urlscan.io logo urlscan.io
SecurityTrails logo

tik18.org Open in urlscan Pro
2606:4700:3030::ac43:8fad  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tik18.org/
Effective URL: https://tik18.org/
Submission: On January 02 via manual from AR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3030::ac43:8fad, located in United States and belongs to CLOUDFLARENET, US. The main domain is tik18.org.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time tik18.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.21.27.244 (None, )

ASN13335 (CLOUDFLARENET, US)
tik18.org
25    2606:4700:3030::ac43:8fad (United States)

ASN13335 (CLOUDFLARENET, US)
tik18.org
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
26 tik18.org
tik18.org
190 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
304 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
44 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
2 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3634
pixel.wp.com — Cisco Umbrella Rank: 3321
3 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
996 B
52 8
Domain Requested by
26 tik18.org 1 redirects tik18.org
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com tik18.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
tik18.org
googleads.g.doubleclick.net
2 www.googleadservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 pixel.wp.com tik18.org
1 stats.wp.com tik18.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com tik18.org
52 10

This site contains links to these domains. Also see Links.

Domain
iwantu18apk.com
kiwhats.com
Subject Issuer Validity Valid
tik18.org
GTS CA 1P5		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://tik18.org/
Frame ID: E39758E4EE68BFF2A8EB16AF79B514A4
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: D617715E8BA3C04B399492123AEE55C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Frame ID: D606FF750AF854F5506ED5D9BDEC9D04
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4641301767269687&output=html&adk=1812271804&adf=3025194257&lmt=1704062288&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Ftik18.org%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704187534664&bpp=2&bdt=137&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3688363333334&frm=20&pv=2&ga_vid=1978746921.1704187535&ga_sid=1704187535&ga_hid=1948543599&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080103%2C95320870%2C95320884&oid=2&pvsid=715454291115026&tmod=195275350&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306
Frame ID: 99F88A63EA82CA0A1E1BE57CFB2E39D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A709F6E791E1A5FE2AE1DA9E1CF9EDAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: C60BB257F5F20EA10FAD3C365647E949
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82330037B8C0677BECC4F1DEB951682B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A565C58B56D0F8B8061B7F4946309284
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TikTok 18+ APK 1.4.1 - iWantU Official App Download Latest Version 2023 - TikTok 18 Plus - iWantu App OfficialExpandToggle MenuExpand

Page URL History Show full URLs

  1. http://tik18.org/ HTTP 301
    https://tik18.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

98 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

559 kB
Transfer

1590 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tik18.org/ HTTP 301
    https://tik18.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CdNDRjtaTZcC2LfWKmLAP35qvMLjU0Ilq9_ipwL8Q3evav80BEAEgweiuoAFglYKAgLQHoAG49tO9A8gBAqkCEYS2hJJ-sj6oAwHIA8kEqgSJAk_QHY_IWzjID8FwFWNiM-CFvI2SKHnmtlhJM_-6J3C0M9qGVt3Y4AtYT29ceiUvV4AvJHum0sFRJ0kQ7zXHV3AOxaXyPE-jMNgqiLJll_0L0tk_PtXKqpU1uDHnZB8UYpZmoT_1-fufH66oiELKnRVOfuQ68fLRCPgV7ZjxZufprrZ-qFlbXNUKZ3fKUGQhhB0SnA-jl6W9ryfRrTj_vzTKefLZ6CjvUzUCU-PcHFtqbfGTPL4MQPzcdwnXsT3Erfnc2dzbmT2Gzurp0LRXH61BLnJ5Z0xcLdkwcQ6YGB-L3n1EPcMB6VmalpnVCd7yiRdyXZNnXZ4t-q0Eu9HLGwLM4RDEk6P5Z6PABO-syJX6A4gFkPG0mUCSBQQIBBgBkgUECAUYBKAGAoAHsImsQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFELHAmgHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLSBjqWxvoMDmgkiaHR0cHM6Ly90ZXJyYXNzZW5kYWNoLXZvbXN0ZWluLmRlL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAsITBhi49tO9A9gTDdAVAYAXAbIXHAoaCAASFHB1Yi05MTA2NzQyNjY5MjM3OTM3GAA&sigh=YRJRY3fdkYo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_JLo6Lw9zyXo_LT9iuyYAdfTDqYBZ5xgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228866087458600473593%22,%22debug_reporting%22:true,%22destination%22:%22https://terrassendach-vomstein.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934607672%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221823396901605508689%22}&andc=true

