urlscan.io logo urlscan.io
SecurityTrails logo

tiktok-flow.com Open in urlscan Pro
2606:4700:3031::6815:204e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0...
Effective URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_...
Submission: On November 09 via manual from JP — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 19 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3031::6815:204e, located in United States and belongs to CLOUDFLARENET, US. The main domain is tiktok-flow.com.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.
This is the only time tiktok-flow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 213.227.149.216 60781 (LEASEWEB-...)
4 95.211.197.111 60781 (LEASEWEB-...)
1 37.48.112.55 60781 (LEASEWEB-...)
8 151.101.193.44 54113 (FASTLY)
3 3 213.227.145.137 60781 (LEASEWEB-...)
1 1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 1 5.79.72.207 60781 (LEASEWEB-...)
1 1 104.21.87.180 13335 (CLOUDFLAR...)
1 1 104.21.62.113 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 62.212.87.243 60781 (LEASEWEB-...)
19 104.18.17.65 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.69.117 13335 (CLOUDFLAR...)
1 62.212.87.165 60781 (LEASEWEB-...)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.19.132.80 13335 (CLOUDFLAR...)
1 2a00:1450:400... ()
55 16
8    213.227.149.216 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
x4k0a.premium-messages.com
4    95.211.197.111 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wbidder.online
1    37.48.112.55 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wbidr.com
8    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
images.taboola.com
3    213.227.145.137 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
crtv.wboptim.online
1    2a03:b0c0:3:d0::1114:8001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
track.cpa-optimizer.online
1    5.79.72.207 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
clk.wbidder.online
1    104.21.87.180 (None, )

ASN13335 (CLOUDFLARENET, US)
poisism.com
1    104.21.62.113 (None, )

ASN13335 (CLOUDFLARENET, US)
tiktok-gw.com
1    2606:4700:3031::6815:204e (United States)

ASN13335 (CLOUDFLARENET, US)
tiktok-flow.com
1    2606:4700:3034::ac43:a772 (United States)

ASN13335 (CLOUDFLARENET, US)
hobstercube.xyz
1    2606:4700:3036::ac43:d5e4 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.pushground.com
2    62.212.87.243 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com
marshalltrack.com
19    104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.21.69.117 (None, )

ASN13335 (CLOUDFLARENET, US)
bidder.trktax.xyz
1    62.212.87.165 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
pushism.com
5    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.19.132.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
1    2a00:1450:400c:c08::9a (None, )

ASN- ()
stats.g.doubleclick.net
Domain Requested by
12 s-img.adskeeper.com tiktok-flow.com
8 images.taboola.com x4k0a.premium-messages.com
8 x4k0a.premium-messages.com x4k0a.premium-messages.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 wbidder.online x4k0a.premium-messages.com
3 crtv.wboptim.online 3 redirects
2 cm.adskeeper.com jsc.adskeeper.com
2 c.adskeeper.com jsc.adskeeper.com
2 jsc.adskeeper.com tiktok-flow.com
jsc.adskeeper.com
2 marshalltrack.com tiktok-flow.com
marshalltrack.com
1 stats.g.doubleclick.net www.google-analytics.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 cdn.adskeeper.co.uk tiktok-flow.com
1 pushism.com pixel.pushground.com
1 bidder.trktax.xyz hobstercube.xyz
1 www.googletagmanager.com tiktok-flow.com
1 pixel.pushground.com tiktok-flow.com
1 hobstercube.xyz tiktok-flow.com
1 tiktok-flow.com x4k0a.premium-messages.com
1 tiktok-gw.com 1 redirects
1 poisism.com 1 redirects
1 clk.wbidder.online 1 redirects
1 track.cpa-optimizer.online 1 redirects
1 wbidr.com x4k0a.premium-messages.com
55 24

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.com
Subject Issuer Validity Valid
*.premium-messages.com
AlphaSSL CA - SHA256 - G2		 2021-10-26 -
2022-11-27		 a year crt.sh
*.wbidder.online
AlphaSSL CA - SHA256 - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.wbidr.com
AlphaSSL CA - SHA256 - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tiktok-flow.com
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-28 -
2022-08-27		 a year crt.sh
track.opticks.io
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
pushism.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Frame ID: 09CD30FFF1A0D0B4F6A562C7AE3FF11E
Requests: 56 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1636450682700449099604
Frame ID: 2019F893206CA26509FB6B48E3D24249
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Locked

Page URL History Show full URLs

  1. https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&ta... Page URL
  2. https://track.cpa-optimizer.online/15GtmV?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0j... HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fpoisism.com%2Fc%3FbidId%3Dpush_20211109093800_678... HTTP 302
    https://poisism.com/c?bidId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&feedId=29&o... HTTP 302
    https://tiktok-gw.com/gw.php?campaign_id=4_b_356183_b_29_b_NL_b_2201&creativity_id=1&click_id=push... HTTP 302
    https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&ut... Page URL

