urlscan.io logo urlscan.io
SecurityTrails logo

lightik.org Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7...
Submission: On December 25 via manual from MX — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 19 domains to perform 51 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is lightik.org.
TLS certificate: Issued by GTS CA 1P5 on December 10th 2023. Valid for: 3 months.
This is the only time lightik.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 88.208.22.4 39572 (ADVANCEDH...)
3 45.133.44.3 39572 (ADVANCEDH...)
3 2a00:1450:400... 15169 (GOOGLE)
7 45.133.44.53 39572 (ADVANCEDH...)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a01:4f8:1060... 24940 (HETZNER-AS)
2 157.90.84.242 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
2 2a01:4f8:c0:2... 24940 (HETZNER-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 94.130.198.6 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:b48:8300... 39572 (ADVANCEDH...)
1 88.208.22.3 39572 (ADVANCEDH...)
51 21
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
lightik.org
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    88.208.22.4 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
bobabillydirect.org
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
f.lightik.org
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
a50f745777.6061de8597.com
js.capndr.com
2aab26b1d8.79383a549a.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
6    2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpforever.com
c43295af7f.6d3f3332fd.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
mcpuwpsh.com
3    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    94.130.198.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.198.130.94.clients.your-server.de
nereserv.com
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a02:b48:8300::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
1    88.208.22.3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: mail.armadaboard.com
29384.fasthypenews.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
4 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 40045
4 KB
4 6d3f3332fd.com
c43295af7f.6d3f3332fd.com
4 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 6061de8597.com
a50f745777.6061de8597.com
175 KB
4 lightik.org
lightik.org
f.lightik.org
208 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
236 KB
2 mcpuwpsh.com
mcpuwpsh.com — Cisco Umbrella Rank: 52970
14 KB
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 41404
432 B
2 ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 48214
238 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 capndr.com
js.capndr.com — Cisco Umbrella Rank: 37794
9 KB
1 fasthypenews.com
29384.fasthypenews.com
2 KB
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 38773
201 B
1 79383a549a.com
2aab26b1d8.79383a549a.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 34059
903 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 bobabillydirect.org
bobabillydirect.org — Cisco Umbrella Rank: 123098
6 KB
51 19
Domain Requested by
7 pagead2.googlesyndication.com lightik.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 static.bookmsg.com a50f745777.6061de8597.com
4 c43295af7f.6d3f3332fd.com a50f745777.6061de8597.com
4 a50f745777.6061de8597.com lightik.org
a50f745777.6061de8597.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 accounts.google.com 2 redirects lightik.org
3 www.googletagmanager.com lightik.org
www.googletagmanager.com
3 f.lightik.org lightik.org
2 mcpuwpsh.com js.capndr.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fp.metricswpsh.com a50f745777.6061de8597.com
2 ntvpforever.com a50f745777.6061de8597.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
2 js.capndr.com a50f745777.6061de8597.com
1 29384.fasthypenews.com bobabillydirect.org
1 www.google.com tpc.googlesyndication.com
1 nereserv.com a50f745777.6061de8597.com
1 2aab26b1d8.79383a549a.com a50f745777.6061de8597.com
1 storage.multstorage.com a50f745777.6061de8597.com
1 www.facebook.com lightik.org
1 bobabillydirect.org lightik.org
1 lightik.org
51 23

This site contains no links.

Subject Issuer Validity Valid
lightik.org
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bobabillydirect.org
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
f.lightik.org
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a50f745777.6061de8597.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-03 -
2024-01-01		 3 months crt.sh
js.capndr.com
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
notification.tubecup.net
R3		 2023-12-19 -
2024-03-18		 3 months crt.sh
2aab26b1d8.79383a549a.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
puwpush.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
6d3f3332fd.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static.bookmsg.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.fasthypenews.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Frame ID: 0EFA09A7C8E569C002E60F6F4A1B5934
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 7F51E004E66C84ABB230023B7E742632
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: A8B5EF1EF73A16BF374BF5ED5C80B354
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6054734899255306&output=html&adk=1812271804&adf=3025194257&lmt=1703490067&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_r&format=0x0&url=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703490067279&bpp=2&bdt=175&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=663828489995&frm=20&pv=2&ga_vid=1989544792.1703490067&ga_sid=1703490068&ga_hid=676478040&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320885&oid=2&pvsid=2041208846760451&tmod=970327684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: F74D5D3972ED9FF7B99233863DC257E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B9B871F538F3659C9BB4A39FF112F52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19A8FF91FA87B8181EDEA841EE004528
Requests: 2 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: 8AD5E273399994D2239CF31845A00CD8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

paula💜 @paaularruizz TikTok #7239842305421675803 | LighTik

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

98 %
HTTPS

70 %
IPv6

19
Domains

23
Subdomains

21
IPs

4
Countries

912 kB
Transfer

2422 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1xp1NUtxIGOu3-QBfgs-0hcBJ-iZoGt1d5psAqJI39-2FVYZmGwwmLS-dTJk_vfHAc8HJ4Eg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp36N86FdTYH5NW0bz0k62dLCkHpGmWa68jA2T27rimg4mDT93OMgXTOqkQdZf4AXfRvpvwjkQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587684926%3A1703490067475569&theme=glif

