Submitted URL: http://19216801.one/
Effective URL: https://19216801.one/
Submission: On October 28 via manual from US

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3035::ac43:cd55, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19216801.one.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.
This is the only time 19216801.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
33 19216801.one 1 redirects 19216801.one
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 mc.yandex.ru 1 redirects 19216801.one
4 pagead2.googlesyndication.com 19216801.one
pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.googleapis.com 19216801.one
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 aphycolourses.info 19216801.one
56 12

This site contains links to these domains. Also see Links.

Domain
192.168.0.1
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-16 -
2021-07-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
aphycolourses.info
Let's Encrypt Authority X3
2020-09-15 -
2020-12-14
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
mc.yandex.ru
Yandex CA
2020-09-29 -
2021-03-11
5 months crt.sh
*.googleadservices.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.de
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 7 frames:

Primary Page: https://19216801.one/
Frame ID: 889A9FECBED275E8705E41429A4E8F87
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/zrt_lookup.html
Frame ID: 6FA5CF45312A2385E8DBA84DD7D7B60C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1603899586&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585948&bpp=12&bdt=262&idt=78&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7446935617156&frm=20&pv=2&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=158117790744575&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98
Frame ID: A433ACD43E4F4755C2731A9A0B2CCF21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1603899586&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585960&bpp=5&bdt=274&idt=94&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jorxzx2YCV&p=https%3A//19216801.one&dtd=100
Frame ID: C86A18230D3B2ADC3D8DC8D0C7C63E24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585965&bpp=1&bdt=279&idt=99&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A2h38VVnHH&p=https%3A//19216801.one&dtd=103
Frame ID: 8B170D0B76B49B932DE48EDDFFC34B05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585966&bpp=1&bdt=281&idt=104&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lsE4iG7K9e&p=https%3A//19216801.one&dtd=109
Frame ID: 655F2082AC9DD35070133EEAF18A8964
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: C63762049EC3555390B789A76071E112
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://19216801.one/ HTTP 301
    https://19216801.one/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

56
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

13
IPs

3
Countries

586 kB
Transfer

1861 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://19216801.one/ HTTP 301
    https://19216801.one/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://mc.yandex.ru/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201028163946%3Aet%3A1603899586%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A105678869367%3Arqn%3A1%3Arn%3A290903825%3Ahid%3A861590817%3Ads%3A0%2C16%2C313%2C1%2C252%2C0%2C0%2C218%2C24%2C%2C%2C%2C803%3Afp%3A749%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603899586%3Au%3A160389958643257049%3At%3A192.168.0.1 HTTP 302
  • https://mc.yandex.ru/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201028163946%3Aet%3A1603899586%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A105678869367%3Arqn%3A1%3Arn%3A290903825%3Ahid%3A861590817%3Ads%3A0%2C16%2C313%2C1%2C252%2C0%2C0%2C218%2C24%2C%2C%2C%2C803%3Afp%3A749%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603899586%3Au%3A160389958643257049%3At%3A192.168.0.1

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
19216801.one/
Redirect Chain
  • http://19216801.one/
  • https://19216801.one/
45 KB
9 KB
Document
General
Full URL
https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
d4d545f93382b601f6a701caa6a60eb1c7888e2018cebbdd559b66c9cca5a5ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
19216801.one
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d6a881f5c4801ec6fbc9ec8eff209cf241603899585
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 28 Oct 2020 15:39:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://19216801.one/wp-json/>; rel="https://api.w.org/" <https://19216801.one/>; rel=shortlink
x-powered-by
WordOps
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-download-options
noopen
x-srcache-fetch-status
HIT
x-srcache-store-status
BYPASS
cf-cache-status
DYNAMIC
cf-request-id
0611768b5c000005bb4e114000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fgD37JJqKqcKmwyMaF6lFqBS6epXRIfmyDaoIOSghAfIA553lGbwXRZviME7Dzn7NEYYlr%2FtRh%2BIZ51AQc2C0rYskO7YPcRR68wQH5QL3PULsVLsPcHk37c%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e95c0589d7c05bb-FRA
content-encoding
br