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tik18.org/
Redirect Chain
  • http://tik18.org/
  • https://tik18.org/
219 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b6587518a90bdd9ae7c366a40800723f09ff693a5e50f68d04406bf48f29bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
83f1f49859781c9f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 09:25:34 GMT
expires
Tue, 02 Jan 2024 09:25:34 GMT
last-modified
Sun, 31 Dec 2023 22:38:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz21DqDkM%2BFQlyGjtQgefaiCzIUSSbTBm2Q8BsiYsiTZoJjM8XNHmI2s9rBcHZJbb5VgK7lHnaAh7%2FibJBli%2FEd%2FM4%2BNuFNTYFJr7bccYNjkHGJV9UqiBzBhhhR6LfePY%2Fb19nbvtgw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
x-cache
MISS

Redirect headers

CF-RAY
83f1f497fe6a91ef-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 02 Jan 2024 09:25:34 GMT
Expires
Tue, 02 Jan 2024 10:25:34 GMT
Location
https://tik18.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER4mhoCLDTkO5u3Mbnifk3AYjtk79T4qXzNNl1sUUWs2NE2Wyax%2BTdJLrI1U7tyiToqwZJ1cnzpfarKN66yHmptpuJ9dbC7RDoRZMnjeC%2FdC4C0uSOdwf%2BJM%2FW8%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4641301767269687
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca33ff5d72de9068ff0b06a4b3b9c496cc1f3d4fbffe27a635953ca45a67ba4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tik18.org/
Origin
https://tik18.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51236
x-xss-protection
0
server
cafe
etag
4128349261664798140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 09:25:34 GMT
style.min.css
tik18.org/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
283255
etag
W/"6556136f-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNwx%2FGuZxYFII2FC3MjE7SVsqVUTwFsIljxqgHLy2wBCG1Fy5zU8TXcVChlv64y6mq3MOAbaTF0M4bIu8DmJutviHMv0hIOxKosRJIszRTPlNSRzocWhc8rWjmL9snTpve0pPpZ%2Bfp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbdf1c9f-FRA
alt-svc
h3=":443"; ma=86400
mediaelementplayer-legacy.min.css
tik18.org/wp-content/cache/background-css/tik18.org/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/background-css/tik18.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17&wpr_t=1704062288
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d466b449770c0a9d3a009c538fcae1194e2f09c6f775095b8f4f75103f6fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Dec 2023 09:17:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
124169
etag
W/"658d3d2b-2c4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPd%2Br7qk8qvrEP%2Fdkly7sj94BQ9o%2FCtQ5DtsPwYzk533dB6P2lC%2B4%2F6KFe6fHHzYYHfrttOAVjnRTEqrxxTay4J7d3ovllijbvM3ogGhGWP2hnX8HO1y5qwdOzy%2BZer9hjIpzuwDNDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe11c9f-FRA
alt-svc
h3=":443"; ma=86400
wp-mediaelement.min.css
tik18.org/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.2
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2293019
etag
W/"65561370-105a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqkSqZBvPpMYJTmd0Ks03melkvujoWyCHg845IisVIcZ70faZXuC%2BVhuxO4ZdusDDwDESp9svngAINRo0Yv3oQ8Ucs%2F5BrC95BBZXoCnHTN%2F2r9121qv8HpV00HGJ1HkJ%2FPY5kTSzOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe21c9f-FRA
alt-svc
h3=":443"; ma=86400
style.min.css
tik18.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/ 		1 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4044880
etag
W/"6556136e-425"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vuU%2Ff4OP7mHuw02gfkHBoZoKcuwqQ%2F43GlUGI5qsPM%2BoNoDaTr%2Btv9miCxJjWVeGESPaVsdHrCT9INI00LzOxQl%2FKbVvlA4qUzDgTFSzG5cpqyqGv8JwznjIBwBV0n8OBvj3%2FKiJH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe31c9f-FRA
alt-svc
h3=":443"; ma=86400
global.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4044880
etag
W/"6556136e-598d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kamzlmjme3wGeRAmY8fD8bs2cu%2FnbinqKYcGMwRhTh6mhs%2B1h7QsKF8xQ80cuc6dBWpfgkYko%2BLeHOjZZXpBMcUBr3%2BfWA0Esc08py8TlkzWBtq2ENVXptMPb%2BaWjE%2FyshE4PysWbhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe51c9f-FRA
alt-svc
h3=":443"; ma=86400
header.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
354944
etag
W/"6556136e-67ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl8%2B1E9sspwwsBbi%2Fm10b2TOZYdwjDZBV%2Bnxcx2Ib7k17lyMZurJEXE7ft1EIEUcU8DJHDQG1WWOdPyaUi56xjZr22rjY1J9ttha08L6taKhLp6Y6Il8tS%2FiM2gXajJcEPXfyD4HE2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe71c9f-FRA
alt-svc
h3=":443"; ma=86400