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
lightik.org/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6894527a2427f0404828d48015132d8ba81de3fa6412ce5637e12a799b516b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83af70970cf36f40-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Dec 2023 07:41:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcqDwA4HTLviBk09av0U7T8aSn0hTbzSuAyHkbGNhm%2BFWMiQHT2HGmi49pQT2UpA%2Bofh3axHz8xlfQo4dfiPFgOKIbLsWj3aEVN0fiNDNBphAIovHN1iT87JTBiu2kb2KzGw7S1MSk5B%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6054734899255306
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
467f2408861fef97999e857360726a208883f61b9cf9b45930bed5385f4f713a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightik.org/
Origin
https://lightik.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51278
x-xss-protection
0
server
cafe
etag
9161850619800246779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 07:41:07 GMT
208473
bobabillydirect.org/v3/a/pop/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bobabillydirect.org/v3/a/pop/js/208473
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.4 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d4e3c89719db7f5e70af3d60a105a293bf063ef4858496b978e0df22671f11b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
referrer-policy
unsafe-url
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age
86400
accept-ch-lifetime
31536000
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
6109
7239842305421675803.jpg
f.lightik.org/watermark/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.lightik.org/watermark/7239842305421675803.jpg
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ca6ffbff39253483471760d3e1e9e264af7942bc5ec6a500b35632e85d3ea3d6
Security Headers
Name Value
Strict-Transport-Security max-age=10368000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Mon, 25 Dec 2023 07:41:07 GMT
strict-transport-security
max-age=10368000
x-openstack-request-id
tx0706213cfe484c8bab607-00649ef92c
content-length
90501
x-trans-id
tx0706213cfe484c8bab607-00649ef92c
last-modified
Fri, 02 Jun 2023 02:14:36 GMT
server
nginx/1.22.1
etag
c55aeb87142297aabbd4a4dfdcabd108
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-timestamp
1685672075.32422
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires
Tue, 24 Dec 2024 07:41:07 GMT
paaularruizz.jpg
f.lightik.org/nowatermark/authors/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.lightik.org/nowatermark/authors/paaularruizz.jpg
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
753a0da7482888b7520836c193384bbce2db324cfa4a932dbce42227150a4385
Security Headers
Name Value
Strict-Transport-Security max-age=10368000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Mon, 25 Dec 2023 07:41:07 GMT
strict-transport-security
max-age=10368000
x-openstack-request-id
tx01833160d3b3476588fa6-00649c592a
content-length
115477
x-trans-id
tx01833160d3b3476588fa6-00649c592a
last-modified
Mon, 29 May 2023 21:47:29 GMT
server
nginx/1.22.1
etag
329462ad179bbfaac5fed85cbc71ac88
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-timestamp
1685396848.39686
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires
Tue, 24 Dec 2024 07:41:07 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-48STG2W3NF
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c47ec8837d1257e2ec6b7fd86436b27e48c5961a4f384951a13f3d08743aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90847
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 07:41:07 GMT
7239842305421675803.mp4
f.lightik.org/watermark/ 		69 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://f.lightik.org/watermark/7239842305421675803.mp4
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10368000

Request headers

Referer
https://lightik.org/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-proxy-cache
HIT
date
Mon, 25 Dec 2023 07:41:07 GMT
strict-transport-security
max-age=10368000
x-openstack-request-id
txaae629379f964045b3530-0064a1093a
Content-Range
bytes 0-1380509/1380510
x-trans-id
txaae629379f964045b3530-0064a1093a
Content-Length
1380510
last-modified
Sat, 01 Jul 2023 15:22:19 GMT
server
nginx/1.22.0
etag
77ef4354208743a16cb35c5f3ca135bc
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
x-timestamp
1688224938.02148
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=31536000
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires
Tue, 24 Dec 2024 07:41:07 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
10ccb943337bfaca37ad479bb71be6d3.js
a50f745777.6061de8597.com/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aec54246c2274c419338aca4597d7667885459ef8870d622f5a1e22b293f9421