Page Statistics

55
Requests

95 %
HTTPS

35 %
IPv6

19
Domains

24
Subdomains

16
IPs

4
Countries

830 kB
Transfer

1261 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk Page URL
  2. https://track.cpa-optimizer.online/15GtmV?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country=%7Bcountry%7D&affid=500329&subid=16332353&as=adk&onw=1&link=url%3Dhttps%253A%252F%252Fpoisism.com%252Fc%253FbidId%253Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%2526feedId%253D29%2526offerId%253D356183%2526data%253D16b3RvQHdudG50bjBtdXFLQz5EQ0VHTjJGLzgqd2t9RT44QkBGRkRGVj9IOophPk9yfm5yc2k4Pzk8LTZmeX92gouIIE9WIzU1NDdDKWF0ekNCSjCJSEc9NUFxcm9pXGtpU3J.OkFART1DRzI7X11UTk4vJHFvcm0pUXBveH04MFR6hYOCZTA7ODI1NDs.PEI5QUEuYnF3c4V9RDU0OTE3OyxweEY7O0U7QD9BP0NHR0MyNDcpcGZ0bkV3djF-fIOBc3ZPdX15XzYyMzc3Py1xbUd7gYB2bkJBRERFRjA6Mjw3PTY3Zz9BQ0NwRENHcEtKR0lfNTs3aWQ.PT47aXFuPUR1SEFDTEZHMid3ZGtCNzgubHNvST40dXl1T0VNO29qZkA3Ojw4QDwwdG9KdoOEgYVNQ0RpbmNqaXg0e2lreXp4bjxyf35Bh3V3b3BuZDNuc2hvbjlxcYFxdz93cYOCfCUzRWtjNzs9LTtNgms-Q0U1Q1WEc3Z1dXEoNkhpZm5ydncxP1F2b3dzdnmIOmJ3d3MqOEptaH1zbX9.dH5AeoeIhXMmNUQpN0wsOk9ubHWBgYR8hnV.Qo15eyc1Sm5zbmc7PDs8MkBVQXp1QYSDZydxc3hyQ3V3d28xcHN3c003hHh6enJmdEBseXp3Qjg5e35ygYKCgIGAin5wL3FxcG50bC58f21-cIB4cnaEcn15PTI3Njc4Pj05L25xf3yDgXN2T0VGRTE_%2526ds%253D1%26s%3D1010%26a%3Dbid_onw_500329%26uA%3Dbid_500329%26sub%3D16332353%26ts%3D1636450681%26d%3D36%26i%3D4065h2c0jakvrwherr%26t%3Dclient%26c%3D3317243221 HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fpoisism.com%2Fc%3FbidId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26feedId%3D29%26offerId%3D356183%26data%3D16b3RvQHdudG50bjBtdXFLQz5EQ0VHTjJGLzgqd2t9RT44QkBGRkRGVj9IOophPk9yfm5yc2k4Pzk8LTZmeX92gouIIE9WIzU1NDdDKWF0ekNCSjCJSEc9NUFxcm9pXGtpU3J.OkFART1DRzI7X11UTk4vJHFvcm0pUXBveH04MFR6hYOCZTA7ODI1NDs.PEI5QUEuYnF3c4V9RDU0OTE3OyxweEY7O0U7QD9BP0NHR0MyNDcpcGZ0bkV3djF-fIOBc3ZPdX15XzYyMzc3Py1xbUd7gYB2bkJBRERFRjA6Mjw3PTY3Zz9BQ0NwRENHcEtKR0lfNTs3aWQ.PT47aXFuPUR1SEFDTEZHMid3ZGtCNzgubHNvST40dXl1T0VNO29qZkA3Ojw4QDwwdG9KdoOEgYVNQ0RpbmNqaXg0e2lreXp4bjxyf35Bh3V3b3BuZDNuc2hvbjlxcYFxdz93cYOCfCUzRWtjNzs9LTtNgms-Q0U1Q1WEc3Z1dXEoNkhpZm5ydncxP1F2b3dzdnmIOmJ3d3MqOEptaH1zbX9.dH5AeoeIhXMmNUQpN0wsOk9ubHWBgYR8hnV.Qo15eyc1Sm5zbmc7PDs8MkBVQXp1QYSDZydxc3hyQ3V3d28xcHN3c003hHh6enJmdEBseXp3Qjg5e35ygYKCgIGAin5wL3FxcG50bC58f21-cIB4cnaEcn15PTI3Njc4Pj05L25xf3yDgXN2T0VGRTE_%26ds%3D1&s=1010&a=bid_onw_500329&uA=bid_500329&sub=16332353&ts=1636450681&d=36&i=4065h2c0jakvrwherr&t=client&c=3317243221 HTTP 302
    https://poisism.com/c?bidId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&feedId=29&offerId=356183&data=16b3RvQHdudG50bjBtdXFLQz5EQ0VHTjJGLzgqd2t9RT44QkBGRkRGVj9IOophPk9yfm5yc2k4Pzk8LTZmeX92gouIIE9WIzU1NDdDKWF0ekNCSjCJSEc9NUFxcm9pXGtpU3J.OkFART1DRzI7X11UTk4vJHFvcm0pUXBveH04MFR6hYOCZTA7ODI1NDs.PEI5QUEuYnF3c4V9RDU0OTE3OyxweEY7O0U7QD9BP0NHR0MyNDcpcGZ0bkV3djF-fIOBc3ZPdX15XzYyMzc3Py1xbUd7gYB2bkJBRERFRjA6Mjw3PTY3Zz9BQ0NwRENHcEtKR0lfNTs3aWQ.PT47aXFuPUR1SEFDTEZHMid3ZGtCNzgubHNvST40dXl1T0VNO29qZkA3Ojw4QDwwdG9KdoOEgYVNQ0RpbmNqaXg0e2lreXp4bjxyf35Bh3V3b3BuZDNuc2hvbjlxcYFxdz93cYOCfCUzRWtjNzs9LTtNgms-Q0U1Q1WEc3Z1dXEoNkhpZm5ydncxP1F2b3dzdnmIOmJ3d3MqOEptaH1zbX9.dH5AeoeIhXMmNUQpN0wsOk9ubHWBgYR8hnV.Qo15eyc1Sm5zbmc7PDs8MkBVQXp1QYSDZydxc3hyQ3V3d28xcHN3c003hHh6enJmdEBseXp3Qjg5e35ygYKCgIGAin5wL3FxcG50bC58f21-cIB4cnaEcn15PTI3Njc4Pj05L25xf3yDgXN2T0VGRTE_&ds=1 HTTP 302
    https://tiktok-gw.com/gw.php?campaign_id=4_b_356183_b_29_b_NL_b_2201&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222 HTTP 302
    https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz%2Fimg_2200%2F1ic.png&s=1010&a=bid_onw_500329&uA=bid_500329&sub=16332353&d=36&ic=1 HTTP 302
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Request Chain 17
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz%2Fimg_2200%2F1ic.png&s=1010&a=bid_onw_500329&uA=bid_500785&sub=16332353&d=6&ic=1 HTTP 302
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Request Chain 19
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz%2Fimg_2200%2F1ic.png&s=1010&a=bid_500329&uA=bid_500329&sub=16332353&d=8&ic=1 HTTP 302
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index-newv2.html
x4k0a.premium-messages.com/lp/skip-lp/ 		16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
dc31c851034d9b89abfb2feb1565c8b2b036acee2b6b5adff6a37c5737d04110
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 09 Nov 2021 09:38:00 GMT
content-type
text/html
content-length
16774
last-modified
Thu, 04 Nov 2021 12:53:54 GMT
etag
"6183d7e2-4186"
x-frame-options
SAMEORIGIN
accept-ranges
bytes
skip-button.jpeg
x4k0a.premium-messages.com/lp/skip-lp/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x4k0a.premium-messages.com/lp/skip-lp/img/skip-button.jpeg
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0ad70cebcbab28ebb7400a3f4b4801c37410e3db4e2111f43fce515addd6075
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Thu, 04 Nov 2021 12:33:34 GMT
server
nginx
etag
"6183d31e-fa1"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4001
expires
Thu, 09 Dec 2021 09:38:00 GMT
script.js
x4k0a.premium-messages.com/lp/skip-lp/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x4k0a.premium-messages.com/lp/skip-lp/script.js
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdd3014848a6ec682daf4af484d6360279976d99deb9f3afc1693aa5739488a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Thu, 13 May 2021 14:07:05 GMT
server
nginx
etag
"609d3289-f2c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3884
expires
Thu, 09 Dec 2021 09:38:00 GMT
client.new.js
x4k0a.premium-messages.com/plugin/js/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x4k0a.premium-messages.com/plugin/js/client.new.js
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
48ba395cc577fa83ac2a96ad9231c97127e72d64d5055d6d8356bb15e7dbdd91
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Wed, 01 Sep 2021 12:17:27 GMT
server
nginx
etag
"612f6f57-683e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26686
expires
Thu, 09 Dec 2021 09:38:00 GMT
bidder.js
x4k0a.premium-messages.com/plugin/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x4k0a.premium-messages.com/plugin/js/bidder.js
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Tue, 12 Oct 2021 12:17:48 GMT
server
nginx
etag
"61657cec-3678"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13944
expires
Thu, 09 Dec 2021 09:38:00 GMT
bidder-interval.js
x4k0a.premium-messages.com/plugin/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x4k0a.premium-messages.com/plugin/js/bidder-interval.js
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Fri, 06 Aug 2021 08:27:00 GMT
server
nginx
etag
"610cf254-1f8f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8079
expires
Thu, 09 Dec 2021 09:38:00 GMT
client
wbidder.online/offer/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder.online/offer/client?affid=500329&subid=16332353
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.197.111 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder.online/offer/client?affid=onw_500329&subid=16332353&days=8&count=1
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.197.111 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder.online/offer/client?affid=onw_500329&subid=16332353&days=8&count=1
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.197.111 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder.online/offer/client?affid=onw_500329&subid=16332353&days=8&count=1
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.197.111 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3806acbd79e4f8cec1110a4cd678277ff86f50dd4f9ca9ca51423aeefa9a5786

