urlscan.io logo urlscan.io
SecurityTrails logo

tiktok.kayaaku.com Open in urlscan Pro
104.21.80.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s.umj.ac.id/FreeRobuxHere?Get-Robux
Effective URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Submission: On October 31 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 7 countries across 22 domains to perform 126 HTTP transactions. The main IP is 104.21.80.172, located in and belongs to CLOUDFLARENET, US. The main domain is tiktok.kayaaku.com.
TLS certificate: Issued by GTS CA 1P5 on October 28th 2023. Valid for: 3 months.
This is the only time tiktok.kayaaku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.206.245.71 131111 (CEPATNET-...)
1 1 206.189.58.138 14061 (DIGITALOC...)
1 104.21.80.172 13335 (CLOUDFLAR...)
1 151.101.194.217 54113 (FASTLY)
3 162.19.58.161 16276 (OVH)
15 142.250.184.226 15169 (GOOGLE)
1 18.244.38.39 16509 (AMAZON-02)
1 142.250.186.74 15169 (GOOGLE)
1 52.222.153.61 16509 (AMAZON-02)
3 142.250.186.110 15169 (GOOGLE)
1 142.250.186.104 15169 (GOOGLE)
1 12 142.250.186.98 15169 (GOOGLE)
2 3.160.185.4 16509 (AMAZON-02)
1 23.22.126.183 14618 (AMAZON-AES)
1 216.239.34.36 15169 (GOOGLE)
4 13.224.98.19 16509 (AMAZON-02)
3 34.120.195.249 396982 (GOOGLE-CL...)
1 104.20.8.31 13335 (CLOUDFLAR...)
12 18.155.128.24 16509 (AMAZON-02)
1 149.56.240.129 16276 (OVH)
1 142.250.186.34 15169 (GOOGLE)
3 142.250.186.106 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
4 142.250.185.99 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 20 172.217.16.193 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 162.247.241.14 23467 (NEWRELIC-...)
14 37.157.2.229 198622 (ADFORM)
2 142.250.186.66 15169 (GOOGLE)
9 37.157.5.71 198622 (ADFORM)
2 142.250.74.196 15169 (GOOGLE)
3 6 142.250.186.38 15169 (GOOGLE)
126 32
2    103.206.245.71 (Jakarta, Indonesia)

ASN131111 (CEPATNET-AS-ID PT Mora Telematika Indonesia, ID)
PTR: ip-245-71.moratelindo.co.id
s.umj.ac.id
1    206.189.58.138 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
2124590244.gopeerclick.com
1    104.21.80.172 (None, )

ASN13335 (CLOUDFLARENET, US)
tiktok.kayaaku.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
15    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
1    18.244.38.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-38-39.cdg52.r.cloudfront.net
dby7kx9z9yzse.cloudfront.net
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
ajax.googleapis.com
1    52.222.153.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-153-61.cdg52.r.cloudfront.net
d2owpcwl4v0y1p.cloudfront.net
3    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
www.google-analytics.com
fundingchoicesmessages.google.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
12    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
2    3.160.185.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-185-4.mrs52.r.cloudfront.net
d2yc1amd5aqnhl.cloudfront.net
1    23.22.126.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-126-183.compute-1.amazonaws.com
appinstallcheck.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    13.224.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-98-19.zrh50.r.cloudfront.net
d1w9uux77ifu8k.cloudfront.net
3    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o425163.ingest.sentry.io
1    104.20.8.31 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
12    18.155.128.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-128-24.cdg52.r.cloudfront.net
d266key948fg17.cloudfront.net
1    149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net
s4.histats.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
3    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
4    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
20    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
14    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
9    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
6    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
763 KB
23 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
413 KB
20 cloudfront.net
dby7kx9z9yzse.cloudfront.net
d2owpcwl4v0y1p.cloudfront.net
d2yc1amd5aqnhl.cloudfront.net
d1w9uux77ifu8k.cloudfront.net
d266key948fg17.cloudfront.net
265 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
95 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
105 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
237 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
33 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
www.googleadservices.com — Cisco Umbrella Rank: 145
603 B
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
www.google.com — Cisco Umbrella Rank: 2
11 KB
3 sentry.io
o425163.ingest.sentry.io — Cisco Umbrella Rank: 845782
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11551
336 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
5 KB
2 umj.ac.id
s.umj.ac.id
338 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
468 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
29 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914
7 KB
1 appinstallcheck.com
appinstallcheck.com
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
79 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4015
21 KB
1 kayaaku.com
tiktok.kayaaku.com
10 KB
1 gopeerclick.com
2124590244.gopeerclick.com
834 B
126 22
Domain Requested by
20 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
tiktok.kayaaku.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 track.adform.net tiktok.kayaaku.com
googleads.g.doubleclick.net
s1.adform.net
12 d266key948fg17.cloudfront.net tiktok.kayaaku.com
12 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
tiktok.kayaaku.com
googleads.g.doubleclick.net
11 pagead2.googlesyndication.com tiktok.kayaaku.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
browser.sentry-cdn.com
tpc.googlesyndication.com
www.googletagservices.com
9 s1.adform.net track.adform.net
s1.adform.net
googleads.g.doubleclick.net
6 ad.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
tiktok.kayaaku.com
4 fonts.gstatic.com fonts.googleapis.com
4 d1w9uux77ifu8k.cloudfront.net d2owpcwl4v0y1p.cloudfront.net
3 fonts.googleapis.com appinstallcheck.com
googleads.g.doubleclick.net
3 o425163.ingest.sentry.io browser.sentry-cdn.com
3 i.ibb.co tiktok.kayaaku.com
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 www.googleadservices.com tiktok.kayaaku.com
2 d2yc1amd5aqnhl.cloudfront.net dby7kx9z9yzse.cloudfront.net
2 www.google-analytics.com tiktok.kayaaku.com
browser.sentry-cdn.com
2 s.umj.ac.id 2 redirects
1 bam.nr-data.net appinstallcheck.com
1 www.gstatic.com googleads.g.doubleclick.net
1 js-agent.newrelic.com appinstallcheck.com
1 stackpath.bootstrapcdn.com appinstallcheck.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 fundingchoicesmessages.google.com pagead2.googlesyndication.com
1 s10.histats.com tiktok.kayaaku.com
1 region1.google-analytics.com www.googletagmanager.com
1 appinstallcheck.com tiktok.kayaaku.com
1 www.googletagmanager.com www.google-analytics.com
1 d2owpcwl4v0y1p.cloudfront.net tiktok.kayaaku.com
1 ajax.googleapis.com tiktok.kayaaku.com
1 dby7kx9z9yzse.cloudfront.net tiktok.kayaaku.com
1 browser.sentry-cdn.com tiktok.kayaaku.com
1 tiktok.kayaaku.com
1 2124590244.gopeerclick.com 1 redirects
126 35

This site contains no links.

Subject Issuer Validity Valid
kayaaku.com
GTS CA 1P5		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
ibb.co
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
appinstallcheck.com
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Frame ID: 8A13295A9ECA3D79E83B737BAEAAFA62
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 8AA2A2B899DB5EB244490B0FD15CEECE
Requests: 1 HTTP requests in this frame

Frame: https://appinstallcheck.com/fl/eglne
Frame ID: B5D32AAEB01B01C0B8D029343DB78279
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&adk=1812271804&adf=3025194257&lmt=1698785631&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=479&idt=362&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=665987945617&frm=20&pv=2&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=637
Frame ID: 2D9444B62E4C8EA78CFE3049DC98DF42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Frame ID: 7BAA1843F39A2041008257ADEB3836C5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1892668330~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1629&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280&nras=2&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=adOhRusAn6&p=https%3A//tiktok.kayaaku.com&dtd=5
Frame ID: E64BFAF85594D09D1AB56625D758ECDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Frame ID: EAD132B91B5A56346269378EDF1C0A34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=60&adk=2499841291&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x60&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1629&idt=1&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280%2C1200x90&nras=4&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ebq34buUTx&p=https%3A//tiktok.kayaaku.com&dtd=16
Frame ID: 6DC2A45B825DA2BC14C96A2EBE33456F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Frame ID: C609811DC11B634801CEFB035DDCEB0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2EB8621C933F49B9F90F39E33ABB1285
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6QCO9j2AAEp7DB3zavOK4w67_FYjg;rtbdata=78TPdRwPAhjDAt3oLnMu_RtY910PandP1wIDAGhR2W_1-saJ6MdGOwTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEI4Zh6eRp7gicSV0emCSZ12dhb6eschVZNO-AE80YxA5UiNGd1cCUll60yTlXk30l09CbqofWHJt5BYbnFAEO7_rCFm7uyl5fPMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CP5YXb3dBZaTPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0E_xRi8cJ9NSNJCkFDuLZ-jkRJ_v672V3QzJan9-pp_vhOm1PLFhXCOnU7geq4XpR8FW5NdzEPqfxC_aBCeCuCwHOk19LUJIcgm-ZSwrEScjgyxIpCcHDIbtq5zOnEm5eOC4cBSHgHPB4X-GHv8_0xQmfj1meAV7tVvojITraHyeWDa1_Y2rxLOyY1SIE0XvciwNVjHk49opbIn9QrxXqeVzq05yVoTGDgUJP1H-ombYRXUMaL_TG4U5n4S2c284i6_dky9B0r_3sEiGbX7wj-L01KhzXt3Z8DB3_7CPezst9oINgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yfnYSLdeVjNVS7dkGOKTfb_xZVQ&client=ca-pub-4872877528262831&adurl=
Frame ID: D7968D2C2FFA5CA430F168A066FD7B6D
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6UCO9j2AAEp7Lvtgn5flYAeccE8OQ;rtbdata=OrM4Q0_uJwhot-op19IvY59Qk6iKOLKj5TFnKkWTIHof_Bvd_f889gTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sdyz-wjr2L3lxwBqROqeubpkUSJO1nS55uq0yTlXk30l09CbqofWHJt5BYbnFAEO7_uqAp8OShwwhMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKjtEb3dBZaXPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0O-dmHhquhS5hqXxsJFbhD0zAWGTK-JdKRMGVwAlsspY_XmeEQb5FF1JrhBcGUfSxDT9O6fmKDwAuc8pVfwF02TrRT4bTG4DmcU9zyvoV_glpEXllSt_7CLlF10Dy4T_30HrYMvmkrugnLpSpmoKn374aW0H1gfECI0c0Q_Ge4yexHmjOFLLKwOLK5mGfE8XUlQMpAB1quTLQIqczh5GljRqFAHD3daN9YjL30lGW6qu5dJp0Y9sjheHdBRow_bkeaP6uvch1xyC9_21ekKig4-cCDe6KOkCnYNbwFq9hr8bbXr0gAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yLhkTGWR-0hRTCJtAeIa6ynPH5A&client=ca-pub-4872877528262831&adurl=
Frame ID: 8329920A5BA1A43497E408D81896E4F9
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
Frame ID: DFFB64C12E6C651CC91F6333F8EF31D3
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=69140203;rtbwp=ZUF3cAAH-8kA-RCmAAvablNOORtu-UVVe17tXQ;rtbdata=5lQbPeq0pWwvgtgfEm0WLCcT4JBYGmlWW0bD6skb2YvOPNyNEatVogTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sd64pnR19MwCvUn9mQHDpBsdfe4xYZ4sE4fNUVu7Ki4C6lbLBcIpUZ7EFOMYy9Ew1sZK66VoRPodFlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLABj9dj8PeUKI1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-9CFcHdBZcn3H6ah5LcP7rSv4A6RrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQLpjanLixGDPqgDAcgDAqoE6gFP0PJ3Xkm0cKQcSaUrDO-qcSpEV2yIWCSc8OX5GF4IF18qtl_kkPIqmtsb5LepWPOpkL9eEx-T1F1AGzMlQ5BdnChMUI_baK9yqK_Egtus-BmS2bxAyijC66XsHfByUUVXTCca9aDyWi6bwFMnl1jh6JS7BptfVAnIcOIsM5hOIepbrpPgHtchLeIuKBfrJFqj9A12HE_lTLsmusQs8JRQF_0sqP4tTk8vcieZscoABzkpd4LIH-PTwSUuvInP75KWsB0gHBs5xiFb3DCGxbOsVmhGPiJzzaKHQS_LRA0aWH3s4YeeD2Euh2qABvLXg7r7gYK-gAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_0LnIKjS12kshbg9U0CtCH75N5pEg&client=ca-pub-4872877528262831&adurl=
Frame ID: CFF11D6CFE1F69390F128ACEA18C1B3D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C05AEEC5FB1497D397CEC674F6312C46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70DA6CD4917F206B9244E38D5EB6A148
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Gift Cards Giveaway