Request headers

Referer
https://lightik.org/
Origin
https://lightik.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 25 Dec 2023 07:46:07 GMT
date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
last-modified
Fri, 22 Dec 2023 08:50:53 GMT
server
nginx/1.18.0
etag
W/"65854ded-19740"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
114075
a50f745777.6061de8597.com/8586a2e3c5b1254de25cb8d058d06c3c/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a50f745777.6061de8597.com/8586a2e3c5b1254de25cb8d058d06c3c/114075?version_name=b
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e7a9ce4c535be2ab92ebc1b5aaa8e17097ec31bcba0ffa7ec9352365e886624e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Dec 2023 07:41:07 GMT
cache-control
max-age=300
x-proxy-cache
MISS
server
nginx/1.18.0
content-type
application/json
expires
Mon, 25 Dec 2023 07:46:07 GMT
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 25 Dec 2023 07:46:07 GMT
date
Mon, 25 Dec 2023 07:41:07 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-158291813-8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48STG2W3NF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ac487c72577c70da1f6dcbb13d63d327b75036d83317823352a3af0cfd8e7a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68982
x-xss-protection
0
last-modified
Mon, 25 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Dec 2023 07:41:07 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-48STG2W3NF&gtm=45je3bt0v897481499&_p=1703490067115&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989544792.1703490067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703490067&sct=1&seg=0&dl=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&dt=paula%F0%9F%92%9C%20%40paaularruizz%20TikTok%20%237239842305421675803%20%7C%20LighTik&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=312
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48STG2W3NF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lightik.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6054734899255306&plah=lightik.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6054734899255306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
975e92c6a597fda35d16cf6792a67f90ad0349e8966086a6fb74af445972873e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
8809104531066058668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 07:41:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 7F51 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6054734899255306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightik.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
36681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:29:46 GMT
etag
5585625838579639069
expires
Sun, 07 Jan 2024 21:29:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
count.html
storage.multstorage.com/log/ Frame A8B5 		882 B
903 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://lightik.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83af7098fd2365f1-AMS
content-encoding
br
content-type
text/html
date
Mon, 25 Dec 2023 07:41:07 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxN59laO2vUK8mbO4weLN8suBMOXRfdip3v8k9W01MznSRlfh0l5FfWpv%2BfeCOcJsiFTs6zh%2BGo2WRSXnC2fsQXmheZIuSzzja9f1C6dF2bV%2Bg5OPjvVeSSN%2FSiQvMyI23YVSZENFSst1yNq6DZ30E9bvem6iA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
258fc47036165113cf5a44a32f798040
keywords
ntvpforever.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightik.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 25 Dec 2023 07:41:07 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
keywords
ntvpforever.com/ 		15 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8

Request headers

Referer
https://lightik.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
15
track
2aab26b1d8.79383a549a.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2aab26b1d8.79383a549a.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MzA1MTg2MDU2MjkwODE2MDAwIiwidGltZXpvbmUiOjEsInZlciI6IjMuOTcuMCIsInRhZ19pZCI6MTE0MDc1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXVyb3BlL0Ftc3RlcmRhbSIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6InBhdWxhJUYwJTlGJTkyJTlDJTJDJTQwcGFhdWxhcnJ1aXp6JTJDVGlrVG9rJTJDJTIzNzIzOTg0MjMwNTQyMTY3NTgwMyUyQ0xpZ2hUaWslMkNFeHRyYSUyQ2xpZ2h0JTJDc3VwZXIlMkNmYXN0JTJDYW5kJTJDbG93JTJDdHJhZmZpYyUyQ2NvbnN1bWluZyUyQ1Rpa1RvayUyQ2Rvd25sb2FkZXIifQ==
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
build.m.js
js.capndr.com/interstitial-admanager/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/interstitial-admanager/build.m.js
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f18bee78d77d14a269c2a80eff1939bfcb3a7f57ea21e01404ba67a8f7b56ea8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 25 Dec 2023 07:46:07 GMT
date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 10:23:57 GMT
server
nginx/1.18.0
etag
W/"65646e3d-67ab"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
REVALIDATED
57654892de5745266fda822f3cd6f8cc.js
a50f745777.6061de8597.com/ 		151 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a50f745777.6061de8597.com/57654892de5745266fda822f3cd6f8cc.js
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
45e4a9a3ac55d704562bdc2a00b9bddee12ad5dad18d55cf651b9aed91ed6d00

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 25 Dec 2023 07:46:07 GMT
date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 09:58:00 GMT
server
nginx/1.18.0
etag
W/"65840c28-25cda"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114075
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightik.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://lightik.org
Connection
keep-alive
Date
Mon, 25 Dec 2023 07:41:07 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/ 		60 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114075
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/10ccb943337bfaca37ad479bb71be6d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
27d6a2f8b832d831812117afb514463ecf3aa9899644da67b38e16d1df9e2c9b