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
newB1modal.png
x4k0a.premium-messages.com/pluginstuff/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x4k0a.premium-messages.com/pluginstuff/newB1modal.png
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Fri, 14 May 2021 16:13:10 GMT
server
nginx
etag
"609ea196-2359"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9049
expires
Thu, 09 Dec 2021 09:38:00 GMT
client
wbidr.com/offer/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidr.com/offer/client?affid=onw_500329&subid=16332353&days=8
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
spinner.gif
x4k0a.premium-messages.com/flow-lp/porsche-1/img/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x4k0a.premium-messages.com/flow-lp/porsche-1/img/spinner.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:00 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Thu, 09 Dec 2021 09:38:00 GMT
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/ 		38 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a5ea99d8e6b5edf9819a5d69940f8e42b65ad2edb9969fedc0142b10dd02407

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish
age
2929951
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
100
expiration
expiry-date="Mon, 11 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
39326
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.148711,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5576-WDC, cache-ams21044-AMS
vary
ImageFormat
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 180369
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz...
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7297a6205d0e970cfe0bf1a987a68eb769094a1878f8cad4529d049c49d0456

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish, 1.1 varnish
age
5180359
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
4376
x-request-id
d6d73e240b5cf06594dc4b57d325f4f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.161089,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5548-WDC, cache-dca17775-DCA, cache-ams21057-AMS
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 155565

Redirect headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
location
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
keep-alive
timeout=5
content-length
0
vary
Origin
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7297a6205d0e970cfe0bf1a987a68eb769094a1878f8cad4529d049c49d0456