Page URL History Show full URLs

  1. http://s.umj.ac.id/FreeRobuxHere?Get-Robux HTTP 301
    https://s.umj.ac.id/FreeRobuxHere?Get-Robux HTTP 301
    http://2124590244.gopeerclick.com/15Gogi HTTP 302
    https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

94 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

32
IPs

7
Countries

2450 kB
Transfer

4531 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s.umj.ac.id/FreeRobuxHere?Get-Robux HTTP 301
    https://s.umj.ac.id/FreeRobuxHere?Get-Robux HTTP 301
    http://2124590244.gopeerclick.com/15Gogi HTTP 302
    https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODEjPro6gEQsAkYrAIyCDOypGw7qx1J HTTP 301
  • https://tpc.googlesyndication.com/simgad/5580767900195355069
Request Chain 77
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFQGBb3dBZZ6oOrKG78EPwtKPoAqdo7rZc5KMx5uBEmQQASDqzbKTAWDp5MmF2BqgAd-n2vkCyAEJqAMByAPLBKoE8gFP0MbVeU-g9F5uSQILJpmVHDhhVZdF76IMMFF8tC65quUEfx6T_Y68FeyHbEoG34zIfZqEjQ4qpagYg7GhuXd6kCbS-Ek69ljYCajdlxadiWirvW9WRvJ8VLVkQmWo2S__VQfSybc_1-9VxkujNof-nw6CTRzmOR6Exu4RU2pR8fxTwtYz51EiVvA-NSh97wmyLJQPuHV8BX2gquFPQ5Nxwdv0E14-j9B_e6cO3BxAejH6PdvYSqKWgDpgGHm62fANhPP4iBYnWLKMqTAs-sbZOlFIBOXm4VscAYYUdpt-KR8IeDbgRz6YJn6p1ZHF7Ow77MAE6abTw50EiAXjta_bRJIFBAgEGAGSBQQIBRgEoAYugAeJ2KWGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDOgQbSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mglRaHR0cHM6Ly9kbWFya2V0LmNvbS9pbmdhbWUtaXRlbXMvaXRlbS1saXN0L2NzZ28tc2tpbnM_Y2hlYXBlc3RCeVN0ZWFtQW5hbHlzdD10cnVlgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTQ4NzI4Nzc1MjgyNjI4MzEYAA&sigh=-WaxunrVnzI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNkXQVvapJzoYB8Pn4YTw_PRVX2xUSq5zWexvRt7sT7eK-8DXheGQhuq0LE1NM2BWq6WJlIaYxiMvh62prlRwupRc5fbV-V1MYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228329081011602999174%22,%22debug_reporting%22:true,%22destination%22:%22https://dmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22792105951%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211841507685711744257%22}&andc=true
Request Chain 91
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CKXpsYajoYIDFaeJ_QcdN6oMGA;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 92
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=COTqsYajoYIDFTvDEQgd-HQJug;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 94
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CPfssYajoYIDFcuS_QcdHJAGNw;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request giftcardgiveaway.php
tiktok.kayaaku.com/
Redirect Chain
  • http://s.umj.ac.id/FreeRobuxHere?Get-Robux
  • https://s.umj.ac.id/FreeRobuxHere?Get-Robux
  • http://2124590244.gopeerclick.com/15Gogi?
  • https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816767f90fc34ec8651157c79b5827c11241b9e6df03c698dc85306cc3daaebf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ef22137c3bbf35-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 21:53:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gkI%2FKjENul9gdGhtI%2BuuqsGEueV1yjG%2Bpb4121IvzQ2Q9o50D%2F2ECf%2BOTws3Zw5sduG8RdjNkXk33t8ZPW2T9TgCMRDtN1pqS2U%2FkpPt5CGEDUmp%2F3qnodhm2RV9%2BynF7oF%2Bk8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Connection
keep-alive
Content-Length
158
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 21:53:50 GMT
Location
https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Server
nginx/1.25.2
Vary
Accept
X-Powered-By
Express
bundle.min.js
browser.sentry-cdn.com/6.4.1/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://tiktok.kayaaku.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 19 May 2021 16:36:38 GMT
server
Fastly
age
4193861
etag
"42639cce5db857005b8285dedd67553d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20972
expires
Thu, 12 Sep 2024 08:56:10 GMT
Logogiftcard.png
i.ibb.co/XWGhfmk/ 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/XWGhfmk/Logogiftcard.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
120cb0be75d77196ef6b3813b5a24d23075a6d14dd5cd1b39020b6eb3ebdb6ab

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:50 GMT
last-modified
Mon, 11 Jul 2022 09:54:51 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
302868
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4872877528262831
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ce95c20cfa306c4e3c68c221a21325fa4f04da503ac7c83253eb7162edb51afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://tiktok.kayaaku.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51448
x-xss-protection
0
server
cafe
etag
11790065209622144467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:51 GMT
868149f.js
dby7kx9z9yzse.cloudfront.net/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dby7kx9z9yzse.cloudfront.net/868149f.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.38.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-38-39.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2c83aa51a9a14329803e75c79a3ef8727216c8a7f4614db3258237442b95db2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 03:33:19 GMT
content-encoding
br
via
1.1 dbc7e30405074db3df74774e77df3fde.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 02:19:24 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P5
age
70041
etag
W/"1d4bf449a445ba3f51ddbb265bb20a66"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
OpJlm2Rfzh7wxq5YLbk5DRqJInLQliVl_p8NzqfDMmPn_weV3VBOrQ==
free-gift.png
i.ibb.co/qCycDzF/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/qCycDzF/free-gift.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
448c9ace7b42876399fabdb9d02253e7be4667b6fdbb8e0a3eeff086754fc164

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:50 GMT
last-modified
Mon, 11 Jul 2022 12:41:18 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9164
expires
Thu, 31 Dec 2037 23:55:55 GMT
verifyuser.jpg
i.ibb.co/mCRbQyx/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/mCRbQyx/verifyuser.jpg
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
51e91dd535891502cf4fe61f9c9bc52a9dc9dfcfea1fd3d5ba832028f2dada0a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:50 GMT
last-modified
Mon, 11 Jul 2022 20:31:00 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30730
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 09:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 09:33:05 GMT
03a9bd2.js
d2owpcwl4v0y1p.cloudfront.net/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2owpcwl4v0y1p.cloudfront.net/03a9bd2.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.153.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-153-61.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2c83aa51a9a14329803e75c79a3ef8727216c8a7f4614db3258237442b95db2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:29:13 GMT
content-encoding
gzip
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 02:19:24 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
age
1479
etag
W/"1d4bf449a445ba3f51ddbb265bb20a66"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
XJKC2REEey64WTFAjykPUFtJQ_7Ho5aq0K-VQzLXwUIUS6pK9cvBaA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 21:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
249
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 23:49:42 GMT
collect
www.google-analytics.com/j/ 		15 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=399616041&t=pageview&_s=1&dl=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&ul=en-us&de=UTF-8&dt=Free%20Gift%20Cards%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1962314973&gjid=1715216905&cid=12610867.1698789231&tid=UA-220165625-1&_gid=62635420.1698789231&_r=1&_slc=1&z=575447647
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aeb69c82560a722e264cfed39f63b891e8a809804e61be254fbc41369170e76a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tiktok.kayaaku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3W7PE80J60&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2b27500e6769f7a71b4c42fe3e8c3ace3eaeee36d3f72c5e39a93752aeccf055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80759
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 21:53:51 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4872877528262831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8ffde71b4e674d4177bd611ee2d1f05259e69e02c22572c617c588c1713b9764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137658
x-xss-protection
0
server
cafe
etag
18105264166127008043
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 8AA2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4872877528262831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
48581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 08:24:10 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 08:24:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
htmlxf.2669584.f9294.0.js
d2yc1amd5aqnhl.cloudfront.net/public/external/v2/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2yc1amd5aqnhl.cloudfront.net/public/external/v2/htmlxf.2669584.f9294.0.js
Requested by
Host: dby7kx9z9yzse.cloudfront.net
URL: https://dby7kx9z9yzse.cloudfront.net/868149f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.185.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-185-4.mrs52.r.cloudfront.net
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
5e617211d022e88353ea5637c28e466c30510a13570589e585ef5ebba29eef9c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
via
1.1 b5531ef792e817bdf665b09adf99ef4a.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MRS52-P5
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
zVrbkqP_XdlPL5zblHulNX2nTetMHvKBMNnBNxo7qzi3r9P8oEyvZA==
css_frontXF.css
d2yc1amd5aqnhl.cloudfront.net/public/external/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2yc1amd5aqnhl.cloudfront.net/public/external/css_frontXF.css
Requested by
Host: dby7kx9z9yzse.cloudfront.net
URL: https://dby7kx9z9yzse.cloudfront.net/868149f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.185.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-185-4.mrs52.r.cloudfront.net
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
via
1.1 b5531ef792e817bdf665b09adf99ef4a.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 03:23:33 GMT
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MRS52-P5
etag
"17f6-60315efd526bb"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6134
x-amz-cf-id
-kUu_eu3e8lL8bFxdF3QZ531lU9h1THXS9G5rg_iDJ5fRS_osFiZ4A==
eglne
appinstallcheck.com/fl/ Frame B5D3 		57 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appinstallcheck.com/fl/eglne
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.22.126.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-126-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4ef353c6b2f267d332400b83760cb47ee9f6b0b2a426ef2dc63bc63756b5946a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 21:53:51 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
DENY
x-robots-tag
none
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3W7PE80J60&gtm=45je3ap0v9109600068&_p=399616041&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=12610867.1698789231&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&dt=Free%20Gift%20Cards%20Giveaway&sid=1698789231&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3W7PE80J60&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tiktok.kayaaku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htmlxf.3405927.ddb02.0.js
d1w9uux77ifu8k.cloudfront.net/public/external/v2/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1w9uux77ifu8k.cloudfront.net/public/external/v2/htmlxf.3405927.ddb02.0.js
Requested by
Host: d2owpcwl4v0y1p.cloudfront.net
URL: https://d2owpcwl4v0y1p.cloudfront.net/03a9bd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-19.zrh50.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
1293e327dbdf9800ed58ef37bc91ff936cd648a95c0a6af10003f674fa8d7c01