Request headers

Referer
https://lightik.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 25 Dec 2023 07:41:07 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://lightik.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-819V0WF8DR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158291813-8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59137fb58302367d906b4c2e50136ef422eb2b63c5276b34bf1f08f74b9147ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 07:41:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158291813-8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 06:17:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5003
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Dec 2023 08:17:44 GMT
/
mcpuwpsh.com/get/ 		14 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: js.capndr.com
URL: https://js.capndr.com/interstitial-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b9968bd273f1021e158ccad47d91eee0a62021308940a73a6c4410de6c25cbcb

Request headers

Referer
https://lightik.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
14141
/
mcpuwpsh.com/get/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightik.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 25 Dec 2023 07:41:07 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
75c78f9b43752d29ffcd33b7bea1425d.js
a50f745777.6061de8597.com/ 		414 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a50f745777.6061de8597.com/75c78f9b43752d29ffcd33b7bea1425d.js
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/57654892de5745266fda822f3cd6f8cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
72d3ca0f368dbab4590a99de5b48237457ecd7d912a93edfb83db49c55f2fcf3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 25 Dec 2023 07:46:07 GMT
date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 10:01:57 GMT
server
nginx/1.18.0
etag
W/"6582bb95-6768c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1xp1NUtxIGOu3-QBfgs-0hcBJ-iZoGt1d5psAqJI39-2FVYZmGwwmLS...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp36N86FdTYH5NW0bz0k62dLCkHpGmWa68jA2T27rimg4mDT93OMgXTOqkQdZf4AXfRvpvwjkQ&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp36N86FdTYH5NW0bz0k62dLCkHpGmWa68jA2T27rimg4mDT93OMgXTOqkQdZf4AXfRvpvwjkQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587684926%3A1703490067475569&theme=glif
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H3
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Dec 2023 07:41:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-G-o3EvhRDhG9iWTk7vGz_w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp36N86FdTYH5NW0bz0k62dLCkHpGmWa68jA2T27rimg4mDT93OMgXTOqkQdZf4AXfRvpvwjkQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587684926%3A1703490067475569&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=676478040&t=pageview&_s=1&dl=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&ul=en-us&de=UTF-8&dt=paula%F0%9F%92%9C%20%40paaularruizz%20TikTok%20%237239842305421675803%20%7C%20LighTik&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1291512159&gjid=568487562&cid=1989544792.1703490067&tid=UA-158291813-8&_gid=1126680686.1703490067&_r=1&gtm=457e3bt0z8897481499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=466380989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lightik.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lightik.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=e3bd5386-248a-4859-a66a-4edcf75cced6&subid=1683636215&sid=2658412863&spot_id=418864&created_at=2023-12-25&timezone=1&ver=8.130.0&is_native=1
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/57654892de5745266fda822f3cd6f8cc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.198.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
c43295af7f.6d3f3332fd.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c43295af7f.6d3f3332fd.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lightik.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 25 Dec 2023 07:41:07 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
multy
c43295af7f.6d3f3332fd.com/in/ 		41 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c43295af7f.6d3f3332fd.com/in/multy
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/57654892de5745266fda822f3cd6f8cc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
43a52ee06ff574d6a3c88c09567eae4bf2629550fe108fa29dc54c6ab7930277