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish, 1.1 varnish
age
5180359
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
4376
x-request-id
d6d73e240b5cf06594dc4b57d325f4f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.146272,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5548-WDC, cache-dca17775-DCA, cache-ams21057-AMS
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 155564
Primary Request ak9.php
tiktok-flow.com/mtion/
Redirect Chain
  • https://track.cpa-optimizer.online/15GtmV?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country=%7Bcountry%7D&affid=500329&subid=16332353&as=adk&onw=1&link=url%3D...
  • https://clk.wbidder.online/redirect?url=https%3A%2F%2Fpoisism.com%2Fc%3FbidId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26feedId%3D29%26offerId%3D356183%26data%3D16b3RvQHdudG50bjBt...
  • https://poisism.com/c?bidId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&feedId=29&offerId=356183&data=16b3RvQHdudG50bjBtdXFLQz5EQ0VHTjJGLzgqd2t9RT44QkBGRkRGVj9IOophPk9yfm5yc2k4Pzk8LTZm...
  • https://tiktok-gw.com/gw.php?campaign_id=4_b_356183_b_29_b_NL_b_2201&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
  • https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_3...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:204e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962ed0f002965266d58aa278365329b7197ea91726dcc06c1423b99606f122e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 09 Nov 2021 09:38:01 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89naTA039vJOKoX5YiwqWttVKH8bkQrZcw9fp3e8HZRymOgXH362AKdhrWXHef4tTtug0qGBfk%2By%2FO2K%2B1pC9nf6q%2B4LEOiwz8%2BloOlv4teYRbfWWqlXS7EQZTNorNryX0RQXE5Cm%2F3ICoVmt0Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab610d92f324e61-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 09 Nov 2021 09:38:01 GMT
content-type
text/html; charset=UTF-8
location
https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dzm4WQfw3%2FfYBEAKkkySWkUHNaT6hyuBf%2BRsLqQySVBKG5jZOd3kfcp2GB11Hfe4I%2BXUymvvHSKkOv6PG5ngD6%2BkUD2P3VH1Cc5WZKBA%2Bhd52uK7QqHhZsMwKNEuxnK7"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab610d87aa56d73-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/ 		38 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish
age
2929951
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
100
expiration
expiry-date="Mon, 11 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
39326
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.209805,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5576-WDC, cache-ams21044-AMS
vary
ImageFormat
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 180370
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz...
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish, 1.1 varnish
age
5180359
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
4376
x-request-id
d6d73e240b5cf06594dc4b57d325f4f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.224746,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5548-WDC, cache-dca17775-DCA, cache-ams21057-AMS
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 155566

Redirect headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
location
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
keep-alive
timeout=5
content-length
0
vary
Origin
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/ 		38 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Requested by
Host: x4k0a.premium-messages.com
URL: https://x4k0a.premium-messages.com/lp/skip-lp/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish
age
2929951
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
100
expiration
expiry-date="Mon, 11 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
39326
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.268751,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5576-WDC, cache-ams21044-AMS
vary
ImageFormat
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 180371
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_png%2Ch_256%2Cw_256%2Cq_auto%2Cc_fill%2Cg_faces%3Aauto%2Ce_sharpen%2Fhttps%3A%2F%2Fdaitsuluck.xyz...
  • https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish, 1.1 varnish
age
5180359
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
4376
x-request-id
d6d73e240b5cf06594dc4b57d325f4f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.286678,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5548-WDC, cache-dca17775-DCA, cache-ams21057-AMS
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 155568

Redirect headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 09:38:01 GMT
location
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
keep-alive
timeout=5
content-length
0
vary
Origin
1ic.png
images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 09:38:01 GMT
via
1.1 varnish, 1.1 varnish
age
5180359
edge-cache-tag
315190091764748695937037871860701049013,292380421074961480253340536673057650440,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_png,h_256,w_256,q_auto,c_fill,g_faces:auto,e_sharpen/https://daitsuluck.xyz/img_2200/1ic.png
content-length
4376
x-request-id
d6d73e240b5cf06594dc4b57d325f4f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Sep 2021 10:38:42 GMT
server
nginx
x-timer
S1636450681.270546,VS0,VE0
etag
"143e996ce49172ff56f1abecb48aef91"
x-served-by
cache-wdc5548-WDC, cache-dca17775-DCA, cache-ams21057-AMS
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 155567
fndglm12.js
hobstercube.xyz/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hobstercube.xyz/js/fndglm12.js?v=3
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8b64c8fb3414ae8bcdc71a9519bbe33a54c880a523bc5911f36f51ec947261

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
age
4305026
cdn-cachedat
09/20/2021 15:47:35
cdn-pullzone
286613
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
last-modified
Mon, 20 Sep 2021 13:45:13 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jW65fQCV%2FZX3JZxyswQWic%2F66sNrSh72S6hlx%2Fk8tLY0Yodte3JWS4f%2BVt2lN3Xg60zPLzumcNNLPza2greqThiCzlolo3Xfekk7w76hfS9Y%2FJk5QrrecBFj9d3pQ%2FdAl4ShK7GVbTwkPIADqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cdn-cache
MISS
cdn-uid
10270df6-3a78-4ee3-9e7e-62f57a8521e8
cache-control
public, max-age=31919000
cdn-requestid
e57c210d3eef581ad37f0eff13fc2c65
cf-ray
6ab610d9fcf768f2-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
px.js
pixel.pushground.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.pushground.com/js/px.js
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d5e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3689618df5e2a98d0b3c626ecedd5ae31a2ce480bda98cf6852f34924e915567

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 10:41:26 GMT
server
cloudflare
age
3624
etag
W/"615d7d56-26bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUuEfCsa9NajTIo776%2FxwQJhDvl9iLkPVJt7P9nDUYCCSxMiuUo3xZIhCz9d70N1mS%2Ffh4bZ0FBzf3bRXZJ92GuMX%2FE3fnmuvPybnwmC%2FaCaycrEbyEBS3o5n2MDmQXZLg6UPiuSnYdkXV6jF64veXRPDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab610d9fc524309-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
35830097a60831723c
marshalltrack.com/j/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marshalltrack.com/j/35830097a60831723c
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
a522c0011a8d70d3aa5107a412cfc76cdffc20037fdc4abf2a89cb4e7ade0c3a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:38:01 GMT
Content-Encoding
gzip
Accept-CH
Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Connection
close
Server
Jetty(9.4.z-SNAPSHOT)
tiktok-max.com.1192426.js
jsc.adskeeper.com/t/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.js
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f510879a8fe2b3457886dd5e9c121e9efcdfc3e7804d679b83d217a41b9994d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1549
cf-ray
6ab610da9fb42175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
x-amz-id-2
mQ0Zd5wG3Ro1Bwrro2VcI/2POyBYk/mBMuXTVAwxK+HI+3iCihIrIweMhyd5M/zvzuSj2QX1g4A=
last-modified
Fri, 29 Oct 2021 20:19:41 GMT
server
cloudflare
etag
"5ffa01de036c59eef9e6c957599f424b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
PR1TCY3CF7WCPNC4
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 09 Nov 2021 13:38:02 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTD3HGW
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b44814db73b769ecba53ed6c62f1465290a19df812c1b88b526b67634a1075a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45749
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Nov 2021 09:38:01 GMT
t
bidder.trktax.xyz/ 		2 B
785 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.trktax.xyz/t?feedId=1573&source=4_b_356183_b_29_b_NL_b_2201_b_45&v=4&count=10
Requested by
Host: hobstercube.xyz
URL: https://hobstercube.xyz/js/fndglm12.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NTrgZejll0hxyPMWz82C6Zo6hqJ76LYyccl8m%2BvHfTvL5mgOrJijDDumlzcWpaPwqeMtyz7e4d6%2BVwROSN%2FRCgMJO0XVXXYPKKvZM5ROgsf2CX4p%2FdBWzIee2BkvepvQHy3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6ab610da98237260-HAM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2
js
pushism.com/conversion/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushism.com/conversion/js?bidId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&type=view_content
Requested by
Host: pixel.pushground.com
URL: https://pixel.pushground.com/js/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 09 Nov 2021 09:38:02 GMT
Server
Jetty(9.4.z-SNAPSHOT)
Access-Control-Allow-Headers
*
Content-Length
0
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET
tiktok-max.com.1192426.es6.js
jsc.adskeeper.com/t/i/ 		231 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87faac009736f51626c86732ab78891c75573796de8dd41af947aac639c0f226

