab3162a589485df17e0856db8584da75bc4e72d671cd
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc137035b43898c143649f0996e664a981ec563b203869ff183e0c53faf03eb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e5f7a2bf36c8cecb7fea9d9f004098c74ccacfbb9f89e48382e03e0396bc60
54e90f64685201bd680980d9c53447457174adfb7ca2736184ea7719badd2151
55950e140a226a36593dadc478f93d2b069335e2651cfde3a3c855fe9f99b8b5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ce5626fee96a7d421fcdfa1f15f4a06a71ba76b1996185b93f3d20d24d557c
58367b0b9c9387d9bad144df871a34d4dea5a5e7ceca1aa9741dd60c0374bd70
58487c97b1707cc655b5bc28631c6ea5173122a4f8c12475bd2f4d49346b6a06
59aa665beb045922194df9c1505ae148c7d2072e83f1998dd6e17c4e9369993e
5a5bfa1ed61b73c3d972d5afe73eec2f8750a9570adfabc3003bb9f7b89a049f
5a7f7f134313f705d491dc90ee2e8519ebe7d49497ec79a678f3565b801fbc99
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5daa91a81734f9df8e725f502513bfbff7cd2432a439e19a033d7e2426706d1a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624c99d8692af4af3b2301159f78af9b1521a9eec26d19094583208a3a397395
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e
648885c5160a220eeb429702068a11eca67d8014ad6b702762655f79c9c6c2fe
64a56767d899b4ac74b405c5e7eb7410e7c3088c7b08d7fcb78cd70f88f5f591
654584de7d667f9a4726bd793fb80a0ad1fa53d536bfe23eb2aaa32256359d9c
6812858756f0ed871402b2e9948899a7ad10c9dec0ef3fdd7f403da53893e0bf
6b58ec677d812417df13c4dc6eb5894d3fae7089a38ae90a8376ad6afeed7c98
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
71622dc5d938cda3edce772cd844fecde684a16c4ddf1ecbab4ed448caca5f90
717967a266c469b39efe535451827dbd938b534d227d02e7b68275a04c1af615
73c0d58efe283913dec6ca3dc08fe5634cc193323993d794e9697e3a84c144e6
742c67f88bb642346ccad1b8c47fc44e34884ce05ff56a6c238d92a16280f423
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c342484c38f8bba5f2071e66771a2d925d81762be2cfec170b2fe28f9806880
7e92dff617d4400b144e361522c875dd82bcd08dfdd6e120b78b9e339ddcb8db
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8031da787866f63e00c988e62a74e7037ef9e2928f4a38f7a725a7417a3af1ce
808028672096e67542bad2ae600ee71303aa083ee27c1fee2cde8d1da5d36349
81c182a2d3b4cad4c0b7dad53926531ed607d1f69ea924f6b17d7171194e550c
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8596a2c90be14c460dbc1940c98eef8f8d2005235a4b787ffcd26846e004ef2a
8657a186c813f1822093967e457fa5f13c202a85aefb50c15b1399568f21dc64
865c59892f29410b33341e301173c8161d746cf1314e6da6a89586fe62be87cb
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
898a982d956099877581b8741dc7547078df09cecf44bcad112731635ca8a3e2
89fcc0375149a3f29180c96159cca98bffe1e6bbb2ba93727628c90ccaa91db5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bfee47a0241b375809588927992e15e4456926a46784808834bb42170b5542c
9250d462b16ea25a8bdc0b2a5d81f22945bb68729cec3fd60964409961e9e5d0
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
94a41c2dd8a5eb6a616f6ebe63a07f65df68ced0d65e6a6331f465ec0247ca4f
966fc0b373054978730d306c0c3382c6073efffe230aba7779fa5d02f8ece027
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9afba5a9e99e3dfa4b25a23a641e394b387eb69fd09dcf4217f295156b229e43
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aaf694e77d570418314be38e56934b6477b0182a8edd2b1a4bbdadbb13dc93f7
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac180f877e9da47e2db33eaa6bb3dbfc564cb976d13351fb2660c10a1c862cc8