Request headers

Referer
https://lightik.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:08 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3685
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-819V0WF8DR&gtm=45je3bt0v9114448016&_p=1703490067115&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989544792.1703490067&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703490067&sct=1&seg=0&dl=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&dt=paula%F0%9F%92%9C%20%40paaularruizz%20TikTok%20%237239842305421675803%20%7C%20LighTik&en=page_view&_fv=1&_ss=1&tfd=450
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-819V0WF8DR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lightik.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F74D 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6054734899255306&output=html&adk=1812271804&adf=3025194257&lmt=1703490067&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_r&format=0x0&url=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703490067279&bpp=2&bdt=175&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=663828489995&frm=20&pv=2&ga_vid=1989544792.1703490067&ga_sid=1703490068&ga_hid=676478040&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320885&oid=2&pvsid=2041208846760451&tmod=970327684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6054734899255306&plah=lightik.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightik.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 07:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: lightik.org
URL: https://lightik.org/paula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia:7239842305421675803
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6054734899255306&plah=lightik.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b7e8410c094fec60c02a63160f55f973a2aadac77d54fba6f446ece52c195ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11955
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6054734899255306&plah=lightik.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 07:41:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B9B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lightik.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
25535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 00:35:32 GMT
expires
Tue, 24 Dec 2024 00:35:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 19A8 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d43ee2987ff00a060a97f19e2bc5315edf63fe6a9ecad5a754e151bb5c164c2d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_gALw8j_xT9dJW3UH9PT7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lightik.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_gALw8j_xT9dJW3UH9PT7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 07:41:07 GMT
expires
Mon, 25 Dec 2023 07:41:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0B9B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 00:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 00:00:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 19A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2041208846760451&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0B9B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1Rs9Tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.01&cpa=057ff7d0-cbe9-47c3-b67c-f57fed40a88a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 07:41:08 GMT
date
Mon, 25 Dec 2023 07:41:08 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 07:41:08 GMT
date
Mon, 25 Dec 2023 07:41:08 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