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1832
cf-ray
6ab610dad8092175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67259
x-amz-id-2
n+44natSViF1/Pf3zVTmQuWx2fMHUkUbf2IHTbgyElfL1Qu9RXQvnfgMucXzKjyY+Qhouwh/yec=
last-modified
Wed, 03 Nov 2021 20:02:31 GMT
server
cloudflare
etag
"77ce7b232ab67377e29c8d7d7102c349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
GZRYJFDQHW6F38CR
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 09 Nov 2021 13:38:02 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTD3HGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5818
date
Tue, 09 Nov 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 10:01:06 GMT
/
c.adskeeper.com/pv/ 		0
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&src_id=4_b_356183_b_29_b_NL_b_2201_b_45&cbuster=1636450682470614510097&uniqId=13053&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&lu=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&sessionId=618a417a-0ff3d&pageView=1&pvid=17d040fc667a7701cd1&site=729326&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab610dd9bf82175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
br
cf-cache-status
HIT
age
5030
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3A155B6E33E50DF8
x-amz-id-2
6CI7qiJ6t77CZTz2bKN3PFZfUMyoyqLC1fEceijflSWZ6n6mUune+avf4pwH8T1rltOlrLxa4rg=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6ab610de0e97faea-DUS
expires
Tue, 09 Nov 2021 13:38:02 GMT
1
servicer.adskeeper.com/1192426/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1192426/1?pv=5&src_id=4_b_356183_b_29_b_NL_b_2201_b_45&cbuster=1636450682547820237741&uniqId=13053&niet=4g&nisd=false&jsv=es6&w=1584&h=950&cols=4&ref=&cxurl=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&lu=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&sessionId=618a417a-0ff3d&pageView=1&pvid=17d040fc667a7701cd1&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3da621d50b4b862fcb5815e2a176d90e14fcd262c32573064411eb9243bbb06

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tiktok-flow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab610de0cf02175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM...
s-img.adskeeper.com/g/10839628/492x328/-/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10839628/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM2JiNGQwYzRmMmJkMzQ4NTg1NGM0YzMyZmUwLmpwZWc.webp?v=1636450682-d7_CyZZL2efqgzHqu5An8zsdkYSu_-ozix7yQTu7UPI
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:29:52 GMT
x-mg-request-uuid
2bbe6aed-de8b-47b0-a784-188944ed924d
age
3338113
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df1c29695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23476
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4N...
s-img.adskeeper.com/g/10839596/492x328/-/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10839596/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4NWYxMDJlZThkMzMwZTA0MC5qcGVn.webp?v=1636450682-cihiVFhkHIM-XpUGDTnYbIXIkiIP4u371hxp6I5bFq4
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
966d55c803c231c8840a9b02798052ad467038d99779f2d23d2c2900f6b71973

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:29:37 GMT
x-mg-request-uuid
78addfb5-826c-4c60-a2a3-fcf803cf2e48
age
1296722
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c02695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19768
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.adskeeper.com/g/5523139/492x328/135x0x1062x708/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/5523139/492x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1636450682-l1loJgPlPxDUidBjNDKe3ZJDuOV2U0at5BvrZ3egI4E
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1dc208be2ce814347311e1434b9d09a4d7a40d7504d9f94cf5d98a5aa1f13f9

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:03 GMT
x-mg-request-uuid
3683870e-b544-4e7d-a714-71285b6765c7
age
3351542
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df1c26695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18186
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hNDA1NGQ4ZGJjNjZmZWVmN...
s-img.adskeeper.com/g/10839579/492x328/-/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10839579/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hNDA1NGQ4ZGJjNjZmZWVmNGFmYzBhMjZjNGEyNjQzMC5qcGc.webp?v=1636450682-RSm5BdTcozhdYY7M48eJbhEVA8Y41XIUHUuc9Uvoax0
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f365f4637cb6affcc024e62d7d426a3db7d8ef0b76cfa87ea8fd4bedd58416

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:26 GMT
x-mg-request-uuid
27caa9c3-299e-4c8d-833a-6d757b64c2e3
age
898554
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df1c28695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59312
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp
s-img.adskeeper.com/g/3805669/492x328/0x245x736x490/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805669/492x328/0x245x736x490/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp?v=1636450682-dzSwPG8f0WaldqfAy9G25y2jSmUpTCOPe_TsTLLOOVU
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d014bcd8206d995177a18096bf47a471421ecddc31f41c2e79a8f1ff8a02c8