content.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947db91f8ba025357890071b5f8df7e0cdb449fbd3e252729bbae2a771f82550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520384
etag
W/"6556136e-81c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XitDnkDOwjuAvei9Z6e06ISES9nxoX9HHEbLMPnHVoG8FvCg9wcakd%2Fx58%2BcxfvqtSBAybWdH6T8XV8Vds8H4%2BsBIWuv3%2FFF5x1zKM4E7hXjnlBe9zPWTZ7LGaI%2BlrOk7KmG44IrRJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe81c9f-FRA
alt-svc
h3=":443"; ma=86400
footer.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09918137760470f6bf298eb17af0eafd0e43381dffd797a96c9ec044da00d3c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3043037
etag
W/"6556136e-4a29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoeaAT7xhDxTRYWyCAemiAKtInCexy1muQVOORMiOgXLnUTU8XowhVKYHT5gj0EBf8Z%2FIkTF6iWTs%2FpgTGPvVt7fbFw2zYB9iG6HJ8GyN%2F1acJcbahHDZ8XPNBoC4pwsdqltOxms77E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbe91c9f-FRA
alt-svc
h3=":443"; ma=86400
menu-addon.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-pro/dist/mega-menu/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-pro/dist/mega-menu/menu-addon.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7098bf71a5825399e1bb06153e5d7b5a41915e61b5e1e38faf7088a9df802f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-176b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNBas5ORKuuq%2BIaqcISWcmsO%2FimzIJ7bX5ocBaYQ6oDBro3geyMMfZLNnk1SRJdY2xgoGd3jVfreyzfXP4gKYE0EJmpyIaXMlkOvBMdjWP4t6kgDON5FYB5M3IPBeaaFHyK2BN2m6Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbea1c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-rowlayout.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-rowlayout.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c3ae7c7e201ea39bb22d54abf466c67ed0fb598ecb94528f4642101110460d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-1d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXEOUwKfSeTDzcctNEvoYMCRzB0wrhx7dlzzyN1VzAvpvv%2F6i0mayS6KnOkB08kIkICuW%2BqmHBxlIc7H4sxdCAkIIqInqsXEQo6p%2FB%2FLBSmF5vJK2julThN%2F%2F%2Fyn7iQGoFcQvZytoyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49adbeb1c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-column.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		1 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-column.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aede0daab52bf66c21596dc77c3184896e03606e91960f0eced55a101ab5a49b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-538"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrNiDzgys%2Fs2poJBPv05rKndHjJsx7z6ITqLA%2BxwzHr%2FWA4J4thfag8a%2F2LKWl0DVjX9X%2BABumIswTMr4gC8mJKvuPHPFDel5CGvkCFhik3dLsGDCFlPezKb1Ix5WbDHoM7CYTYFc7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebf41c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-advancedbtn.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-advancedbtn.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b40e2afb15a23a41173a2be7198ea54aa4a73df3d7b86348364131195052f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-8dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXBgYhgsvrXwDWkl0Yyc9hqYQ3L2fxF11DXwpPrm2yUXtQLI8D5iEGEX%2FsHK%2BwvQD54ZiUQxJhXBfsH1hf7PxYwuULdCKfnL5A9Pdh7%2FVQfTdSisJXpFUFqSMWM7fZmo9AofSzJWNIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebf71c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-infobox.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-infobox.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3413039afdb1aa9ceba6f81342811b25b60ad8c65ae4b6c2c2e92ffeb35ac421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
258510
etag
W/"65803327-1b98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91%2F3F3Um33PeSoKv%2FRv%2F2H7%2BnCQw%2Fye4oWYMIxdvjSBO7t8OwJmmxi%2Br3eDJJg4PD8%2Bd526jH45KAxZ7YoTMs3T70%2FquaCctMHgT0emMxvfzLnRxP%2FX%2BwJ4XdExKFC%2FrWHUiXZzDkXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebf81c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-spacer.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		2 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-spacer.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9020521f388f3b7a5fdcf0a1f9938337954be967a776550044eb96e854a068e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-860"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBbx14E1GvDB8HTTpQYRLxGluFLL9oTfJHOa81vqiHWpaa%2BwZNnN7iJ2YbZnmtvdJDD6wPhjpAruV%2B%2BIgksEeqc%2BnmOwUtMFdH3rny35lZqbPWaU6IVn7G0LIKP5opzx34GzYVK6MIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebf91c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-icon.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		855 B