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
via
1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
ZRH50-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
ygA6wYi-6nPXcsCNP10Ku2QjsVi-TNVXDrP7PLKTE7rW4p0hGwke3A==
/
o425163.ingest.sentry.io/api/5780930/store/ 		41 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
35c777cf63c9c8189de56997beb572f1f190abb4877441d337d83a3c6bcf58c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tiktok.kayaaku.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
/
o425163.ingest.sentry.io/api/5780930/store/ 		198 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tiktok.kayaaku.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
58:default;error;security;attachment:organization:error_usage_exceeded
retry-after
58
/
o425163.ingest.sentry.io/api/5780930/store/ 		198 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tiktok.kayaaku.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
49:default;error;security;attachment:organization:error_usage_exceeded
retry-after
49
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.8.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
21210
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
81ef22197b69bf2b-WAW
content-length
4547
16454931964ae4b735cb411f2de267110a434da371.png
d266key948fg17.cloudfront.net/uploads/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16454931964ae4b735cb411f2de267110a434da371.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31634d2128e7d2b92f4577e21919d12818c3d4928ff3a4b1f277a61bb3de4f52

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
1olNR3_tZwPsSMFIzeclXxTG8ffZPmbR
date
Tue, 31 Oct 2023 21:29:54 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 01:26:37 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
1438
etag
"672376c9d36a74a875752b88f2ccf289"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30101
x-amz-cf-id
iFyCYeqzA9jV9GcyVNECnTAjnFRUxynmQVUcBnCxey2dW2TlNeZrKw==
1645606690860b44915e39951ccef2f78aae356a84.png
d266key948fg17.cloudfront.net/uploads/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1645606690860b44915e39951ccef2f78aae356a84.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
RQYIgMchvr6G6gI3kkzRz2_v3JIfeLza
date
Tue, 31 Oct 2023 21:52:59 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:11 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
71
etag
"cf9c06469236cd8e8d2088087b10b5b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31679
x-amz-cf-id
NxSY9gkIUkL7WNHgjAyiLtpPYt9Zxx0wgoW8FWQzZPxp6unBLxVl1Q==
16456066910ad995c478735eeb59daf47640f653e3.png
d266key948fg17.cloudfront.net/uploads/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16456066910ad995c478735eeb59daf47640f653e3.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
jESQ7VF8lhOQmEKpco8QJsEG4PY.lIh1
date
Tue, 31 Oct 2023 21:41:33 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
773
etag
"3ea539d676fccf2fef78a5c74e5cc5dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31861
x-amz-cf-id
98dXZT-eM52CF1XEpGs7Znrf4jKSY9rfZIU3wdR7Ohr6x5DxPdpveg==
1645606690dfe4c50e8dab48f102c825bbb91242c3.png
d266key948fg17.cloudfront.net/uploads/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1645606690dfe4c50e8dab48f102c825bbb91242c3.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
W6axW.sMqNSWP4B7a9GQEzzaYOmvzKOC
date
Tue, 31 Oct 2023 21:52:59 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:11 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
71
etag
"e2a36e05f872ff1f960328d91954a724"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6729
x-amz-cf-id
ZuISR2dv2esEoLrKTWJs-hW-kbSd2G7JzlecJmzxro-TJoq9SQDspA==
16456066913af5eafc1e8f4b67bdb9fad531193dd3.png
d266key948fg17.cloudfront.net/uploads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16456066913af5eafc1e8f4b67bdb9fad531193dd3.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
QPZwrvOa2SGRY6j1Pkocfk2.CcPFUmtI
date
Tue, 31 Oct 2023 21:52:59 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
71
etag
"ccaa833c45dcb4ea162881be6dc91e0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9529
x-amz-cf-id
CgYzO0G59tKfSClUQ9xrDiNQMAMVmvsFiHFZ0KV7Ffiz8oJ7nrZfEQ==
16456066916e6559533a5e292ccba8bb80f9149007.png
d266key948fg17.cloudfront.net/uploads/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16456066916e6559533a5e292ccba8bb80f9149007.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
qWhXdWD6ozQaJ.1oJMOpmTjlkVn6l6k0
date
Tue, 31 Oct 2023 21:33:46 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
1337
etag
"677e596f3cd64052974585aa7e123c1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12769
x-amz-cf-id
RosBHqGe9AzyL7qzZ2W6qLyhrxHszvpZSlqjiHsZOXp2kPtlZqd37A==
1645606691ccf0a7bdb704e85631127b851dc0e997.png
d266key948fg17.cloudfront.net/uploads/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1645606691ccf0a7bdb704e85631127b851dc0e997.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
Hh5GCdeMrVnnrp5ASrE4eMIJ8HaFIhOY
date
Tue, 31 Oct 2023 21:39:00 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
977
etag
"72cd5bca1317cb4ccb7744a82a5b92cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6552
x-amz-cf-id
Kq5vAzIgFQmLCy0lhghhsN16jBDvrlcNBfaPNJZV2dfsdiO3nbbp9A==
164560669197909a539d87aced1c1438c4da903d01.png
d266key948fg17.cloudfront.net/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/164560669197909a539d87aced1c1438c4da903d01.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
yVMr_pqF8bM_T5zFyFeflToGbc2nMQn_
date
Tue, 31 Oct 2023 21:27:15 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
1689
etag
"2ad10c7fd2ca9ff2c30c60316256f42d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7959
x-amz-cf-id
fGijO6rXAokvzmUzeoMGK4q9Hz779epFm_skx8pICewjSaDEmO28IA==
16456066905c80182c84eecb81c8441ca9307becc7.png
d266key948fg17.cloudfront.net/uploads/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16456066905c80182c84eecb81c8441ca9307becc7.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
735c5ced19acfc830398b83e3a818cf30acecca4826ae79fa3f399c6818599a4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
AprD6ziPbpiwhZoAmzRBgb_cAFXbRGq1
date
Tue, 31 Oct 2023 21:53:52 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:11 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
etag
"275dd5cb46b5daabe0c4aa878da4f589"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6411
x-amz-cf-id
lMlZaoInQaE6tPfoIxnudZyH3Dp5zf9Gz7ofn2MTGomHnqz8G3bjWw==
16454932785b7b640a16766af88f84901c26fde30d.png
d266key948fg17.cloudfront.net/uploads/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16454932785b7b640a16766af88f84901c26fde30d.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2d951f1b331c622645082362bb5016ea5544a83ae12c03abd58a647310e87c9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
LXr30fUSVRI5OmOP22bMvd4hA5INHMG_
date
Tue, 31 Oct 2023 21:39:00 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 01:27:59 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
977
etag
"72c9812370f8235fdb1cff05170ef915"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30037
x-amz-cf-id
utDgcm_8k7IYDbma5F6bnRQPEyWmpN3NJhZtsToRfofu7Qend6E9VA==
1645606690bc25555bab4430a7900a83e596aef47d.png
d266key948fg17.cloudfront.net/uploads/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1645606690bc25555bab4430a7900a83e596aef47d.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
Lge6SHJh03SQ6P2vJ6l8595_6NBefZsV
date
Tue, 31 Oct 2023 21:52:59 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:11 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
71
etag
"12ab420eb2f85783090f0d149cce0373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13473
x-amz-cf-id
LVAwo9RNm7aAQ7Tyy1-I83skcWBfs1lvH3Q4OsT5vfeWX8JbJkOE4g==
1645606690250c6c064370ec8752e020ce647d55a1.png
d266key948fg17.cloudfront.net/uploads/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1645606690250c6c064370ec8752e020ce647d55a1.png
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.128.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-128-24.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tiktok.kayaaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
cRdaK9HhLLcS9_wllPQb.ZMwmx1tSKec
date
Tue, 31 Oct 2023 21:52:59 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
71
etag
"959fb4eb8ce68f4120db1a1c19362c71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29488
x-amz-cf-id
-QT1LuRQXNVBhKaafD6sjbjkZhLjOlRLZkFzZvV2jfSs3BtjK-dnRA==
ca-pub-4872877528262831
fundingchoicesmessages.google.com/i/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4872877528262831?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
051eb808f46b6bf8b86a7bf79aaffb9ae24ed1e37575af1e9661d65902394bc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fKtsqHTPMTuNKt70_IlikA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-fKtsqHTPMTuNKt70_IlikA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
0.php
s4.histats.com/stats/ 		48 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4677559&@f16&@g1&@h1&@i1&@j1698789231673&@k0&@l1&@mFree%20Gift%20Cards%20Giveaway&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-58337137&@b3:1698789232&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
d8f2e856c8d7729204f78731e51c1901df0ef7e5266c562ddccb40564cc3d91e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 21:53:52 GMT
Connection
close
Content-Length
48
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		389 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tiktok.kayaaku.com&callback=_gfp_s_&client=ca-pub-4872877528262831
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ac5d8a77925e95fe6ee63ee734cdfa3654d2b835ecd049b9ea7b37eeda662a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2D94 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&adk=1812271804&adf=3025194257&lmt=1698785631&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=479&idt=362&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=665987945617&frm=20&pv=2&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=637
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b3616a1eb9afabc35ea2b49c36216345f926eb57bb4d7270c58f4b27b5a88de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
22138
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:52 GMT
expires
Tue, 31 Oct 2023 21:53:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7BAA 		143 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
90d88f8aa55b847e1a9743196f00bb9e937207a182d009970e63a7b706d0afff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43110
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:52 GMT
expires
Tue, 31 Oct 2023 21:53:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cssXF.css
d1w9uux77ifu8k.cloudfront.net/public/clockers/CustomButton/ 		896 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1w9uux77ifu8k.cloudfront.net/public/clockers/CustomButton/cssXF.css
Requested by
Host: d2owpcwl4v0y1p.cloudfront.net
URL: https://d2owpcwl4v0y1p.cloudfront.net/03a9bd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-19.zrh50.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
01054ae4581776870b0514bfb9607e8764927456f14d8eb6de6ba84f12f9c3d6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
via
1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 03:34:34 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
ZRH50-C1
etag
"380-6031617438765"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
896
x-amz-cf-id
07kpNbGHt3vMY4Q4USMWZbIqil-wjppVhTiPDKI2zh0CFtSJLpjnPg==
css
fonts.googleapis.com/ Frame B5D3 		2 KB
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700
Requested by
Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
66bb15f6fcefa66403acc1e4bca76dc4d7f1e6b2af365de840198df41f5635b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://appinstallcheck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 21:50:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 21:53:52 GMT
css
fonts.googleapis.com/ Frame B5D3 		717 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400
Requested by
Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://appinstallcheck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 20:21:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 21:53:52 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B5D3 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://appinstallcheck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
23358320
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2729ae8f2fc6c761bdc17d91cc795f58
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
81ef221c4f8634df-WAW
cdn-requestpullsuccess
True
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame B5D3 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://appinstallcheck.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:45:51 GMT
x-content-type-options
nosniff
age
400081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12648
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 06:45:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame B5D3 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://appinstallcheck.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 03:38:46 GMT
x-content-type-options
nosniff
age
497706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 03:38:46 GMT
nr-spa-1.246.0.min.js
js-agent.newrelic.com/ Frame B5D3 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.246.0.min.js
Requested by
Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e444e843ebdc5c2db6b2f136e8ad77b8c2058d8f8435932c1d3ae734e4b9f6cc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://appinstallcheck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
ZCiO0bNaXW3BU6W4t6EcMCRx3MVwqspc
content-encoding
br
via
1.1 varnish
date
Tue, 31 Oct 2023 21:53:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
4GGX59TK5GPNE461
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28993
x-amz-id-2
4XRgoO7yAoDGtOBCV3GC3I56B70GGkZghQipWJ9GVidoYY6jGwAxRLjaMoLomE7GRxTemwkMoAk=
x-served-by
cache-fra-eddf8230110-FRA
last-modified
Tue, 24 Oct 2023 13:50:56 GMT
server
AmazonS3
x-timer
S1698789232.432258,VS0,VE0
etag
"5d20a26d4ec76d1f3fae03b0023eff5b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
289611
css
fonts.googleapis.com/ Frame 7BAA 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 21:24:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 21:53:52 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a1224023a36ef6e2aec7b9250658fb0692a6e9d27fb8b2d12159c04f1da2fab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55379
x-xss-protection
0
server
cafe
etag
5581113363169347195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E64B 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1892668330~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1629&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280&nras=2&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=adOhRusAn6&p=https%3A//tiktok.kayaaku.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4f58cc2bd405351002d26bca588ccf02ffcc11425c7c307e8e662fddca622a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:52 GMT
expires
Tue, 31 Oct 2023 21:53:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EAD1 		43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b738c924d88bfa081ba92cd19edc00070cdc3e6ee073629519c17c91f94e02b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14991
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:52 GMT
expires
Tue, 31 Oct 2023 21:53:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DC2 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=60&adk=2499841291&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x60&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1629&idt=1&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280%2C1200x90&nras=4&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ebq34buUTx&p=https%3A//tiktok.kayaaku.com&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
3c5b77212f8a072bea8c4dd0f83598f43552457b2c63715ec6d918149e5ba519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:52 GMT
expires
Tue, 31 Oct 2023 21:53:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7BAA 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
9306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:18:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 7BAA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
9269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9142
x-xss-protection
0
server
cafe
etag
3118617226516770384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:19:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7BAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
28119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7BAA 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
9318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7BAA 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:52 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 7BAA 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 17:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 19:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 17:04:13 GMT
7699451935681795509
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7BAA 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/7699451935681795509
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
6e2118564a472a59ffc65b8ab10806687dcb18da622d744bd571aa9e7edf582f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:25:13 GMT
x-content-type-options
nosniff
age
552519
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93633
x-xss-protection
0
last-modified
Sat, 20 May 2023 15:19:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Oct 2024 12:25:13 GMT
14673328786852070561
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7BAA 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14673328786852070561
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
e25a347088e57f8f3c6e6c56cbdd8eafb998a7ff97314cd1d7e27ddbb726f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 16:16:13 GMT
x-content-type-options
nosniff
age
365859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69295
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:23:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Oct 2024 16:16:13 GMT
14332718685346076350
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7BAA 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14332718685346076350
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
b30086ed2a1bd3cc80e0811114892bd7872edd7f30f058a898fd347aa1555dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 10:41:31 GMT
x-content-type-options
nosniff
age
126741
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72135
x-xss-protection
0
last-modified
Fri, 19 May 2023 11:18:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 29 Oct 2024 10:41:31 GMT
5015709204891991144
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7BAA 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5015709204891991144
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
becf40350209fc9399e0f11b5426d4a3da6631e889e29aebb985affca50385fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:05:38 GMT
x-content-type-options
nosniff
age
186494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93303
x-xss-protection
0
last-modified
Tue, 23 May 2023 03:24:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 28 Oct 2024 18:05:38 GMT
12002324119002978654
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7BAA 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/12002324119002978654
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
f608713ced88152e025aa238e652d97dc52ef3ac6eba0d5cfd63bcd3d9ce4a42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 11:58:26 GMT
x-content-type-options
nosniff
age
381326
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85545
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:54:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Oct 2024 11:58:26 GMT
5580767900195355069
tpc.googlesyndication.com/simgad/ Frame 7BAA
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODEjPro6gEQsAkYrAIyCDOypGw7qx1J
  • https://tpc.googlesyndication.com/simgad/5580767900195355069
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5580767900195355069
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H2
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
be124713797afd8427e86ce50ac85a20eccd2e24ce23d93de28f6000bedea1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 00:20:03 GMT
x-content-type-options
nosniff
age
336829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17695
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 13:02:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Oct 2024 00:20:03 GMT