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:06 GMT
x-mg-request-uuid
52f412fd-0210-47e1-9982-ac8fe2bdf6f0
age
3351543
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c07695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17968
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.adskeeper.com/g/6288128/492x328/0x155x900x600/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1636450682-PtQCyKHG0d7yv0SREEwYyt0LwpPw47R26r1JOkEcGSs
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe89fa0439048758f5445bdda63b19c4026b6a85a768c915f74faac741d7c8f

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:04 GMT
x-mg-request-uuid
fc5c1a2a-7e02-4c9a-9225-b7b727d18a2c
age
3351543
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c08695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7512
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp
s-img.adskeeper.com/g/6946118/492x328/0x59x1024x682/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/6946118/492x328/0x59x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp?v=1636450682-g3ujdpuumyFMItCcYT5zPl-wh2YfjCGaYlfQktsvXyg
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8803d6940ec3a25566da88341f5772793b638ae3b2e22e5b44c71e43f20e3581

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:59 GMT
x-mg-request-uuid
ad800f4c-cea9-4304-8a17-81d72e56cecf
age
3351437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c01695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20606
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2U2MTY3ODlkYjk2OGMwZWU5ZjNhZDdiOGI2NGU4MTk5LmpwZWc.webp
s-img.adskeeper.com/g/4074796/492x328/56x0x929x619/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4074796/492x328/56x0x929x619/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2U2MTY3ODlkYjk2OGMwZWU5ZjNhZDdiOGI2NGU4MTk5LmpwZWc.webp?v=1636450682-k-8vnng0WjpLBNxRzdhcUF1Sudk3ZCGTGVzFarO8nB0
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e66a938e31df083b587e908bc285ff0dec020e6347e7a579a10f7e222e78356

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:25:08 GMT
x-mg-request-uuid
1baf7cb4-f1a4-4dcb-9840-4922b7b720c4
age
3348082
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c05695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43026
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzQ1NDBmYzRlYjk0ZTVkYTgyZjE3M2NjNjBlMjY4ODM5LmpwZWc.webp
s-img.adskeeper.com/g/4023146/492x328/0x6x1085x723/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4023146/492x328/0x6x1085x723/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzQ1NDBmYzRlYjk0ZTVkYTgyZjE3M2NjNjBlMjY4ODM5LmpwZWc.webp?v=1636450682-FeLVjt9jd26_FS97pBwTDFUiUow7DPjxs-L6dwGbA_0
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e6ace966094dd267ea72d018eb95dd73104a8f791f2eaec0a95d9e7d1eca1ce

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:18 GMT
x-mg-request-uuid
a8a8af4a-df7c-4a81-9aed-84c7a14fb869
age
3351100
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df1c2b695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9812
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2QwYWYwNTRkYTE0YTlhMmM5MDNhMGRlYWI5YTM2MzExLmpwZWc.webp
s-img.adskeeper.com/g/4723161/492x328/80x0x1027x684/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4723161/492x328/80x0x1027x684/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2QwYWYwNTRkYTE0YTlhMmM5MDNhMGRlYWI5YTM2MzExLmpwZWc.webp?v=1636450682-P82_VmziODcS74vgmrNrL_cNZ6lpCLed2PVen_2UilY
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f8312d82f828550376e12061c188776afba270065de644c1391cd0bbd0f182

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:25 GMT
x-mg-request-uuid
6424c1ad-71ee-42e4-9c3a-63f6474c46e3
age
3351808
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c06695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15058
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzIzY2FhNGMyOTA1MTY2ZTYxODM2ODkyMGRlYjI1OWY2LmpwZz90PTE0OTc5ODQ1NjU5NTQ.webp
s-img.adskeeper.com/g/3805587/492x328/245x0x1500x1000/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805587/492x328/245x0x1500x1000/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzIzY2FhNGMyOTA1MTY2ZTYxODM2ODkyMGRlYjI1OWY2LmpwZz90PTE0OTc5ODQ1NjU5NTQ.webp?v=1636450682--vx6j4ok2DCLCxBm47sdqFSjNIrMPXhJ8Xr9dbGH-FY
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe2026d41cbdb7bca98db4f7a6b50b37d19dcf0e6232dba5ce61a41a98a142

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:28:12 GMT
x-mg-request-uuid
a9363a45-1e60-4f15-96d3-5f113ea1b2ed
age
3341511
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c04695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22632
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp
s-img.adskeeper.com/g/8052391/492x328/0x38x1026x684/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8052391/492x328/0x38x1026x684/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1636450682--vjpjR-FCfjhuImFwDxJCMM5Iwfu4QwbwSmlaF2LyyA
Requested by
Host: tiktok-flow.com
URL: https://tiktok-flow.com/mtion/ak9.php?src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca223b68965f7d2a44da9ee08789261255e0914cd33cc0f28c04e6c0b0dc05c