c43295af7f.6d3f3332fd.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c43295af7f.6d3f3332fd.com/in/show/?tag_ab=b&site_id=31418864&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&refdom=lightik.org&auction_time=1703490067&subid=1683636215&sid=2658412863&tcid=0&ver=8.130.0&ver_c=&spot_id=418864&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-25&iabcat=IAB25-3&keywords=&user_fp=14869127312487251693&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1683636215%26spot_id%3D418864%26is_adult%3D1%26p%3Dhttps%253A%252F%252Flightik.org%252Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%253A7239842305421675803%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fvjxxx.com%2Fcheck-check-bots%3Furl%3Dhttps%253A%252F%252Fimpactserving.com%252FRedirect.eng%253FMediaSegmentId%253D55011%2526dcid%253D3_ctx_e7772604-49e7-4a40-93ee-9dda47ee7619%2526vmId%253D00000000-0000-0000-0000-000000000000%2526abr%253Dfalse%2526timeZoneOffset%253D%2526v%253Dd0PY7te-u7wc3jz7vrh9Z4uwlqMjl8EBETuJ0hAQh27rgtlcYR9QAtuA19Is-zTrqiuzwWfQzgKwVVypTuudwDKrec2Bz2pHejo8eu-BtTsaxJKG6mOlo7Ve0et8AmRCx3qxeOBY1QDW_VXWyw4QdRm_3JDiKxNQCd36Bh8OnkVDsFlb6VIVSQYi44Cc7DttOdhWHjlU5jl8i9gqNsjAmETuYrhlMIigzKJJvaDb6Wgj2P7gPQdNx99HWge7oRWtzhgnN-HzQhphKgMhYjOYTcwB45dL_iRgbPDGbh4YGsjnUQWpJksuo8uPgKzgZJXOt_9yGjsNpT0zBb2IF52skqyxUE9odFrk5UwSqoLfiTa71mX2bvacje4d3RNucmEQ4RdxHwMvXTwcxlX-4rruchQe7-aNW4CRSRprTKQ7Gm5iVJy20VCgeJo5_vwslIxOOmJgBlm9lUuXDU3k5S0lgZoJNwRwG8ajk3IuyXfn0V0eNDprQOeUUp98mwGpN-TEv-0NFsVvSiNnkEvt93TazvXapytzGftNGkAfew14n75L5snlV7dwkpc66bVxxZf7uBm87R3DO5uSNoLrHmRp4sLqgTcLBgaz92SgVM_sqGLfw3IeIr-XlDk6IPtcphiHKqSByIioQoHQ__xpiM2yzxyc62yUagUT7GxImDE0BRHHTS2qryPXXqqpdN2c0dtuMjyUe0HccO0GU_78ZkVrwcybDCSuaRjpeq9FCumvnzF9Uzqsrl6csw3jahUzcmU5qvvgrxrWQKesn52ask9NNSG6CkxXa9_cXNVxrhHgTMw5JepYqq8VcIazsnH3xuK6F9Lsqxo6i2UQegxc9bCHSAmBNdif23Lwrr6jmvktwnfZ5BPSuxS1NsZOFqo5JUWkjnxu3jffe9AwtuNZCrRymKqq6XnVg3QnzGsHBJI1QMsM0V5ovAaDGn8TfasG-L-VqyOuioBUv0wV2IMztVCV6U8GDQQJ23dga3q1bRfo4lhzyd4446OK-BDjvmo5CuU5qXEstLNb6mmxMrKa_8E79Q2%2526kw%253D%2526mw%253D1024%2526mh%253D768%2526xml%253D1&icons=djx_heumNCXeL4EEHqwemeA3716u0BqJDrFLqu04qTo7scBq6kH1MjKILSxA83XMTMWHTXwH61n2jYjCdx2HcwybozDNCbMd-Gvo95jiUa792LuyYGOiMWhGdu14e9_RB9Ym2t2IaUzkf7Qj2pNUpz8_Rm6sTmccV4paw7yjhg9gQv90RA&ext_cid=0&px_id=55418864&min_cpm=0.028301396104924544&out_id=1&campaign_type=lq-pop&aid=352&cid=15019&uniq=&mid=7253705533118468924&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.06727745031040154&cpm=0&verify_hash=b38c4cf2cc02c096ce85a953aa48f376&is_native=2&real_bid=0.0013711680364608863&original_bid_usd=0.00216&original_bid=0.00216&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2001:1af8:4700:a08a:4::15&geo=NL&carrier=-&label_ids=27,93,108,0,4,89&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.00216&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000216&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.01&cpa=8e0db199-b2c6-466f-83a4-1df645d15d24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:08 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 8AD5 		790 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: a50f745777.6061de8597.com
URL: https://a50f745777.6061de8597.com/57654892de5745266fda822f3cd6f8cc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 07:41:08 GMT
date
Mon, 25 Dec 2023 07:41:08 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
truncated
/ Frame 8AD5 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 8AD5 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&st=0.01&cpa=7effe3e3-e720-4054-9607-e29f85be0379
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 07:41:08 GMT
date
Mon, 25 Dec 2023 07:41:08 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
c43295af7f.6d3f3332fd.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c43295af7f.6d3f3332fd.com/in/show/?tag_ab=b&site_id=31418864&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&refdom=lightik.org&auction_time=1703490067&subid=1683636215&sid=2658412863&tcid=0&ver=8.130.0&ver_c=&spot_id=418864&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-25&iabcat=IAB25-3&keywords=&user_fp=14869127312487251693&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1683636215%26spot_id%3D418864%26is_adult%3D1%26p%3Dhttps%253A%252F%252Flightik.org%252Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%253A7239842305421675803%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fvjxxx.com%2Fcheck-check-bots%3Furl%3Dhttps%253A%252F%252Fimpactserving.com%252FRedirect.eng%253FMediaSegmentId%253D55011%2526dcid%253D3_ctx_e7772604-49e7-4a40-93ee-9dda47ee7619%2526vmId%253D00000000-0000-0000-0000-000000000000%2526abr%253Dfalse%2526timeZoneOffset%253D%2526v%253Dd0PY7te