Redirect headers

date
Mon, 30 Oct 2023 22:36:00 GMT
x-content-type-options
nosniff
server
cafe
age
83872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/5580767900195355069
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 22:36:00 GMT
c25b69ac34
bam.nr-data.net/1/ Frame B5D3 		40 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/c25b69ac34?a=735603990&v=1.246.0&to=ZgFQYktXWUMCWkVZDV9LcUNKQlhdTE1eXw5CSlRfVVMaXAxaWlUQHw1cUlxO&rst=1147&ck=0&s=91ce2345df2ae3b0&ref=https://appinstallcheck.com/fl/eglne&af=err,xhr,stn,ins,spa&ap=17&be=576&fe=382&dc=185&at=SkZTFANNSk0%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698789231346,%22n%22:0,%22f%22:1,%22dn%22:9,%22dne%22:10,%22c%22:10,%22s%22:150,%22ce%22:294,%22rq%22:295,%22rp%22:576,%22rpe%22:596,%22di%22:761,%22ds%22:761,%22de%22:761,%22dc%22:955,%22l%22:955,%22le%22:958%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
https://appinstallcheck.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 31 Oct 2023 21:53:52 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://appinstallcheck.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
81ef22200c69350c-WAW
Content-Length
40
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame C609 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
10375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 19:00:57 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 19:00:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame 2EB8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
10375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 19:00:57 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 19:00:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame D796 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6QCO9j2AAEp7DB3zavOK4w67_FYjg;rtbdata=78TPdRwPAhjDAt3oLnMu_RtY910PandP1wIDAGhR2W_1-saJ6MdGOwTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEI4Zh6eRp7gicSV0emCSZ12dhb6eschVZNO-AE80YxA5UiNGd1cCUll60yTlXk30l09CbqofWHJt5BYbnFAEO7_rCFm7uyl5fPMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CP5YXb3dBZaTPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0E_xRi8cJ9NSNJCkFDuLZ-jkRJ_v672V3QzJan9-pp_vhOm1PLFhXCOnU7geq4XpR8FW5NdzEPqfxC_aBCeCuCwHOk19LUJIcgm-ZSwrEScjgyxIpCcHDIbtq5zOnEm5eOC4cBSHgHPB4X-GHv8_0xQmfj1meAV7tVvojITraHyeWDa1_Y2rxLOyY1SIE0XvciwNVjHk49opbIn9QrxXqeVzq05yVoTGDgUJP1H-ombYRXUMaL_TG4U5n4S2c284i6_dky9B0r_3sEiGbX7wj-L01KhzXt3Z8DB3_7CPezst9oINgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yfnYSLdeVjNVS7dkGOKTfb_xZVQ&client=ca-pub-4872877528262831&adurl=
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3471bf0c767777210306c47b7d315e9858d9eefb881031d7862fb16c0072e8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1635
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame D796 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
28119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame D796 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
9318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D796 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:52 GMT
/
track.adform.net/adfscript/ Frame 8329 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6UCO9j2AAEp7Lvtgn5flYAeccE8OQ;rtbdata=OrM4Q0_uJwhot-op19IvY59Qk6iKOLKj5TFnKkWTIHof_Bvd_f889gTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sdyz-wjr2L3lxwBqROqeubpkUSJO1nS55uq0yTlXk30l09CbqofWHJt5BYbnFAEO7_uqAp8OShwwhMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKjtEb3dBZaXPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0O-dmHhquhS5hqXxsJFbhD0zAWGTK-JdKRMGVwAlsspY_XmeEQb5FF1JrhBcGUfSxDT9O6fmKDwAuc8pVfwF02TrRT4bTG4DmcU9zyvoV_glpEXllSt_7CLlF10Dy4T_30HrYMvmkrugnLpSpmoKn374aW0H1gfECI0c0Q_Ge4yexHmjOFLLKwOLK5mGfE8XUlQMpAB1quTLQIqczh5GljRqFAHD3daN9YjL30lGW6qu5dJp0Y9sjheHdBRow_bkeaP6uvch1xyC9_21ekKig4-cCDe6KOkCnYNbwFq9hr8bbXr0gAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yLhkTGWR-0hRTCJtAeIa6ynPH5A&client=ca-pub-4872877528262831&adurl=
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
64de9f1b7d0e4f167e6e6c44549969985e0b446ead529be7309613a9f97e526e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1629
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8329 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
28119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8329 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
9318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8329 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:52 GMT
truncated
/ Frame 7BAA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5cb293dac75bbe56ec98d8ba5f33f6d1fd82778174220af6d6fc92acc61a51b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7BAA 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 05:04:01 GMT
x-content-type-options
nosniff
age
319791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 05:04:01 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7BAA 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 09:20:48 GMT
x-content-type-options
nosniff
age
304384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 09:20:48 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7BAA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFQGBb3dBZZ6oOrKG78EPwtKPoAqdo7rZc5KMx5uBEmQQASDqzbKTAWDp5MmF2BqgAd-n2vkCyAEJqAMByAPLBKoE8gFP0MbVeU-g9F5uSQILJpmVHDhhVZdF76IMMFF8tC65quUEfx6T_Y6...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228329081011602999174%22,%22debug_reporting%22:true,%22destination%22:%22https://dmarket.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228329081011602999174%22,%22debug_reporting%22:true,%22destination%22:%22https://dmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22792105951%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211841507685711744257%22}&andc=true
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8329081011602999174","debug_reporting":true,"destination":"https://dmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["792105951"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"11841507685711744257"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 21:53:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 21:53:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8329081011602999174","debug_reporting":true,"destination":"https://dmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["792105951"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"11841507685711744257"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
pagead2.googlesyndication.com/bg/ Frame DFFB 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=280&slotname=1579993522&adk=1602255012&adf=2449933453&pi=t.ma~as.1579993522&w=1090&fwrn=4&fwrnh=100&lmt=1698785631&rafmt=1&format=1090x280&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789231251&bpp=2&bdt=478&idt=418&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o9HHMqyM9C&p=https%3A//tiktok.kayaaku.com&dtd=646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 18:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
358614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15080
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 18:16:58 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame D796 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6QCO9j2AAEp7DB3zavOK4w67_FYjg;rtbdata=78TPdRwPAhjDAt3oLnMu_RtY910PandP1wIDAGhR2W_1-saJ6MdGOwTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEI4Zh6eRp7gicSV0emCSZ12dhb6eschVZNO-AE80YxA5UiNGd1cCUll60yTlXk30l09CbqofWHJt5BYbnFAEO7_rCFm7uyl5fPMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CP5YXb3dBZaTPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0E_xRi8cJ9NSNJCkFDuLZ-jkRJ_v672V3QzJan9-pp_vhOm1PLFhXCOnU7geq4XpR8FW5NdzEPqfxC_aBCeCuCwHOk19LUJIcgm-ZSwrEScjgyxIpCcHDIbtq5zOnEm5eOC4cBSHgHPB4X-GHv8_0xQmfj1meAV7tVvojITraHyeWDa1_Y2rxLOyY1SIE0XvciwNVjHk49opbIn9QrxXqeVzq05yVoTGDgUJP1H-ombYRXUMaL_TG4U5n4S2c284i6_dky9B0r_3sEiGbX7wj-L01KhzXt3Z8DB3_7CPezst9oINgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yfnYSLdeVjNVS7dkGOKTfb_xZVQ&client=ca-pub-4872877528262831&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 8329 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69178410;rtbwp=ZUF3bwAOp6UCO9j2AAEp7Lvtgn5flYAeccE8OQ;rtbdata=OrM4Q0_uJwhot-op19IvY59Qk6iKOLKj5TFnKkWTIHof_Bvd_f889gTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sdyz-wjr2L3lxwBqROqeubpkUSJO1nS55uq0yTlXk30l09CbqofWHJt5BYbnFAEO7_uqAp8OShwwhMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKjtEb3dBZaXPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0O-dmHhquhS5hqXxsJFbhD0zAWGTK-JdKRMGVwAlsspY_XmeEQb5FF1JrhBcGUfSxDT9O6fmKDwAuc8pVfwF02TrRT4bTG4DmcU9zyvoV_glpEXllSt_7CLlF10Dy4T_30HrYMvmkrugnLpSpmoKn374aW0H1gfECI0c0Q_Ge4yexHmjOFLLKwOLK5mGfE8XUlQMpAB1quTLQIqczh5GljRqFAHD3daN9YjL30lGW6qu5dJp0Y9sjheHdBRow_bkeaP6uvch1xyC9_21ekKig4-cCDe6KOkCnYNbwFq9hr8bbXr0gAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yLhkTGWR-0hRTCJtAeIa6ynPH5A&client=ca-pub-4872877528262831&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
/
track.adform.net/adfscript/ Frame CFF1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69140203;rtbwp=ZUF3cAAH-8kA-RCmAAvablNOORtu-UVVe17tXQ;rtbdata=5lQbPeq0pWwvgtgfEm0WLCcT4JBYGmlWW0bD6skb2YvOPNyNEatVogTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sd64pnR19MwCvUn9mQHDpBsdfe4xYZ4sE4fNUVu7Ki4C6lbLBcIpUZ7EFOMYy9Ew1sZK66VoRPodFlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLABj9dj8PeUKI1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-9CFcHdBZcn3H6ah5LcP7rSv4A6RrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQLpjanLixGDPqgDAcgDAqoE6gFP0PJ3Xkm0cKQcSaUrDO-qcSpEV2yIWCSc8OX5GF4IF18qtl_kkPIqmtsb5LepWPOpkL9eEx-T1F1AGzMlQ5BdnChMUI_baK9yqK_Egtus-BmS2bxAyijC66XsHfByUUVXTCca9aDyWi6bwFMnl1jh6JS7BptfVAnIcOIsM5hOIepbrpPgHtchLeIuKBfrJFqj9A12HE_lTLsmusQs8JRQF_0sqP4tTk8vcieZscoABzkpd4LIH-PTwSUuvInP75KWsB0gHBs5xiFb3DCGxbOsVmhGPiJzzaKHQS_LRA0aWH3s4YeeD2Euh2qABvLXg7r7gYK-gAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_0LnIKjS12kshbg9U0CtCH75N5pEg&client=ca-pub-4872877528262831&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
55e1bc76f1703feecc040bcfb56545d3841cf150e695bcb6b10512ff7eec240b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1626
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame CFF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
28119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame CFF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
9318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:18:34 GMT
l
www.google.com/ads/measurement/ Frame CFF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvpLmSm1kapELjWLF-Maym_CpKH895rJ-wxlzqf7hIjrkuwPy80bUhzsH5j5sMPU2JoBDh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFF1 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:53:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228329081011602999174%22,%22debug_reporting%22:true,%22destination%22:%22https://dmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22792105951%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211841507685711744257%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 21:53:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame CFF1 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69140203;rtbwp=ZUF3cAAH-8kA-RCmAAvablNOORtu-UVVe17tXQ;rtbdata=5lQbPeq0pWwvgtgfEm0WLCcT4JBYGmlWW0bD6skb2YvOPNyNEatVogTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sd64pnR19MwCvUn9mQHDpBsdfe4xYZ4sE4fNUVu7Ki4C6lbLBcIpUZ7EFOMYy9Ew1sZK66VoRPodFlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLABj9dj8PeUKI1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-9CFcHdBZcn3H6ah5LcP7rSv4A6RrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQLpjanLixGDPqgDAcgDAqoE6gFP0PJ3Xkm0cKQcSaUrDO-qcSpEV2yIWCSc8OX5GF4IF18qtl_kkPIqmtsb5LepWPOpkL9eEx-T1F1AGzMlQ5BdnChMUI_baK9yqK_Egtus-BmS2bxAyijC66XsHfByUUVXTCca9aDyWi6bwFMnl1jh6JS7BptfVAnIcOIsM5hOIepbrpPgHtchLeIuKBfrJFqj9A12HE_lTLsmusQs8JRQF_0sqP4tTk8vcieZscoABzkpd4LIH-PTwSUuvInP75KWsB0gHBs5xiFb3DCGxbOsVmhGPiJzzaKHQS_LRA0aWH3s4YeeD2Euh2qABvLXg7r7gYK-gAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_0LnIKjS12kshbg9U0CtCH75N5pEg&client=ca-pub-4872877528262831&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
/
track.adform.net/adfserve/ Frame D796 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=69178410;rtbwp=ZUF3bwAOp6QCO9j2AAEp7DB3zavOK4w67_FYjg;rtbdata=78TPdRwPAhjDAt3oLnMu_RtY910PandP1wIDAGhR2W_1-saJ6MdGOwTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEI4Zh6eRp7gicSV0emCSZ12dhb6eschVZNO-AE80YxA5UiNGd1cCUll60yTlXk30l09CbqofWHJt5BYbnFAEO7_rCFm7uyl5fPMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CP5YXb3dBZaTPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0E_xRi8cJ9NSNJCkFDuLZ-jkRJ_v672V3QzJan9-pp_vhOm1PLFhXCOnU7geq4XpR8FW5NdzEPqfxC_aBCeCuCwHOk19LUJIcgm-ZSwrEScjgyxIpCcHDIbtq5zOnEm5eOC4cBSHgHPB4X-GHv8_0xQmfj1meAV7tVvojITraHyeWDa1_Y2rxLOyY1SIE0XvciwNVjHk49opbIn9QrxXqeVzq05yVoTGDgUJP1H-ombYRXUMaL_TG4U5n4S2c284i6_dky9B0r_3sEiGbX7wj-L01KhzXt3Z8DB3_7CPezst9oINgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yfnYSLdeVjNVS7dkGOKTfb_xZVQ&client=ca-pub-4872877528262831&adurl=;js=1;adfxid=1x;2165;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ftiktok.kayaaku.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
486c832ac65d0fa63a637482926d63e6530d2bbfdd7ab3d31f2778e9fdbbb0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3286
expires
-1
/
track.adform.net/adfserve/ Frame 8329 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=69178410;rtbwp=ZUF3bwAOp6UCO9j2AAEp7Lvtgn5flYAeccE8OQ;rtbdata=OrM4Q0_uJwhot-op19IvY59Qk6iKOLKj5TFnKkWTIHof_Bvd_f889gTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sdyz-wjr2L3lxwBqROqeubpkUSJO1nS55uq0yTlXk30l09CbqofWHJt5BYbnFAEO7_uqAp8OShwwhMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKjtEb3dBZaXPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE5QFP0O-dmHhquhS5hqXxsJFbhD0zAWGTK-JdKRMGVwAlsspY_XmeEQb5FF1JrhBcGUfSxDT9O6fmKDwAuc8pVfwF02TrRT4bTG4DmcU9zyvoV_glpEXllSt_7CLlF10Dy4T_30HrYMvmkrugnLpSpmoKn374aW0H1gfECI0c0Q_Ge4yexHmjOFLLKwOLK5mGfE8XUlQMpAB1quTLQIqczh5GljRqFAHD3daN9YjL30lGW6qu5dJp0Y9sjheHdBRow_bkeaP6uvch1xyC9_21ekKig4-cCDe6KOkCnYNbwFq9hr8bbXr0gAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2yLhkTGWR-0hRTCJtAeIa6ynPH5A&client=ca-pub-4872877528262831&adurl=;js=1;adfxid=2x;4540;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ftiktok.kayaaku.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
23a6b110bf3d496df2d2ed44ad1c93170f3e916fed5dae3a1166f245b122ef61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3265
expires
-1
/
track.adform.net/adfserve/ Frame CFF1 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=69140203;rtbwp=ZUF3cAAH-8kA-RCmAAvablNOORtu-UVVe17tXQ;rtbdata=5lQbPeq0pWwvgtgfEm0WLCcT4JBYGmlWW0bD6skb2YvOPNyNEatVogTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sd64pnR19MwCvUn9mQHDpBsdfe4xYZ4sE4fNUVu7Ki4C6lbLBcIpUZ7EFOMYy9Ew1sZK66VoRPodFlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtgfeLciUYN81FGmwdAMTVEEes05Szk56jBUikTViklq4EG57qbmYRPLABj9dj8PeUKI1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-9CFcHdBZcn3H6ah5LcP7rSv4A6RrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQLpjanLixGDPqgDAcgDAqoE6gFP0PJ3Xkm0cKQcSaUrDO-qcSpEV2yIWCSc8OX5GF4IF18qtl_kkPIqmtsb5LepWPOpkL9eEx-T1F1AGzMlQ5BdnChMUI_baK9yqK_Egtus-BmS2bxAyijC66XsHfByUUVXTCca9aDyWi6bwFMnl1jh6JS7BptfVAnIcOIsM5hOIepbrpPgHtchLeIuKBfrJFqj9A12HE_lTLsmusQs8JRQF_0sqP4tTk8vcieZscoABzkpd4LIH-PTwSUuvInP75KWsB0gHBs5xiFb3DCGxbOsVmhGPiJzzaKHQS_LRA0aWH3s4YeeD2Euh2qABvLXg7r7gYK-gAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_0LnIKjS12kshbg9U0CtCH75N5pEg&client=ca-pub-4872877528262831&adurl=;js=1;adfxid=3x;4638;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ftiktok.kayaaku.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c1a14ec22850f3cac16faab017744f1b00b7b98afb854fec400ace5c6dc37c51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3240
expires
-1
B30755632.379370161;dc_pre=CKXpsYajoYIDFaeJ_QcdN6oMGA;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/ Frame D796
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CKXpsYajoYIDFaeJ_QcdN6oMGA;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for...
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CKXpsYajoYIDFaeJ_QcdN6oMGA;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CKXpsYajoYIDFaeJ_QcdN6oMGA;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=62086;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30755632.379370161;dc_pre=COTqsYajoYIDFTvDEQgd-HQJug;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/ Frame 8329
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=COTqsYajoYIDFTvDEQgd-HQJug;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for...
42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=COTqsYajoYIDFTvDEQgd-HQJug;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=COTqsYajoYIDFTvDEQgd-HQJug;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=25681;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D796 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
503c0fd739e2c69fc08a8112e40b4f97e3affd4177b565f58cf8473bc4833c6c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
B30755632.379370161;dc_pre=CPfssYajoYIDFcuS_QcdHJAGNw;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/ Frame CFF1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
  • https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CPfssYajoYIDFcuS_QcdHJAGNw;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_ch...
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CPfssYajoYIDFcuS_QcdHJAGNw;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H2
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N4022.3353005ADMETRICS.PL0/B30755632.379370161;dc_pre=CPfssYajoYIDFcuS_QcdHJAGNw;dc_trk_aid=570278575;dc_trk_cid=203107952;ord=69;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CFF1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbd3f1835c39a55cbd717d66a49670e7c1e656be6374d65f9ed71f5404262742