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-icon.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
981730d75cba639add453b1d2c5bbbd21806db71d3555c36f5a71e50460044ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-357"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7xe%2FP9wZG64Sx6wl6IcCABFKf0ZB01PhOSdRhuuzMVtjQgM3AKbPUSqI29BH60G86Lj0PvQIgBGcNVGKAr9nPvioTBZ9bI36V5U3kLclXSt%2FUDkCm6yKxEwf8FSotKbDpE0F6vJvlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebfa1c9f-FRA
alt-svc
h3=":443"; ma=86400
style-blocks-iconlist.css
tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/ 		3 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/cache/min/1/wp-content/plugins/kadence-blocks/dist/style-blocks-iconlist.css?ver=1702900519
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7eab9a6b5ecfeb2a3812b7b13e997bcbe6231d998e3f51e9b8bc70facd6906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 11:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1285562
etag
W/"65803327-cdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDCC0oNW6kOqaB8oduqhApgjKq%2BcICGeZQbULsHRO5VHpOHn5o81GwftvXJkQxgRMgBLSgBin8MI%2BZ%2FnwtQ8UTngs3qTIBIHPUF1ekyg4O5X7Pt55a2X%2BH8pQP1bCMQJSiWthdgVyEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebfb1c9f-FRA
alt-svc
h3=":443"; ma=86400
polylang.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		255 B
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/polylang.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7f3aaedaf35b3a5f3f727f93132714a635bdcd0692eb375ca908fd4609edd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2856876
etag
W/"6556136e-ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUN9i%2BdsPRSIbbD%2BKw2gK2y5Ey2ukT%2B8%2B233pBnt30MuLUfy7Lht2TpyOQnOfTi9%2BK2BGJnDx09R90IJajPnFbpnnwwieANCAw1ytPszy%2FLUA%2FCnlQrAbSqmRgsbLzZM6Mkf8M%2F5CIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebfe1c9f-FRA
alt-svc
h3=":443"; ma=86400
rankmath.min.css
tik18.org/wp-content/themes/kadence/assets/css/ 		76 B
442 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/css/rankmath.min.css?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e7fe46985f21532acbf211e6786e09f4c417ca9d0d8d6fc3fb10738c366826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2786270
etag
W/"6556136e-4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BudJgQJfTxREjKI4AylQhEesv2s%2F82erLV44x17NvWCyoHTQC9%2FzSFGJjrnhoikF5QsexXkufYbQki3wFxHGu4ywvX0UyCh9LAHtVx6u4apO1jYTsrPY6hZtrx3SfWmYXpbt2BuGUcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83f1f49aebff1c9f-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
tik18.org/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4047348
etag
W/"6556136f-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgd%2BzfM1KDDved%2F7HwCuxl5thywvYXvDgWX1Do89DBcH3m9yPhT96e0he3fC%2B45wS8SuBBlXX%2F7ZbuvucLLm0beXw7xrWSf%2F%2B9IOHAAbLHrBJi1P%2FluudNuXHjb%2FU1uVPcPAkgMpwik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83f1f49b4bfd65c5-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
tik18.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2791177
etag
W/"6556136f-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw54wUKgpgR2ejkdl2ITeveDQ9SffVI%2FoRtqtWe3HFEa%2BVxs081bpGz5X5l8xsZl%2F6QpEJ9GMnRZ5WGZUXAbSrYgby9lwkICwWFv1FxCKTCC%2BdE%2BUXmT7ibIn0690cBhRYM3vKXC%2F0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83f1f49b4bfe65c5-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900&display=swap
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 09:25:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 09:25:34 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2f2ac8f39ee3bfa72dc5e956338259f49086651e9afe809c2c00974f0a3e90e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86db658dfe497e14c80a844f99abed48bb368b88a7ebc047dc3b133267c67bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tik18.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:38:07 GMT
x-content-type-options
nosniff
age
56847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:38:07 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5296895e6bd8798dc89bed931e37a32ba41daac735d2df545d09362afb1b77cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e378fb895d481f106bc4283d24fa3260b5c36c835dc9f1193fe8a0cfa223830