Request headers

Referer
Origin
https://tiktok-flow.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:29 GMT
x-mg-request-uuid
474671db-fec9-40e6-a18f-e0eec969ebd7
age
3351733
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab610df0c09695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16564
server
cloudflare
i.js
cm.adskeeper.com/ 		19 B
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1636450682684792567866
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 09 Nov 2021 09:38:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab610deee042175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.com/ Frame 2019 		19 B
99 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1636450682700449099604
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 09 Nov 2021 09:38:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab610defe112175-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
c
c.adskeeper.com/ 		43 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRPNXgrXCSQ_SgiryVlBKt2kqO6xDH9ZSYmnEZ8Gp-coe&fw=1&extjs=66044&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRP651NQaXJ5KdQ6BKYI1yLQVrzWbybDDTAcp0io1VcuL&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRL3iygUlvJ-7tK7JSg0_qmEsP585VuSqP1b9pO63RSU4&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRGS6lggPSuaRCpmJgh5E-pYkV3MHF9mxAO5vD2XYsQLG&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRP_3gjeRoAzXLIGM_XPeCwfPA9PhZI9_yge4imj6315Q&v=380|290|8|Sq24dxMBGvhd_tPNrfLwRK6e4qqaenZrhfGO_bkQNb8XTiTWLfxA46YjEzowBrYd&v=380|290|24|Sq24dxMBGvhd_tPNrfLwRIgJuZOgry6gfsAnIqXTO_Ssa_ooFx9EQBcrc06_Jsa1&v=380|290|40|Sq24dxMBGvhd_tPNrfLwRLpzP2aYPCPYCDm5zvySMFXHBbQnGct3Ov07FwdpFMlL&v=380|290|24|Sq24dxMBGvhd_tPNrfLwRAve5bAEZxrLewk2Q9AoTjJpBsW83_wthRcudKQCt6Yy&v=380|290|40|Sq24dxMBGvhd_tPNrfLwRFi61rgS5PAoAaHZs3yNiiq4xIYGd4uHQVqbf9hQXaaU&v=380|290|40|Sq24dxMBGvhd_tPNrfLwRIEVJHYIR1Gz1H1ycX4BIl9lG3e0YUQOb4mlw78JCz6H&v=380|290|24|Sq24dxMBGvhd_tPNrfLwRCpfA1GcFpgiSdmT_n6TjrguTzxL1Ui7gtshT9e0JqwE&cid=1192426&h2=0f88f5SrAhnvrKlGfizmWqpm_GF0TEd5Cf4GZj2LeCU*&rid=bbcb8cbe-4140-11ec-901e-d0946675f626&tt=Referral&ts=4_b_356183_b_29_b_NL_b_2201_b_45&psid=4_b_356183_b_29_b_NL_b_2201_b_45&iv=11&pageImp=1&pvid=17d040fc667a7701cd1&cbuster=163645068390336676490&tpl=0
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/t/i/tiktok-max.com.1192426.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:03 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
cb891546-666e-417e-89ba-b206d73e8706
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab610e67dc34edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
js
www.google-analytics.com/gtm/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TKD93QZ&t=gtm4&cid=801997993.1636450684
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c39b85c2da13a0e21e29184fe24e8ea2c04b28c080da549fd8cf441b26c1f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:38:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35191
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Nov 2021 09:38:04 GMT
collect
www.google-analytics.com/j/ 		2 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1535302289&t=pageview&_s=1&dl=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&ul=en-us&de=UTF-8&dt=Locked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1447937058&gjid=604363341&cid=801997993.1636450684&tid=UA-68071406-7&_gid=1028414132.1636450684&_r=1&gtm=2wgb80WTD3HGW&z=582947068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 09:38:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tiktok-flow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1535302289&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&ul=en-us&de=UTF-8&dt=Locked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=extraTimeout&ea=request&el=0&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=801997993.1636450684&tid=UA-68071406-7&_gid=1028414132.1636450684&gtm=2wgb80WTD3HGW&z=477615086
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 12:02:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77711
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1806c5b24cf5737715f48b9ccc43380702981e1abfb2ac4ce74c30d26b74cf8a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/avif
truncated
/ 		331 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/jp2
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68071406-7&cid=801997993.1636450684&jid=1447937058&gjid=604363341&_gid=1028414132.1636450684&_u=aGDAAEACQAAAAC~&z=2135728665
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Nov 2021 09:38:04 GMT
content-type
text/plain
access-control-allow-origin
https://tiktok-flow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1535302289&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&ul=en-us&de=UTF-8&dt=Locked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page&ea=scroll&el=25&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=801997993.1636450684&tid=UA-68071406-7&_gid=1028414132.1636450684&gtm=2wgb80WTD3HGW&z=927795137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 12:02:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77711
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
35830097a60831723c
marshalltrack.com/h/ 		514 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://marshalltrack.com/h/35830097a60831723c?url=https%3A%2F%2Ftiktok-flow.com%2Fmtion%2Fak9.php%3Fsrc_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_medium%3DUnicornD%26utm_source%3D4_b_356183_b_29_b_NL_b_2201_b_45%26utm_campaign%3D4_b_356183%26utm_content%3Dd%26campaign_id%3D4_b_356183_b_29_b_NL_b_2201_b_45%26creativity_id%3D1%26click_id%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222%26clickId%3Dpush_20211109093800_6787c647_9734_494e_8662_fb06f8019222&response-opticks-version=v3&_t0=1636450681995&_t1=1636450684793&_t2=1636450684793&_optftpHspmceixp=c319bd26&_m=1uc&src_id=4_b_356183_b_29_b_NL_b_2201_b_45&utm_medium=UnicornD&utm_source=4_b_356183_b_29_b_NL_b_2201_b_45&utm_campaign=4_b_356183&utm_content=d&campaign_id=4_b_356183_b_29_b_NL_b_2201_b_45&creativity_id=1&click_id=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&clickId=push_20211109093800_6787c647_9734_494e_8662_fb06f8019222&var1=4_b_356183_b_29_b_NL_b_2201_b_45&version=v3&ap=1
Requested by
Host: marshalltrack.com
URL: https://marshalltrack.com/j/35830097a60831723c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
ac0291ff97cdcb073b7e8255dd94d264be7c0063dce9cf91044f185bcb1c4e31

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 09:38:04 GMT
Server
Jetty(9.4.z-SNAPSHOT)
Vary
Accept-Encoding, User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Content-Length
514

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| qs string| campaign_id undefined| utm_term undefined| seen function| blockReferrer function| redirectToBidder function| loadBidderUrl function| loadImg function| objToQs function| getQsObj function| strReplace object| Cookies function| P8BB boolean| optLoaded string| s1 number| chromeVersion object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mgIntExchangeNews object| AdskeeperInfC1192426 function| AdskeeperCContextBlock1192426 function| AdskeeperCMainBlock1192426 function| AdskeeperCInternalExchangeBlock1192426 function| AdskeeperCRejectBlock1192426 function| AdskeeperCInternalExchangeLoggerBlock1192426 function| AdskeeperCObserverBlock1192426 function| AdskeeperCSendDimensionsBlock1192426 function| AdskeeperCRtbBlock1192426 function| AdskeeperCContentPreviewBlock1192426 function| AdskeeperCResponsiveBlock1192426 boolean| mg_loaded_729326_1192426 object| onClickExcludes function| mgReject1192426 function| mgLoadAds1192426_13053 function| AdskeeperCReject1192426 function| AdskeeperLoadGoods1192426_13053 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint729326 string| _mgPvid boolean| _mgPageView729326 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp729326 object| gaplugins object| gaGlobal object| gaData object| google_optimize