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 8329 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
503c0fd739e2c69fc08a8112e40b4f97e3affd4177b565f58cf8473bc4833c6c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame CFF1 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
503c0fd739e2c69fc08a8112e40b4f97e3affd4177b565f58cf8473bc4833c6c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
/
track.adform.net/csimpr/ Frame D796 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69178410&csi=njtbiB2t8sel3HXvRZNuh-NWwbVIWWK0ds2jdCwAxvfrygPkIxxfk_3ssO--yKDZPfb_OuW7BeFcGeqGoV3LHWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61143371.gif
s1.adform.net/Banners/61143371/ Frame D796 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/61143371/61143371.gif?bv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7608f33d3a97c09e60511b9182be66392b2fa01c1529a1211e38be3b8d34663f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
last-modified
Fri, 27 Oct 2023 07:40:30 GMT
server
nginx
x-amz-request-id
tx00000659560bb4daf577e-0065408407-329552a5-default
etag
"9dcf88257f5ece3efac4e7526e15d64a"
x-cache-status
STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
85686
61143371.gif
s1.adform.net/Banners/61143371/ Frame 8329 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/61143371/61143371.gif?bv=1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7608f33d3a97c09e60511b9182be66392b2fa01c1529a1211e38be3b8d34663f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
last-modified
Fri, 27 Oct 2023 07:40:30 GMT
server
nginx
x-amz-request-id
tx00000659560bb4daf577e-0065408407-329552a5-default
etag
"9dcf88257f5ece3efac4e7526e15d64a"
x-cache-status
STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
85686
/
track.adform.net/csimpr/ Frame 8329 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69178410&csi=m8CinF6beV5FpzTYgSt6Zb-z1gcKRAi_ds2jdCwAxvfrygPkIxxfkyZR7uGGoBki2auAI5oLUJNSKV6P-DGRkWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame CFF1 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69140203&csi=JT8JDuoOChuNHlFkfViNoYdklBV8lKKqBme5Nw0KtK9ruII-PWhzuhys4AZ3wSeoAttMDuR0KOCG-atr_Tk_prQ8JIJob1sX0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61143375.gif
s1.adform.net/Banners/61143375/ Frame CFF1 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/61143375/61143375.gif?bv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6784abf81d7240934f685331ae05983532451aefed416db3480df82dab727cf9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
last-modified
Fri, 27 Oct 2023 07:22:00 GMT
server
nginx
x-amz-request-id
tx00000124e1cca43504676-00653f4d39-3295f919-default
etag
"90fd6086d2c702a98750091330723a30"
x-cache-status
STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62761
truncated
/ Frame D796 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f25eb88c419bd04050e076f9ecca33898552cd279b33a21a6f7512c3a4bf7e28

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8329 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be449e563b965308c6a7f6f9ff83247012ab8d55c6d61f602fb4c3ae4445b687