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a533ca170ee245f0823b7fc54319dd79d432b78ef681b80d56fa1075e3fbfd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ba78b2d4dd81bdd5265dc7fab24e428966013b9e1070ce49844e32f5f18e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa1ffb8ee487d0d6ed19d85457d140c9eba112fef6880083a9eb1764da223b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
navigation.min.js
tik18.org/wp-content/themes/kadence/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.49
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8691eb15e6a07541b285869962328b158921ff20c1cac2bbb2a7505b192c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3035045
etag
W/"6556136e-4677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od9HkAW4MYchK5obW4SgCeba7wn2WPwKevUGJIN18QlG7uakefvkXzmf2H2evK1n21QBKzEfiU2ujJ3goCjXFFxiaqGGNa%2FTyjj8UW0B%2Fc%2FIRyN2ZCcdINtJS02JColRN96dxkipatQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83f1f49b8c4a65c5-FRA
alt-svc
h3=":443"; ma=86400
e-202352.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202352.js
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1695421998473.3982
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Wed, 25 Dec 2024 04:07:10 GMT
lazyload.min.js
tik18.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tik18.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2779149
etag
W/"6556136e-22bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyLBXrpkO4abpulUN%2BFCwm396BtS%2BH9eEP%2FtBzjG2pEV5krja7d88%2BCu3zNJlgfzxCkXU45Z8iZ0Bz6kfGvlnlZbtaI%2FaHTZKTp9JNvyHdKttqYKWpskgXEhqlYCUufw0skM1MBkujI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83f1f49b8c4b65c5-FRA
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4641301767269687&plah=tik18.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4641301767269687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a51ca3c3aaf0e32557d4acbd6088b1e279a8cf261825af76d7884b1e754e3d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137956
x-xss-protection
0
server
cafe
etag
14365569079650742873
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 09:25:34 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame D617 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4641301767269687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tik18.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 23:18:53 GMT
etag
5585625838579639069
expires
Mon, 15 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=225930036&post=14&tz=0&srv=tik18.org&j=1%3A12.9&host=tik18.org&ref=&fcp=3523&rand=0.44231110816433206
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 09:25:34 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
cropped-cropped-tiktok-18-1.webp
tik18.org/wp-content/uploads/2023/09/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tik18.org/wp-content/uploads/2023/09/cropped-cropped-tiktok-18-1.webp
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d838314b83854f39e38697f878588c074e6dd7cfbaa9d672304d7a673cceb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2863606
etag
"65561354-6ecc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pum5i8c1ajy7YtwJqynuTYBg1GtmoU0w0BRZrX2ChMF2qi7GrS9gM5PDwRr4kaFD6ldsX4EYDksUYMttvsdFvxI33bJ31T3Dmyk1Ew6zQFWJ%2FdpAVngw8fbUpG1qePC7ObQVaAxG4uk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83f1f49bfcb765c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
28364
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
cropped-tiktok-18-1.webp
tik18.org/wp-content/uploads/2023/09/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tik18.org/wp-content/uploads/2023/09/cropped-tiktok-18-1.webp
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:8fad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce19ed7a39488d86e02bca0ba62862aa274088b1451c67c62bbdc783641710a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:34 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 13:04:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4047347
etag
"65561354-712a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qp2Tp%2Bq27Q5If6KBTgns4ZqnxNCQWz12LcXSWmI%2FYOJKZR%2B%2FHatsTEjMERtUELC2L8PFzwTVU8RgmssHRII96nBWvPGY4CehFsC3Q5jwBYCOU1eYzCVfATIJJChmc8mDp0%2FUrgPNoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83f1f49bfcbb65c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
28970
ads