ad35fbca793fb8c30b78a9ef9ad9f1859d645605e9d33f6b710c0551376824f8
adc832b83593639b8878e7587acdec884c8b429c8964f2cfb98bc93f2a89f579
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aeec8d433f1f0a47d14736d4138ba01480a8bbd9a3d1aeecbcd830b291d957d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a88cf28a8dd7555871de0d041757c3c37ede702499bd08134a2b1e9db5bf39
b20904ecc57f66332ddcab359ca6aa0950933638428b7db56dd243b6518e2502
b2a27a3c76b14ce90df2a3f227b162847ee09630e7f23e5e800476945f94d2fa
b3a83c88a5c4639b1a07bfb9033a3d9f1deb4d4d4c0d44d52a61ef900ce41a64
b5f1de640fe1bab7721e4e75f46c2e272b284589d8fc6b45f4c494acb01e496d
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bbe1f492507586ed954fd1c3baedc8099e0e4a493b92585905d92f34b7523073
bd67a1294998f449f854a68e6fdf476cd02e856c72780fbc4160a85d82cc32d8
bef8f9821fa7e69005df4149664afedccfad155111755874492fdb851c7f6cd4
bf77b032518ddbd9a4362a2428f7f3de1a77c3216ee68e74a6b3f7da77532fc1
c2d3f0478afec4c25433e4d724c1d4e250ebca7f91c5f5a7a1dbbdd8b9614bc9
c321245e6d62047e34eb64d468495376a05026060a19408588ba2dd9e552f1aa
c887d3667e8514e262b0b4c21a26a1fa272b65808bec1d665917cfd3c2f1dec1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cee634716f7568ff6ecbd6858e8e5282202446e43a607afa8a309b943c821570
ceeb9fd8c675b06c44f70509e84221462e18c313f58b145d9d8d043be8dd2635
d1c421f20170befdf78f2cdff81e8988ba367b2ffb7920a76aab5835305329e7
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d4a0898a56136b0fe4168208742796e34e77586bf905974c04a58c91a4de6434
da1ab4f623111ce0e322f36d5a6102584bee62262a0784ca76e209c87ea53a60
dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639
dbe4da7d1506c27eb95da32317a08550e05e5dd06bf366fb06847c8d1dc03e60
dd79631018894e203af8ef121364314c97de4d2fb81193d6fe3bafe937566f83
e05f2f625425d40b4538b14204896fe5c08049bba633918569e0f1d6b8bc9b23
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e281cba07478ad58bf4da8ec234e145182115fee61fbb00ca73d7f331300c578
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8f337b0486e980312ab6911c9acd32a5cd6bc4e40c9a2ba6c96372d7910a4
e4781e30299218c31c1bb7a2935893492469348189986412694f9403835a708b
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
e9dd25ef64b2023ff1572c14a8c92aa5198b4d8607cf4cebdbb8702f27f53184
ecf256e109a9060b938aae7fed41980c2816c92874644ae05b63f4852e13edd7
ee611af1be3b78c1d04cbe1a5989f24212d280c3ac542cd91ae6888cd8121148
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f23cef3afe26bac43a5fef149b88c491940441729d6f870748aedcce83dc370c
f32ac25937c37494d99745980df45eed7404074a447692b46ee781a4e146e7c3
f4080d791288cfbba49ab903bc464581dbd755242ac6f2fd62c500886a31c8e9
f739a3f437c80ac1e7356a10c602ceeac0813a9b9c97889723a7a8aca1122769
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
fafaf1eb4fdf5bc482077a733614b3c812fdef8e9cb294a3167b4c50255dccc3

tikytoky.com Open in urlscan Pro 103.155.93.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

95 %HTTPS

59 %IPv6

27 Domains

44 Subdomains

39 IPs

6 Countries

7348 kBTransfer

9456 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tikytoky.com Open in urlscan Pro
103.155.93.103 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

95 %
HTTPS

59 %
IPv6

27
Domains

44
Subdomains

39
IPs

6
Countries

7348 kB
Transfer

9456 kB
Size

14
Cookies

194 HTTP transactions
5 data transactions