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame D796 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cwn4Lb3dBZaTPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE4gFP0E_xRi8cJ9NSNJCkFDuLZ-jkRJ_v672V3QzJan9-pp_vhOm1PLFhXCOnU7geq4XpR8FW5NdzEPqfxC_aBCeCuCwHOk19LUJIcgm-ZSwrEScjgyxIpCcHDIbtq5zOnEm5eOC4cBSHgHPB4X-GHv8_0xQmfj1meAV7tVvojITraHyeWDa1_Y2rxLOyY1SIE0XvciwNVjHk49opbIn9QrxXqeVzq05yVoTGDgUJP1H-ombYRXUMaL_TG4U5n8a0Uv3yAimpK6kOSUOxL5yQeXRThczsJyWXGEIHRS5b53gj5U-VgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDg3Mjg3NzUyODI2MjgzMRgA&sigh=yn-3jLUCEMU&uach_m=[UACH]&cid=CAQSSwDICaaNg4a1BruoSYcMV9LTqQpmM2qAWQQ6_qDrblyIleyG0CDEHa5gqdUGKnnnY5ssaFE2-s2pK58cylm-jpamBIhTvBZWDU2pjxgB&cbvp=2&vis=1
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8329 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcBaTb3dBZaXPOvax78EP7NOEsASRrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQK3Wh5cXwCDPqgDAcgDAqoE4gFP0O-dmHhquhS5hqXxsJFbhD0zAWGTK-JdKRMGVwAlsspY_XmeEQb5FF1JrhBcGUfSxDT9O6fmKDwAuc8pVfwF02TrRT4bTG4DmcU9zyvoV_glpEXllSt_7CLlF10Dy4T_30HrYMvmkrugnLpSpmoKn374aW0H1gfECI0c0Q_Ge4yexHmjOFLLKwOLK5mGfE8XUlQMpAB1quTLQIqczh5GljRqFAHD3daN9YjL30lGW6qu5dJp0Y9sjheHdFZq4mQu8CWOAnFuTODEaCmjbkgBiaGE-7pebnbcKJ132JIRGMujgAawq8XD9Y6hwVagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDg3Mjg3NzUyODI2MjgzMRgA&sigh=bxBjGORzwc0&uach_m=[UACH]&cid=CAQSSwDICaaNg4a1BruoSYcMV9LTqQpmM2qAWQQ6_qDrblyIleyG0CDEHa5gqdUGKnnnY5ssaFE2-s2pK58cylm-jpamBIhTvBZWDU2pjxgB&cbvp=2&vis=1
Requested by
Host: tiktok.kayaaku.com
URL: https://tiktok.kayaaku.com/giftcardgiveaway.php?s1=Donate
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame CFF1 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMmmKcHdBZcn3H6ah5LcP7rSv4A6RrcW8XN3m7KbuAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi00ODcyODc3NTI4MjYyODMxyAEJqQLpjanLixGDPqgDAcgDAqoE5wFP0PJ3Xkm0cKQcSaUrDO-qcSpEV2yIWCSc8OX5GF4IF18qtl_kkPIqmtsb5LepWPOpkL9eEx-T1F1AGzMlQ5BdnChMUI_baK9yqK_Egtus-BmS2bxAyijC66XsHfByUUVXTCca9aDyWi6bwFMnl1jh6JS7BptfVAnIcOIsM5hOIepbrpPgHtchLeIuKBfrJFqj9A12HE_lTLsmusQs8JRQF_0sqP4tTk8vcieZscoABzkpd4LIH-PTwSUuvInP75KW8h8BjtGwQFXjWn8dOfUzgn5SNIF547p0zMuN29OvRlH0KSsAe9mABvLXg7r7gYK-gAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDg3Mjg3NzUyODI2MjgzMRgA&sigh=7tgNEzRZ38M&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN0SWfev_twnhJ_j3_vKe7cM0smyzhRilZ7jiZwHM2TEkpdV6kmD-uRPe0bj-P9yxvIIjFBO_1GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4872877528262831&output=html&h=90&adk=4204718025&adf=943920009&pi=t.aa~a.3932987704~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698785632&rafmt=1&to=qs&pwprc=3580757699&format=1200x90&url=https%3A%2F%2Ftiktok.kayaaku.com%2Fgiftcardgiveaway.php%3Fs1%3DDonate&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698789232402&bpp=1&bdt=1630&idt=-M&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5fdd1d366fdb9f1c-22cda1f4b0e400ee%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MZ6pEw91VkNyWtjtJqUjcY8paDimA&gpic=UID%3D00000cafa4a933fd%3AT%3D1698789231%3ART%3D1698789231%3AS%3DALNI_MYm_qXqJxe8a2QVEMT6LDO8KS1YLA&prev_fmts=0x0%2C1090x280%2C1200x280&nras=3&correlator=665987945617&frm=20&pv=1&ga_vid=12610867.1698789231&ga_sid=1698789232&ga_hid=399616041&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079193%2C31079265%2C44798934%2C44805933%2C44807048%2C44807406%2C44807454%2C31078301&oid=2&pvsid=2337778490947936&tmod=1124386657&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sK1v3lDPbu&p=https%3A//tiktok.kayaaku.com&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fb612a02563d2753131ec10a8df0bd5ba9dceb7047a2af8393e3b96f8849e887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12128
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4872877528262831&plah=tiktok.kayaaku.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 21:53:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C05A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
27886
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:09:07 GMT
expires
Wed, 30 Oct 2024 14:09:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 70DA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
f7af2f5207d2cd3dc7da1b454ca66048f70f38ba5136959783a01f27deab5033
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-loK-42adc6CoXBcvtO4tNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-loK-42adc6CoXBcvtO4tNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:53:53 GMT
expires
Tue, 31 Oct 2023 21:53:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame C05A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
23249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 15:26:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 70DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2337778490947936&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C05A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZN_uxg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7BAA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv98geh0JEYxaXLzou6x_0IWSLM4J37hQSUyUFX6NcA09DoYwjSMyFIKFknzLwaTnCIZ-Ty5q03P_5bQtBymzNhRkHisbWHNX8sKkQjm0W66YMU4bRMidngl8S70lt4VZEx7k_lWDEtNcfk&sai=AMfl-YQkUeqNX_SQxWdLHyEFatOQPz1gtaBOxHqlwjqcpYVd5OnHiuc3HvK8YCENfRqFEsBew8oUNP19cg8wm5wyw5lMMqhYHKwKj6mscXga87kHahXn1Vto_PYZCKKDynZAm1W6BkVDClB0a368EA&sig=Cg0ArKJSzG6H-plKxS_wEAE&cid=CAQSTADICaaNkXQVvapJzoYB8Pn4YTw_PRVX2xUSq5zWexvRt7sT7eK-8DXheGQhuq0LE1NM2BWq6WJlIaYxiMvh62prlRwupRc5fbV-V1MYAQ&id=lidar2&mcvt=1001&p=0,0,280,1090&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1602255012&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698789231898&rpt=921&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check.php
d1w9uux77ifu8k.cloudfront.net/public/external/ 		72 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1w9uux77ifu8k.cloudfront.net/public/external/check.php?it=3405927&time=1698789233909
Requested by
Host: d2owpcwl4v0y1p.cloudfront.net
URL: https://d2owpcwl4v0y1p.cloudfront.net/03a9bd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-19.zrh50.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:54 GMT
via
1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
ZRH50-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
72
x-amz-cf-id
BxVOVDrVpiemdF3rkhrOzEJQ7SNzhNhDq7XJVSo84fnTS8CSCcLnqw==
check.php
d1w9uux77ifu8k.cloudfront.net/public/external/ 		72 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1w9uux77ifu8k.cloudfront.net/public/external/check.php?it=3405927&time=1698789233994
Requested by
Host: d2owpcwl4v0y1p.cloudfront.net
URL: https://d2owpcwl4v0y1p.cloudfront.net/03a9bd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-19.zrh50.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:53:54 GMT
via
1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
ZRH50-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
72
x-amz-cf-id
f_Y-mmM8r_3Qdo3QHR5hDYU4Fl0ELVwmpo4rkdSfN_zIy0-DhpR9Qw==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2337778490947936&bg=!mJulm9TNAAbo5yKYyOc7ADQBe5WfOEWXItdvskOts4MqLCIokK-taZQ9Rm3cG6H8y5wlnPmOjXTwobf8gO3wcv_PzJ4vAgAAAEdSAAAAAmgBBwoAJJLZYQt8C0-eRFQTdArA6TWlKb1mHvQfxG_0SxLV2_LKsvzAzpkC0FYKUo3LN1L_7vS1XiEY23KyrOPtaav_2Oy2jIae88hlV2BPepdj6Okmo_7kScsjY8PqZ_C2Gc8top1urhPySfUCcIE9tVdUNQgCWykUyA3rviaY7A73cddFbRtXaY6CgzBeYm0XpTHl_jUev_yC7BFtT4RL3vaWiLQRZk5RwM40nqILz9mE-sQQVejyTeiEYxnoKLLncifaZRuLJY_MNO4pMwHouO-vSv8L6es_jSEUyGvuSDlZ2a-Nnc725ca6ORZSs5K4FfteQ4uYaRWdall7BEXrwSsPScx9ZNmQ7aKGDdP-LKfhdb_ZkXcXtgVSy0VtRwxMnCAzasddeiEPheF2SJuelW7AxLFaU3uWWqhA1guebcQl-R2C-yVPQ6K6dxt0Tt-n7lWIuQnisJGExSFFZEa6ikLq9qtLTFMMOdts2YsLNjeJDFWR-IQr318QBgaq2lUB3SVEnweJ14Q_672Wa9ww1QjugCT1VrdUV_OhuIhSM2RWBW0rDR63gVKteS92fH4gpzz8Aa0FKx6vDuTsdjG5zs_9NquWlJgT2Ck93tcnRVp-S65XzE42_cnPZ_st4jPz7JPGnNT2yJ6DdxrxvH4F-1OYABhdBsK5YrvkyPiz2BOBSp4TEaKzKRbZl0VROXfDUMsnFZIgdoAwKAsvopEbvoDeSYGed4k25992RrFRlLRkFl7FMyyi5b2RRG8kCd5Zx5Imi7-t1VRg_ARi8Wgm_leemmfFm8jIJgpM_W5adMpQdR_-ecrc1z6YJmgArtQ_UPx0JJWD0uue7FrabXcGzbCwh-dKy9SQ4EoDZ2e3EHFwPTuFqI-Qd-lESy-sn3tfQBh-kiDl_Vc_xkDV1Ws3Yf_0dnhhvZHz0My69qzmUF5pV3QaW7cvuExC8VMhZ3fvBEpp6iUJJWVJ8kXa3DEtenwCV3Y-GVkiWjj-m8FbOeAHGdWn9FBnMDKNyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8329 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNLBhyZgYD3Q4KL8sYKzeoPOLuwroV_D8M7kq8BXVorJ8FRtuj-q7Q7sWwsPjyuRitW8zC_lyuiykynPVS77S5uwmnYRQLNtOEyp8h&sig=Cg0ArKJSzIg62Euf8xwPEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698789232645&rpt=745&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D796 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBIT2rVUMLI-gKSK-8vNyHySQXdHANZvaGfP3SAv-3QUIT5WZs2F7GSgC7RZOGVx0VmfP1DUEgjM7WAn60SNK5v33FY2Eopg7_y7Az&sig=Cg0ArKJSzEq4N1mJma1oEAE&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698789232618&rpt=767&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/Event/ Frame 8329 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69178410&event=178&time=1&baid=61143371&name=Viewable%20impressions&imprid=8313670282067368702&icid=8211828237495052358&eData=m8CinF6beV7hWjajS8bEn_tbdIMnl0Wf4fn4X_ACi5iYzVFpNT10scZs7Qr8Pi8Y1sQmDUVS1dUau94oJsHc8Q2&rtbdata=OrM4Q0_uJwhot-op19IvY59Qk6iKOLKj5TFnKkWTIHof_Bvd_f889gTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEIlHMhbhnFZ0btz9UhBo1sdyz-wjr2L3lxwBqROqeubpkUSJO1nS55uq0yTlXk30l09CbqofWHJt5BYbnFAEO7_uqAp8OShwwhMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581&rtbwp=ZUF3bwAOp6UCO9j2AAEp7Lvtgn5flYAeccE8OQ&rnd=790473602