googleads.g.doubleclick.net/pagead/ Frame D606 		114 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Requested by
Host: tik18.org
URL: https://tik18.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fb10417c0c71d071ea84ac8cd1019b1228060b819b06d2f376aac4e1f8fef4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tik18.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39995
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:25:35 GMT
expires
Tue, 02 Jan 2024 09:25:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 99F8 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4641301767269687&output=html&adk=1812271804&adf=3025194257&lmt=1704062288&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Ftik18.org%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704187534664&bpp=2&bdt=137&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3688363333334&frm=20&pv=2&ga_vid=1978746921.1704187535&ga_sid=1704187535&ga_hid=1948543599&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080103%2C95320870%2C95320884&oid=2&pvsid=715454291115026&tmod=195275350&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4641301767269687&plah=tik18.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tik18.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:25:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
10786928992299026329
tpc.googlesyndication.com/simgad/ Frame D606 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10786928992299026329?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmTUwseQf2e-RuCmx0sOeAJmDiMfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e3b9a7b6b045c749eea2af88bea348140a6dd453e8cb3428bb3a17d1fba5f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:35 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27676
x-xss-protection
0
last-modified
Thu, 12 May 2022 00:15:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Jan 2025 09:25:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D606 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
37518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 23:00:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A709 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2831
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D606 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:53:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
5498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 07:53:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D606 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
27076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 01:54:19 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D606 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
23624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 02:51:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A709
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:25:35 GMT
expires
Tue, 02 Jan 2024 09:25:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:25:35 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D606 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03895444e7eb0234b7ead753a8c1d79d25a44342de025fd6331232b0c7b2784c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame D606
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CdNDRjtaTZcC2LfWKmLAP35qvMLjU0Ilq9_ipwL8Q3evav80BEAEgweiuoAFglYKAgLQHoAG49tO9A8gBAqkCEYS2hJJ-sj6oAwHIA8kEqgSJAk_QHY_IWzjID8FwFWNiM-CFvI2SKHnmtlh...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228866087458600473593%22,%22debug_reporting%22:true,%22destination%22:%22https://terrassendach-vomstein.de%22,%22event_repor...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228866087458600473593%22,%22debug_reporting%22:true,%22destination%22:%22https://terrassendach-vomstein.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934607672%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221823396901605508689%22}&andc=true