-u7wc3jz7vrh9Z4uwlqMjl8EBETuJ0hAQh27rgtlcYR9QAtuA19Is-zTrqiuzwWfQzgKwVVypTuudwDKrec2Bz2pHejo8eu-BtTsaxJKG6mOlo7Ve0et8AmRCx3qxeOBY1QDW_VXWyw4QdRm_3JDiKxNQCd36Bh8OnkVDsFlb6VIVSQYi44Cc7DttOdhWHjlU5jl8i9gqNsjAmETuYrhlMIigzKJJvaDb6Wgj2P7gPQdNx99HWge7oRWtzhgnN-HzQhphKgMhYjOYTcwB45dL_iRgbPDGbh4YGsjnUQWpJksuo8uPgKzgZJXOt_9yGjsNpT0zBb2IF52skqyxUE9odFrk5UwSqoLfiTa71mX2bvacje4d3RNucmEQ4RdxHwMvXTwcxlX-4rruchQe7-aNW4CRSRprTKQ7Gm5iVJy20VCgeJo5_vwslIxOOmJgBlm9lUuXDU3k5S0lgZoJNwRwG8ajk3IuyXfn0V0eNDprQOeUUp98mwGpN-TEv-0NFsVvSiNnkEvt93TazvXapytzGftNGkAfew14n75L5snlV7dwkpc66bVxxZf7uBm87R3DO5uSNoLrHmRp4sLqgTcLBgaz92SgVM_sqGLfw3IeIr-XlDk6IPtcphiHKqSByIioQoHQ__xpiM2yzxyc62yUagUT7GxImDE0BRHHTS2qryPXXqqpdN2c0dtuMjyUe0HccO0GU_78ZkVrwcybDCSuaRjpeq9FCumvnzF9Uzqsrl6csw3jahUzcmU5qvvgrxrWQKesn52ask9NNSG6CkxXa9_cXNVxrhHgTMw5JepYqq8VcIazsnH3xuK6F9Lsqxo6i2UQegxc9bCHSAmBNdif23Lwrr6jmvktwnfZ5BPSuxS1NsZOFqo5JUWkjnxu3jffe9AwtuNZCrRymKqq6XnVg3QnzGsHBJI1QMsM0V5ovAaDGn8TfasG-L-VqyOuioBUv0wV2IMztVCV6U8GDQQJ23dga3q1bRfo4lhzyd4446OK-BDjvmo5CuU5qXEstLNb6mmxMrKa_8E79Q2%2526kw%253D%2526mw%253D1024%2526mh%253D768%2526xml%253D1&icons=2Af0cMR_exPzJkKtiDqz7PLi7e8ae9otI4ARakjK8G-wnuJaHeinxL-RRgSPsfIrSWvtTYxhDZW3MOjPIQTZIp0bwfEZHheMv6-dd5U48mBhP0MqzcWSFsBEbkOwG89zli-0xufphZVOa30k8ywsgnzaNSiJSyy9PoYmBNqs-lvn9IRP9w&ext_cid=0&px_id=55418864&min_cpm=0.028301396104924544&out_id=0&campaign_type=lq-pop&aid=352&cid=15019&uniq=&mid=7253705533118468924&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.06727745031040154&cpm=0&verify_hash=b38c4cf2cc02c096ce85a953aa48f376&is_native=2&real_bid=0.0013711680364608863&original_bid_usd=0.00216&original_bid=0.00216&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2001:1af8:4700:a08a:4::15&geo=NL&carrier=-&label_ids=4,27,93,108,0,89&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.00216&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000216&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&st=0.01&cpa=9a654798-e872-4c17-9f9b-2aff10572ea2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 07:41:08 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2041208846760451&bg=!w8ClwI_NAAY3kmNgF5I7ADQBe5WfOA08-D9D73H-GyWcI9G7jXcfLsgPAhmZRNTPT4AbixuxXFfw23sQ5vcsmnhaCjScAgAAAEBSAAAAAmgBB5kC_4Oc0ZcfM8eElPqLQQdkMOj0AOIdMOiKnLibZjQPm8gIxlvUGuaEW3Ae7QaI1-FqiOMBMD8g52VG57Y8NI5BMnoFfP0bsHgqGXTcgMsTSnWnajXKl4G8xlvl-mCxac9ZchocoU89pRW-tC-kugElEP651l8swjSlSueS4kl7kpM41rFnCAku08i8lU08AQXz-1atIb5iNwYEPRNy0x-c1uWIf0W9qSbErHUNHeu71P3jfkGSX57Qke_YhGDv1n-xhNdLvixmW7vxjMEOZF9j9MFGRQbWSlw8navsuhr8-GIVAlcG3PP6veP-a0yD2fK1DO_AEeW_INwve9IUND5s4Fz_J2jUyCvu4FkaEaUhCOemi12e7rIteV1U7F-LvhFTDPWGj5jTHc85nAv-kzHGF34txE1s04yLVBelxo0q6CNEbzFtb_dKsUqrLO4xNHbZeXPFjeznebfiCnezPylyli6-XFpN68hIuHUAW0Bx_P7pLAMV4m47TBa0rdLq2Hxk6aQocCIYUbfRj8RnL6MQDircuDq_WCN2T4Z3rB_Yiwn2lJhoAWT6iQfKFIreL4w7U2mU44BlWh4nrqMGVocXzJsqmbvLJmwcvxe9Skz7HekLdipGRG1ZbBOtMu9ceTVY7bL1nukghNkx1DXA7vm1CX9h_P8e2o-sH2FON1xI9Mddd7pOzplyeoXxjnfQbXLwisvdvKVXwoIO5llJ4dSM60ZpA7gPwpXiHXWNkz4iXkMJt0dLjRWYv4PnNi_T9jhMOvBRWPldyQ0s4t2RLssylYbpjI22jmlaLyyjt9uHh4iikASCHOTmjMbsHf-3uV5GvY6u4_AgUmC_UazihKYe-78VDHDJ5R6mAvsE7L8R0_JZ3JJ5_VTsSuxWxq5ZBY5M3sAC6c9PvdTTXXNemDnQI-HOGl2E_p34UY5vqIjyAuV82BpMZacbXz3DoQm0PJSaBZqWyZnb0iwFKy0Sa-i3urjzxAz3Q1YLA0gjD7tLVN4udMhurOp26eGf97YnTcZH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
jiBACoQ0NAfmZtdxoEWUMWYX08lW-9CBfPpYfo_FTpdHN8-T8ogD8c6JVYJrL4WckIoOJPUh0fvrRu-3TLC5YS6VmqTCpLiCbQMQLr0jJH5kv85NrtiWSWfjcel6phmSehgtun4
29384.fasthypenews.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://29384.fasthypenews.com/jiBACoQ0NAfmZtdxoEWUMWYX08lW-9CBfPpYfo_FTpdHN8-T8ogD8c6JVYJrL4WckIoOJPUh0fvrRu-3TLC5YS6VmqTCpLiCbQMQLr0jJH5kv85NrtiWSWfjcel6phmSehgtun4?kws=paula%2Cpaaularruizz%2Ctiktok%2Clightik&abl=0&fsb=0&pageUri=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Dec%2025%202023%2008%3A41%3A07%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
Requested by
Host: bobabillydirect.org
URL: https://bobabillydirect.org/v3/a/pop/js/208473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
mail.armadaboard.com
Software
nginx /
Resource Hash
7dc39f7456cca770d83d160382e81ce376b5cd3e742b52f7457da0d456e05d91