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8329 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8211828237495052358@@69178410,8313670282067368702,100|1187|0|0|0|0|0|0|0||59|1|||||1|0|0|Z3zBohkRvrFX7EYoWZQhUeES6SD0HYKDxYCLWrGVe3iXvwHdl1HAOBhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame D796 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=69178410&event=178&time=2&baid=61143371&name=Viewable%20impressions&imprid=6110693344263112266&icid=5528739193366532948&eData=njtbiB2t8sfhWjajS8bEn_tbdIMnl0Wf4fn4X_ACi5gOLyPxdfK-r5NPjY_Y1OOZ1sQmDUVS1dUau94oJsHc8Q2&rtbdata=78TPdRwPAhjDAt3oLnMu_RtY910PandP1wIDAGhR2W_1-saJ6MdGOwTp49xtZcNgrfsS52MY-QAmW3Ops9cjslG92-IQ0prZq3yZ8QY1DE-o2yFzG9SjCaXA6k2cqGEI4Zh6eRp7gicSV0emCSZ12dhb6eschVZNO-AE80YxA5UiNGd1cCUll60yTlXk30l09CbqofWHJt5BYbnFAEO7_rCFm7uyl5fPMGJS8-LAVpfPN8NdGKTW5PLOtnRghpHrC-lLp2I_5R7lrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1&rtbwp=ZUF3bwAOp6QCO9j2AAEp7DB3zavOK4w67_FYjg&rnd=127622638
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D796 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5528739193366532948@@69178410,6110693344263112266,100|1100|0|0|0|0|0|0|0||55|1|||||1|0|0|Z3zBohkRvrFX7EYoWZQhUbLmJ4weIf-aqUcX5fpYGYUaW19vZATtohhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D796 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5528739193366532948@@69178410,6110693344263112266,100|4699|0|0|0|0|0|0|0||235|1|||||1|0|0|Z3zBohkRvrFX7EYoWZQhUbLmJ4weIf-aqUcX5fpYGYUaW19vZATtohhpnBRkvb3lA7z_uuw_WOM1|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 21:53:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8329 		0
0
/
track.adform.net/serving/unload/ Frame CFF1 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.adform.net
URL
https://track.adform.net/serving/unload/?version=15&unload=8211828237495052358@@69178410,8313670282067368702,100|4887|0|0|0|0|0|0|0||244|1|||||1|0|0|Z3zBohkRvrFX7EYoWZQhUeES6SD0HYKDxYCLWrGVe3iXvwHdl1HAOBhpnBRkvb3lA7z_uuw_WOM1|||01||0|0|
Domain
track.adform.net
URL
https://track.adform.net/serving/unload/?version=15&unload=1312060855582032464@@69140203,45014893451271922,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|ZH2p7YcLpdhX7EYoWZQhUWGeQNX-9mvHF7iUlEIgz6l97yAoYCH8bxhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| adsbygoogle object| CPABUILDSETTINGS object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| xfContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| xfLock function| xfGetFeedURL function| xfGetIframeURL function| xfGetIframeHTML function| xfUnlock function| xfOfferComplete function| xfOffersComplete function| xfCheckForLead function| xfComplete function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| CPABuildComplete function| _RH function| _Vm function| _uj function| _Ew function| _HW function| _oy function| _Jf function| _Mz function| _EQ function| _ZU function| _lL function| _yk function| _Tm function| _Ht function| _nS function| _Xy function| _qr function| _Tt function| _du function| _OS function| _Ts function| _ET function| _om function| _Wi function| _xb function| _GK function| _CS function| _kt function| _iE function| _Ut function| _yi function| _TR function| _iD function| _aj function| _lI function| _Ri function| _Th function| _gD function| _iH function| _ff function| _uG function| _KE function| _VR function| _HL function| _VX function| _Nr function| _di function| _Ul function| _WT function| _Cd function| _cy function| _jb function| _tx function| _Yf function| _zl function| _Pg function| _CJ function| _Jl function| _GX function| _nO function| _JF function| _KB function| _VU function| _MS function| _cn function| _xA function| _Kx function| _eN function| _yy function| _bC function| _JW function| _cW function| _Cm function| _xY function| _Gi function| _Ns function| _bu function| _Ci function| _cZ function| _vH function| _ou function| _Tu function| _ux function| _xS function| _wg function| _vs function| _Nl function| _LF function| _gu function| _Yg function| _Hj function| _dS function| _VE function| _TG function| _qd function| _FD function| _rp function| _Hn function| _my function| _qW function| $ function| jQuery string| forward object| google_tag_manager function| openPopup function| closePopup function| openNganu function| closeNganu object| elem object| elem1 object| elem2 number| width number| wait object| genvalue number| genvalueran number| wait2 object| gennamelist string| x number| myVar2 function| UserTimer undefined| Radiovalue function| Mainstepfunction function| functionPack1 object| slideIndex object| slideId function| plusSlides function| showSlides string| message function| clickIE4 function| clickNS4 object| shortcut object| _Hasync function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run function| chfh function| chfh2 string| _HST_cntval object| Histats function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
.2124590244.gopeerclick.com/ Name: 15Gogio
Value: 20231101001698789965733
.2124590244.gopeerclick.com/ Name: _pc_lc_id
Value: 15Gogi
.2124590244.gopeerclick.com/ Name: peerclickcid
Value: b6e0f80c6683143946d2433339604d4f-19279-1101
.2124590244.gopeerclick.com/ Name: _norg
Value: 1
.kayaaku.com/ Name: _ga
Value: GA1.2.12610867.1698789231
.kayaaku.com/ Name: _gid
Value: GA1.2.62635420.1698789231
.kayaaku.com/ Name: _gat
Value: 1
.kayaaku.com/ Name: _ga_3W7PE80J60
Value: GS1.2.1698789231.1.0.1698789231.0.0.0
tiktok.kayaaku.com/ Name: HstCfa4677559
Value: 1698789231673
tiktok.kayaaku.com/ Name: HstCla4677559
Value: 1698789231673
tiktok.kayaaku.com/ Name: HstCmu4677559
Value: 1698789231673
tiktok.kayaaku.com/ Name: HstPn4677559
Value: 1
tiktok.kayaaku.com/ Name: HstPt4677559
Value: 1
tiktok.kayaaku.com/ Name: HstCnv4677559
Value: 1
tiktok.kayaaku.com/ Name: HstCns4677559
Value: 1
appinstallcheck.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZqNzlwdmZ0N3EydTBTSEpWU2pMNUE9PSIsInZhbHVlIjoiSCsxUFJQbkNtdUZxUEhUNEFoNE9uK2R1SWxsdmxiaHZKZ3NaMXlmaDJiYmcyK3ZqYnRVRm9nVlpGc0haTEMvcXZYSFBFZ2ZtUUdobkhCUGMxOWpuZThkODRVQmUzNDZTMXg0REhlVTVJR0VsVFBVY3dSRzMxMzBXamE0ajdLdU4iLCJtYWMiOiI1N2VkNjEwNjBkMTgxNGY4ZjZhY2EwNGMwNTI2OTkxMDlmN2JiNjExNGU3YTU2ZTk5Y2QzNzAzY2ZjOTFlYzVmIiwidGFnIjoiIn0%3D
appinstallcheck.com/ Name: ogads_session
Value: eyJpdiI6InkwMkNxRFlVU1FyQnl6dHNYT1lMQWc9PSIsInZhbHVlIjoiR2xUVFNNdWdOKzhYSm5tSC95YWNWTHZFMWZsNm9QM3FXbzZCcVJFTWZBd3BjcDNBd2FUZFVMaEhYakpmZ3hxNjNQdFdjbW9VaEY3YzNmMXoxbVVNYXFRb3d2anhDMmM1ZVl1TzhrNFpVUCtZbC9tYUE1S05lQXdpTDhJUlZsVjMiLCJtYWMiOiI3ZDA2OGM1ZjY3YzFlYjM0NmVmZDBmNjllZWRiMDg1NmUxZGFlNWM4ZGI0NjUwNmJjZjQxN2ZkZTBlYjkyYmYzIiwidGFnIjoiIn0%3D
.kayaaku.com/ Name: __gads
Value: ID=9432ac45549bd706:T=1698789231:RT=1698789231:S=ALNI_MZOA6jsqwuWkXP-cZvKkvH-JbZvGg
.kayaaku.com/ Name: __gpi
Value: UID=00000cafa4670e9f:T=1698789231:RT=1698789231:S=ALNI_MbBfhBpgO9KkJ5Cq158WjdCvj3t-Q
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk48XRkZMEGkV9R4FVPc4v_F-YPAYQnSOHi8lH-nuuAERRVfD2rEFag2bbYxA8
.adform.net/ Name: uid
Value: 1312060855582032464
.adform.net/ Name: TPC
Value: 1698789233171
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6nkzTIaikdDLXt7r2peTEmcElwLHIj6mhHXvzQOPbWk8Z43g