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8866087458600473593","debug_reporting":true,"destination":"https://terrassendach-vomstein.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934607672"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"1823396901605508689"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 09:25:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 Jan 2024 09:25:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8866087458600473593","debug_reporting":true,"destination":"https://terrassendach-vomstein.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934607672"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"1823396901605508689"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4641301767269687&plah=tik18.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebef53e5e76a4aef4b9be32544344a4b5771a57c4621390e4df42cd707b64bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12237
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame C60B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9106742669237937&h=300&slotname=5912967348&w=600&rafmt=11&format=600x300&url=https://insuranceinfo4u.exblog.jp/&host=ca-host-pub-8544321996124660&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 09:01:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228866087458600473593%22,%22debug_reporting%22:true,%22destination%22:%22https://terrassendach-vomstein.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934607672%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221823396901605508689%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 09:25:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4641301767269687&plah=tik18.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 09:25:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8233 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tik18.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:23:15 GMT
expires
Wed, 01 Jan 2025 08:23:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A565 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
052ffe6bcf595c56e47a9a6197d18981955f7dc26bec98d862bc44f505157c8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7cwttw9ulFNP9rkglSzWWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tik18.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7cwttw9ulFNP9rkglSzWWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:25:35 GMT
expires
Tue, 02 Jan 2024 09:25:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8233 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 10:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
167475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Dec 2024 10:54:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A565 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=715454291115026&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8233 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2X5lyQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:25:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=715454291115026&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfONd0iKPe3reIuhylOZ1Y-ZSbM0eMHHGLDsxva8xc0xn66-nELOxJOx-FyyuwlyM7AgAAAC1SAAAAAWgBBwoAMkfsRbsro1yExeuFBu-3ILLmA-91-YZxQzzMHH7xm2HZR29Bpcf7QalCWnxlwdXCklPfmQLyPI4-baF4jDIllFEVnsHEvXAmXclj65RyX46dRlSKQV3sTNiUkNeJnfqrCtUuFTL-iJSRBydh5tD95bh093A9R8y4bh4UHvpkwDWGPrnfpYdWtIGA_7XLUIKAPI3tbtcMuetlZ8MqH-qklZNAgPdXdjTNwhB7t1L4M7rzVArQYS5UYsPA0mgKDxKG1e7IP3S1zfeh_H89UXAL4R6mlyuAy3Fdq3hr264DPamfsVXPewn4Bw6j410Zqu5P-1hq-zs490P4m5N2B4eWUi9dStT5wk4Ji-CvYUdzZBXIK0RBQhcgtudDilLF-0-eUTSyQymDHKuxHzNMqF75gjVHA97hOZU9uygX_sA07FuMc7KHZc6CQ2W1IkTx0aniunxQuWAIEQkonFGlaF_n2nMbRROmeBRYER1ZkMR93v1piYu_oX2sJXzrnN-FWf6IxlZ_eeQ1KQSmvcUnRedaKgwDtJaHarBwxem99nQWEYeX3xWPpMak2u76m94OtWiIhfliDtyAv4LjJpiMW9O14ZC5px7hjLwXMuQQHlF7HuQafIZ_H81spRICgHouhULuKF5HlHYZ74vHyklmVTUFWyzlMsOQNO_qQZ5ShOIMuiAP0rx02ntm38VFqGQIStfHlfKa_99QXMGgVN6dONPha0R3QNCdq02M0tUc4N3u5HxjYIjaaEtlqiqLDLUhYDDXR-ei9-mYKT6Pp_P-HVXT3gg8eCAhLzgRky8hDwSC5_tMa30vboNCRsOzg4-5wFNzgjB7Rk1B_8zh4U6Lpwj6_pKD0xFb4J_agos1eWn2AsKtLtJM9ojsv84eVfq4z12uuoikUQlrrc1XdM63QXw2RkF5TyFAEkPOC-aB_ugtb48F9J_Q6RzcEOU2oyPIJOzwVDBDfK4AgvVxYZQbe1CzKev2SuQLAPTqxlKc7wsZRIT_JAMLiHieGOqxAwhlLKK83kF37MfaX46kx9G8QPPS2nrAWn99A_rymmgK5UToakrwdPK9VShkVw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tik18.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture undefined| href object| RocketPreloadLinksConfig object| rocket_lazyload_css_data object| kadenceConfig object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| st_go function| linktracker_init object| wpcom object| kadence function| LazyLoad function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnD0MsS-zQ2fygosvezoo__r3ACDJGXpgt0z_F_cJ2836V9g0JtGrnZlhynHCw
.googleadservices.com/ Name: ar_debug
Value: 1