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lightik.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:41:10 GMT
content-encoding
gzip
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
last-modified
Mon, 25 Dec 2023 07:41:10 UTC
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lightik.org
accept-ch-lifetime
31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Mon, 25 Dec 2023 07:41:10 UTC

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| R function| X function| gtag object| dataLayer object| clk$prp@kws boolean| clk$prp@abl object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga function| initClickadillaInterstitial object| activesInpages function| __fp-init object| gaplugins object| gaData object| __inpageSkins function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.lightik.org/ Name: _ga_48STG2W3NF
Value: GS1.1.1703490067.1.0.1703490067.0.0.0
.lightik.org/ Name: _gid
Value: GA1.2.1126680686.1703490067
.lightik.org/ Name: _gat_gtag_UA_158291813_8
Value: 1
.lightik.org/ Name: _ga_819V0WF8DR
Value: GS1.1.1703490067.1.0.1703490067.0.0.0
.lightik.org/ Name: _ga
Value: GA1.1.1989544792.1703490067
fp.metricswpsh.com/ Name: id
Value: 17766323029630005112
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp36N86FdTYH5NW0bz0k62dLCkHpGmWa68jA2T27rimg4mDT93OMgXTOqkQdZf4AXfRvpvwjkQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587684926%3A1703490067475569&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6054734899255306&output=html&adk=1812271804&adf=3025194257&lmt=1703490067&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_r&format=0x0&url=https%3A%2F%2Flightik.org%2Fpaula-paaularruizz-ajajaja-esq-tal-cual-fakebodyy-vlc-18-meaburro-examenes-maanaclase-valencia%3A7239842305421675803&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703490067279&bpp=2&bdt=175&idt=229&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=663828489995&frm=20&pv=2&ga_vid=1989544792.1703490067&ga_sid=1703490068&ga_hid=676478040&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C95320885&oid=2&pvsid=2041208846760451&tmod=970327684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29384.fasthypenews.com
2aab26b1d8.79383a549a.com
a50f745777.6061de8597.com
accounts.google.com
bobabillydirect.org
c43295af7f.6d3f3332fd.com
f.lightik.org
fp.metricswpsh.com
googleads.g.doubleclick.net
js.capndr.com
lightik.org
mcpuwpsh.com
nereserv.com
ntvpforever.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.bookmsg.com
storage.multstorage.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
157.90.84.242
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:3032::ac43:ae33
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c09::54
2a01:4f8:1060:13eb::2
2a01:4f8:c0:2306::1
2a02:b48:8300::24
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
45.133.44.3
45.133.44.53
88.208.22.3
88.208.22.4
94.130.198.6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8
0c47ec8837d1257e2ec6b7fd86436b27e48c5961a4f384951a13f3d08743aa5e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d6a2f8b832d831812117afb514463ecf3aa9899644da67b38e16d1df9e2c9b
3f6894527a2427f0404828d48015132d8ba81de3fa6412ce5637e12a799b516b
43a52ee06ff574d6a3c88c09567eae4bf2629550fe108fa29dc54c6ab7930277
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
45e4a9a3ac55d704562bdc2a00b9bddee12ad5dad18d55cf651b9aed91ed6d00
467f2408861fef97999e857360726a208883f61b9cf9b45930bed5385f4f713a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59137fb58302367d906b4c2e50136ef422eb2b63c5276b34bf1f08f74b9147ac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6ac487c72577c70da1f6dcbb13d63d327b75036d83317823352a3af0cfd8e7a9
6b7e8410c094fec60c02a63160f55f973a2aadac77d54fba6f446ece52c195ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72d3ca0f368dbab4590a99de5b48237457ecd7d912a93edfb83db49c55f2fcf3
753a0da7482888b7520836c193384bbce2db324cfa4a932dbce42227150a4385
7dc39f7456cca770d83d160382e81ce376b5cd3e742b52f7457da0d456e05d91
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
975e92c6a597fda35d16cf6792a67f90ad0349e8966086a6fb74af445972873e
aec54246c2274c419338aca4597d7667885459ef8870d622f5a1e22b293f9421
b9968bd273f1021e158ccad47d91eee0a62021308940a73a6c4410de6c25cbcb
ca6ffbff39253483471760d3e1e9e264af7942bc5ec6a500b35632e85d3ea3d6
d43ee2987ff00a060a97f19e2bc5315edf63fe6a9ecad5a754e151bb5c164c2d
d4e3c89719db7f5e70af3d60a105a293bf063ef4858496b978e0df22671f11b7
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
e7a9ce4c535be2ab92ebc1b5aaa8e17097ec31bcba0ffa7ec9352365e886624e
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f18bee78d77d14a269c2a80eff1939bfcb3a7f57ea21e01404ba67a8f7b56ea8