3 Console Messages

Source Level URL
Text
network error URL: https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://appinstallcheck.com/fl/eglne
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2124590244.gopeerclick.com
ad.doubleclick.net
ajax.googleapis.com
appinstallcheck.com
bam.nr-data.net
browser.sentry-cdn.com
d1w9uux77ifu8k.cloudfront.net
d266key948fg17.cloudfront.net
d2owpcwl4v0y1p.cloudfront.net
d2yc1amd5aqnhl.cloudfront.net
dby7kx9z9yzse.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.ibb.co
js-agent.newrelic.com
o425163.ingest.sentry.io
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.umj.ac.id
s1.adform.net
s10.histats.com
s4.histats.com
stackpath.bootstrapcdn.com
tiktok.kayaaku.com
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
track.adform.net
103.206.245.71
104.18.11.207
104.20.8.31
104.21.80.172
13.224.98.19
142.250.184.226
142.250.185.99
142.250.186.104
142.250.186.106
142.250.186.110
142.250.186.34
142.250.186.38
142.250.186.66
142.250.186.67
142.250.186.74
142.250.186.98
142.250.74.196
149.56.240.129
151.101.194.137
151.101.194.217
162.19.58.161
162.247.241.14
172.217.16.193
18.155.128.24
18.244.38.39
206.189.58.138
216.239.34.36
23.22.126.183
3.160.185.4
34.120.195.249
37.157.2.229
37.157.5.71
52.222.153.61
01054ae4581776870b0514bfb9607e8764927456f14d8eb6de6ba84f12f9c3d6
051eb808f46b6bf8b86a7bf79aaffb9ae24ed1e37575af1e9661d65902394bc3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
120cb0be75d77196ef6b3813b5a24d23075a6d14dd5cd1b39020b6eb3ebdb6ab
1293e327dbdf9800ed58ef37bc91ff936cd648a95c0a6af10003f674fa8d7c01
17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072
1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
23a6b110bf3d496df2d2ed44ad1c93170f3e916fed5dae3a1166f245b122ef61
2b27500e6769f7a71b4c42fe3e8c3ace3eaeee36d3f72c5e39a93752aeccf055
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
31634d2128e7d2b92f4577e21919d12818c3d4928ff3a4b1f277a61bb3de4f52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3471bf0c767777210306c47b7d315e9858d9eefb881031d7862fb16c0072e8ab
35c777cf63c9c8189de56997beb572f1f190abb4877441d337d83a3c6bcf58c1
36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc
3c5b77212f8a072bea8c4dd0f83598f43552457b2c63715ec6d918149e5ba519
448c9ace7b42876399fabdb9d02253e7be4667b6fdbb8e0a3eeff086754fc164
47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075
486c832ac65d0fa63a637482926d63e6530d2bbfdd7ab3d31f2778e9fdbbb0de
4ef353c6b2f267d332400b83760cb47ee9f6b0b2a426ef2dc63bc63756b5946a
4f58cc2bd405351002d26bca588ccf02ffcc11425c7c307e8e662fddca622a72
503c0fd739e2c69fc08a8112e40b4f97e3affd4177b565f58cf8473bc4833c6c
51e91dd535891502cf4fe61f9c9bc52a9dc9dfcfea1fd3d5ba832028f2dada0a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bc76f1703feecc040bcfb56545d3841cf150e695bcb6b10512ff7eec240b
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5e617211d022e88353ea5637c28e466c30510a13570589e585ef5ebba29eef9c
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7
64de9f1b7d0e4f167e6e6c44549969985e0b446ead529be7309613a9f97e526e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66bb15f6fcefa66403acc1e4bca76dc4d7f1e6b2af365de840198df41f5635b2
6784abf81d7240934f685331ae05983532451aefed416db3480df82dab727cf9
6e2118564a472a59ffc65b8ab10806687dcb18da622d744bd571aa9e7edf582f
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f
735c5ced19acfc830398b83e3a818cf30acecca4826ae79fa3f399c6818599a4
7608f33d3a97c09e60511b9182be66392b2fa01c1529a1211e38be3b8d34663f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
816767f90fc34ec8651157c79b5827c11241b9e6df03c698dc85306cc3daaebf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ffde71b4e674d4177bd611ee2d1f05259e69e02c22572c617c588c1713b9764
90d88f8aa55b847e1a9743196f00bb9e937207a182d009970e63a7b706d0afff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
a1224023a36ef6e2aec7b9250658fb0692a6e9d27fb8b2d12159c04f1da2fab3
a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b
a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e
ac5d8a77925e95fe6ee63ee734cdfa3654d2b835ecd049b9ea7b37eeda662a76
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aeb69c82560a722e264cfed39f63b891e8a809804e61be254fbc41369170e76a
b2d951f1b331c622645082362bb5016ea5544a83ae12c03abd58a647310e87c9
b30086ed2a1bd3cc80e0811114892bd7872edd7f30f058a898fd347aa1555dc0
b3616a1eb9afabc35ea2b49c36216345f926eb57bb4d7270c58f4b27b5a88de8
b738c924d88bfa081ba92cd19edc00070cdc3e6ee073629519c17c91f94e02b3
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
be124713797afd8427e86ce50ac85a20eccd2e24ce23d93de28f6000bedea1f5
be449e563b965308c6a7f6f9ff83247012ab8d55c6d61f602fb4c3ae4445b687
becf40350209fc9399e0f11b5426d4a3da6631e889e29aebb985affca50385fb
c1a14ec22850f3cac16faab017744f1b00b7b98afb854fec400ace5c6dc37c51
cbd3f1835c39a55cbd717d66a49670e7c1e656be6374d65f9ed71f5404262742
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038
ce95c20cfa306c4e3c68c221a21325fa4f04da503ac7c83253eb7162edb51afa
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d5cb293dac75bbe56ec98d8ba5f33f6d1fd82778174220af6d6fc92acc61a51b
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8f2e856c8d7729204f78731e51c1901df0ef7e5266c562ddccb40564cc3d91e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e25a347088e57f8f3c6e6c56cbdd8eafb998a7ff97314cd1d7e27ddbb726f504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444e843ebdc5c2db6b2f136e8ad77b8c2058d8f8435932c1d3ae734e4b9f6cc
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25eb88c419bd04050e076f9ecca33898552cd279b33a21a6f7512c3a4bf7e28
f2c83aa51a9a14329803e75c79a3ef8727216c8a7f4614db3258237442b95db2
f608713ced88152e025aa238e652d97dc52ef3ac6eba0d5cfd63bcd3d9ce4a42
f7af2f5207d2cd3dc7da1b454ca66048f70f38ba5136959783a01f27deab5033
fb612a02563d2753131ec10a8df0bd5ba9dceb7047a2af8393e3b96f8849e887