3 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4641301767269687&output=html&adk=1812271804&adf=3025194257&lmt=1704062288&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Ftik18.org%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704187534664&bpp=2&bdt=137&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3688363333334&frm=20&pv=2&ga_vid=1978746921.1704187535&ga_sid=1704187535&ga_hid=1948543599&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080103%2C95320870%2C95320884&oid=2&pvsid=715454291115026&tmod=195275350&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
tik18.org
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
104.21.27.244
172.217.16.130
192.0.76.3
2606:4700:3030::ac43:8fad
2a00:1450:4001:801::2004
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03895444e7eb0234b7ead753a8c1d79d25a44342de025fd6331232b0c7b2784c
052ffe6bcf595c56e47a9a6197d18981955f7dc26bec98d862bc44f505157c8c
09918137760470f6bf298eb17af0eafd0e43381dffd797a96c9ec044da00d3c7
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
0e378fb895d481f106bc4283d24fa3260b5c36c835dc9f1193fe8a0cfa223830
0e7eab9a6b5ecfeb2a3812b7b13e997bcbe6231d998e3f51e9b8bc70facd6906
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
12ba78b2d4dd81bdd5265dc7fab24e428966013b9e1070ce49844e32f5f18e74
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2a51ca3c3aaf0e32557d4acbd6088b1e279a8cf261825af76d7884b1e754e3d7
2b40e2afb15a23a41173a2be7198ea54aa4a73df3d7b86348364131195052f18
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3413039afdb1aa9ceba6f81342811b25b60ad8c65ae4b6c2c2e92ffeb35ac421
3a7f3aaedaf35b3a5f3f727f93132714a635bdcd0692eb375ca908fd4609edd8
3e3b9a7b6b045c749eea2af88bea348140a6dd453e8cb3428bb3a17d1fba5f71
42d466b449770c0a9d3a009c538fcae1194e2f09c6f775095b8f4f75103f6fdd
4c7098bf71a5825399e1bb06153e5d7b5a41915e61b5e1e38faf7088a9df802f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5296895e6bd8798dc89bed931e37a32ba41daac735d2df545d09362afb1b77cb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a533ca170ee245f0823b7fc54319dd79d432b78ef681b80d56fa1075e3fbfd8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
85c3ae7c7e201ea39bb22d54abf466c67ed0fb598ecb94528f4642101110460d
86db658dfe497e14c80a844f99abed48bb368b88a7ebc047dc3b133267c67bf0
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
947db91f8ba025357890071b5f8df7e0cdb449fbd3e252729bbae2a771f82550
981730d75cba639add453b1d2c5bbbd21806db71d3555c36f5a71e50460044ad
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791
9f8691eb15e6a07541b285869962328b158921ff20c1cac2bbb2a7505b192c63
9fb10417c0c71d071ea84ac8cd1019b1228060b819b06d2f376aac4e1f8fef4a
aede0daab52bf66c21596dc77c3184896e03606e91960f0eced55a101ab5a49b
bce19ed7a39488d86e02bca0ba62862aa274088b1451c67c62bbdc783641710a
c7b6587518a90bdd9ae7c366a40800723f09ff693a5e50f68d04406bf48f29bf
ca33ff5d72de9068ff0b06a4b3b9c496cc1f3d4fbffe27a635953ca45a67ba4e
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa1ffb8ee487d0d6ed19d85457d140c9eba112fef6880083a9eb1764da223b4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f
d838314b83854f39e38697f878588c074e6dd7cfbaa9d672304d7a673cceb1df
e2f2ac8f39ee3bfa72dc5e956338259f49086651e9afe809c2c00974f0a3e90e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8
ebef53e5e76a4aef4b9be32544344a4b5771a57c4621390e4df42cd707b64bd7
f2e7fe46985f21532acbf211e6786e09f4c417ca9d0d8d6fc3fb10738c366826
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f9020521f388f3b7a5fdcf0a1f9938337954be967a776550044eb96e854a068e