11 Cookies

Domain/Path Name / Value
.track.cpa-optimizer.online/ Name: 15GtmVo
Value: 20211109091636451335858
.track.cpa-optimizer.online/ Name: _pc_lc_id
Value: 15GtmV
.track.cpa-optimizer.online/ Name: peerclickcid
Value: a64f55b43ff4113cf7c34107c19fbbc4-4888-1109
.track.cpa-optimizer.online/ Name: _norg
Value: 1
tiktok-flow.com/ Name: campaign_id
Value: 4_b_356183_b_29_b_NL_b_2201_b_45
servicer.adskeeper.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.adskeeper.com/ Name: muidn
Value: la92gk0AyBC1
tiktok-flow.com/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1192426%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636450682659%7D%7D
.tiktok-flow.com/ Name: _ga
Value: GA1.2.801997993.1636450684
.tiktok-flow.com/ Name: _gid
Value: GA1.2.1028414132.1636450684
.tiktok-flow.com/ Name: _gat_UA-68071406-7
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: https://x4k0a.premium-messages.com/lp/skip-lp/index-newv2.html?tag=500329&tag1=ADK&tag2=16332353&tag3=500329&tag4=ADK&clickid=d9eb0jqaqkvrwfm5a&country={country}&affid=500329&subid=16332353&as=adk
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bidder.trktax.xyz
c.adskeeper.com
cdn.adskeeper.co.uk
clk.wbidder.online
cm.adskeeper.com
crtv.wboptim.online
hobstercube.xyz
images.taboola.com
jsc.adskeeper.com
marshalltrack.com
pixel.pushground.com
poisism.com
pushism.com
s-img.adskeeper.com
servicer.adskeeper.com
stats.g.doubleclick.net
tiktok-flow.com
tiktok-gw.com
track.cpa-optimizer.online
wbidder.online
wbidr.com
www.google-analytics.com
www.googletagmanager.com
x4k0a.premium-messages.com
104.18.17.65
104.19.132.80
104.21.62.113
104.21.69.117
104.21.87.180
151.101.193.44
213.227.145.137
213.227.149.216
2606:4700:3031::6815:204e
2606:4700:3034::ac43:a772
2606:4700:3036::ac43:d5e4
2a00:1450:4001:802::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c08::9a
2a03:b0c0:3:d0::1114:8001
37.48.112.55
5.79.72.207
62.212.87.165
62.212.87.243
95.211.197.111
15d014bcd8206d995177a18096bf47a471421ecddc31f41c2e79a8f1ff8a02c8
1806c5b24cf5737715f48b9ccc43380702981e1abfb2ac4ce74c30d26b74cf8a
1e6ace966094dd267ea72d018eb95dd73104a8f791f2eaec0a95d9e7d1eca1ce
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33f8312d82f828550376e12061c188776afba270065de644c1391cd0bbd0f182
3689618df5e2a98d0b3c626ecedd5ae31a2ce480bda98cf6852f34924e915567
3806acbd79e4f8cec1110a4cd678277ff86f50dd4f9ca9ca51423aeefa9a5786
3a5ea99d8e6b5edf9819a5d69940f8e42b65ad2edb9969fedc0142b10dd02407
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3ca223b68965f7d2a44da9ee08789261255e0914cd33cc0f28c04e6c0b0dc05c
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48ba395cc577fa83ac2a96ad9231c97127e72d64d5055d6d8356bb15e7dbdd91
4f510879a8fe2b3457886dd5e9c121e9efcdfc3e7804d679b83d217a41b9994d
5e66a938e31df083b587e908bc285ff0dec020e6347e7a579a10f7e222e78356
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87faac009736f51626c86732ab78891c75573796de8dd41af947aac639c0f226
8803d6940ec3a25566da88341f5772793b638ae3b2e22e5b44c71e43f20e3581
8b44814db73b769ecba53ed6c62f1465290a19df812c1b88b526b67634a1075a
92fe2026d41cbdb7bca98db4f7a6b50b37d19dcf0e6232dba5ce61a41a98a142
962ed0f002965266d58aa278365329b7197ea91726dcc06c1423b99606f122e6
966d55c803c231c8840a9b02798052ad467038d99779f2d23d2c2900f6b71973
9c39b85c2da13a0e21e29184fe24e8ea2c04b28c080da549fd8cf441b26c1f22
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813
a522c0011a8d70d3aa5107a412cfc76cdffc20037fdc4abf2a89cb4e7ade0c3a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac0291ff97cdcb073b7e8255dd94d264be7c0063dce9cf91044f185bcb1c4e31
afe89fa0439048758f5445bdda63b19c4026b6a85a768c915f74faac741d7c8f
b0ad70cebcbab28ebb7400a3f4b4801c37410e3db4e2111f43fce515addd6075
b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476
ba8b64c8fb3414ae8bcdc71a9519bbe33a54c880a523bc5911f36f51ec947261
c3da621d50b4b862fcb5815e2a176d90e14fcd262c32573064411eb9243bbb06
d0f365f4637cb6affcc024e62d7d426a3db7d8ef0b76cfa87ea8fd4bedd58416
d7297a6205d0e970cfe0bf1a987a68eb769094a1878f8cad4529d049c49d0456
dc31c851034d9b89abfb2feb1565c8b2b036acee2b6b5adff6a37c5737d04110
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1dc208be2ce814347311e1434b9d09a4d7a40d7504d9f94cf5d98a5aa1f13f9
fdd3014848a6ec682daf4af484d6360279976d99deb9f3afc1693aa5739488a5