Redirect headers

Date
Wed, 28 Oct 2020 15:39:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6a881f5c4801ec6fbc9ec8eff209cf241603899585; expires=Fri, 27-Nov-20 15:39:45 GMT; path=/; domain=.19216801.one; HttpOnly; SameSite=Lax
Location
https://19216801.one/
X-Powered-By
WordOps
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
X-Download-Options
noopen
CF-Cache-Status
DYNAMIC
cf-request-id
0611768a6500002be96f3f5000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uInsK0NBurAsHzC3qM%2FXTJzyOhKCDelokDSSfU%2BkIpWXka%2BeOpXCgDyjL4KapGZthnv%2FzpJ4Vl2y4TxIrTGEwMYXXa%2BcNYhX2JdH7C7NGkMmxnTVOGpwH30%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e95c0570ee22be9-FRA
style.min.css
19216801.one/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://19216801.one/wp-includes/css/dist/block-library/style.min.css?ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678170
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B1cA4wO4FI796KZqdHuUNyO2LlTfknH30FQ9YGi5pETVntKaa%2FsGbQyZ1EdJKGYd3rkLoAQJH%2B0Bu5ezo6A1APpLfKi8cpmUPjpKhm1rUoqXawr10WwjfDc%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 11 Jun 2020 02:23:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ee195a3-a055"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768c9d000005bb0b908000000001
cf-ray
5e95c05a9bca05bb-FRA
expires
Sun, 08 Nov 2020 05:30:15 GMT
css
fonts.googleapis.com/
10 KB
933 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eff18733558cc973e5248193948e4dfcc37ddff3979a8f01e6a13100c53c7a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 15:39:45 GMT
server
ESF
date
Wed, 28 Oct 2020 15:39:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 15:39:45 GMT
dashicons.min.css
19216801.one/wp-includes/css/
46 KB
28 KB
Stylesheet
General
Full URL
https://19216801.one/wp-includes/css/dashicons.min.css?ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678170
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SAIABScuK6nN3SUn8E152CkCZrJIqADaoZsNO2LB0%2FbGqvd5FhZAUE1uhEs3jG6gMNu7RfJ00GkNJ%2BWMtwDlt6X0IelVrPMfukYiCeAVIYmOeyRPuYB%2B4e8%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 06 Nov 2019 14:47:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc2dd10-b9c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768c9e000005bb408fe000000001
cf-ray
5e95c05a9bce05bb-FRA
expires
Sun, 08 Nov 2020 05:30:15 GMT
simple-grey.css
19216801.one/wp-content/themes/simple-grey/css/
91 KB
16 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678170
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxUczMP5uZ%2FCLzQZoWoM8xPs9ZJ1jXZobr4Zg%2BBpaj4oixrIglW%2F2gAJlZUwWY5Hpx%2FVd0CXz6zzesJwW5nbwq6UnZciTySYD%2Bee4bbTQvxojk5ZOnj8qqY%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-16ca4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768c9e000005bb26ad3000000001
cf-ray
5e95c05a9bd005bb-FRA
expires
Sun, 08 Nov 2020 05:30:15 GMT
default.min.css
19216801.one/wp-content/plugins/tablepress/css/
6 KB
3 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1679631
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xpk9Lnb9MqN0KJYqPDkOamMb%2FmFVh1W4HzNZszC%2Fya1HoOOtEq7%2F0Y5gdsX6qugwGocfJvfgNamWt7X6q91VaeZQJtp6AN3kLs3lcVvCXBUhRRkqWyVzhJc%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 01 Dec 2019 09:04:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de38226-16ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768c9e000005bb4bbaa000000001
cf-ray
5e95c05a9bd105bb-FRA
expires
Sun, 08 Nov 2020 05:05:54 GMT
elementor-icons.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jtmdg86wseaqvdgVUvYm%2BvVKE1mCmS12TKCs9I7zd6eOd%2B9MjAcQzLmAqx2P%2FWFBCqWqaDO6c7rWNAdirijToOtmImM1GeSy13xlVC1hVL%2FC4XgZzAzfexg%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbc-38c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768c9f000005bb1230d000000001
cf-ray
5e95c05a9bd205bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
animations.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kM%2FU4j4b3GBiAw38sH5GANQnLgS6qH8QXNLAzVYv%2Bhhy2P%2BG6EexgjKXKfxHfkHcUxw%2BS8gMss%2FUFTBlVGKWgSFpzZDMEhipu4m1%2FlFFfvE%2FxtxgcbKwC%2FI%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbc-4824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca2000005bb58278000000001
cf-ray
5e95c05a9bd405bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
frontend.min.css
19216801.one/wp-content/plugins/elementor/assets/css/
101 KB
13 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oIb9OAzJkWnA1qHOu8OzN3%2BETqfm7RVciU0idTUY0ypfnrnoPblpGYPHbdFMRGtAW5ne%2FhdWXagqxSlpfA86FK%2FMckND%2B6CSVezwZu%2BVJ4A6cv0q4fobCno%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbd-194d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca3000005bbecaeb000000001
cf-ray
5e95c05a9be105bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
global.css
19216801.one/wp-content/uploads/elementor/css/
4 KB
830 B
Stylesheet
General
Full URL
https://19216801.one/wp-content/uploads/elementor/css/global.css?ver=1573318726
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gixRPcSTqaieXPtxY2WHK7t8yaH0a2d2VNLwG3hz3VTTg2RSlj3mOQNnNdE9VpZ3LlFq8MtLmkc0C%2F21FPb4oKJglvwmsJCscKa0vEiCUSf%2BxkyZhav6cK4%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:58:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6f046-f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca3000005bb4aa3e000000001
cf-ray
5e95c05a9be505bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
post-8.css
19216801.one/wp-content/uploads/elementor/css/
14 KB
1 KB
Stylesheet
General
Full URL
https://19216801.one/wp-content/uploads/elementor/css/post-8.css?ver=1596258357
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2442393
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KLUJjhAHhtt%2FDQrQPBmM8Ysqb3hoo5ndoUp9wdGhwlVku4kSARg5gpdaJ6MgqWFEaCkYrHl3Kh0jApdg2lMEBsGmo4MLgPahifNNUbK2EvLzDY%2BZz%2B6jGBc%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 01 Aug 2020 05:05:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f24f835-39d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca3000005bb3791d000000001
cf-ray
5e95c05a9be705bb-FRA
expires
Fri, 30 Oct 2020 09:13:12 GMT
css
fonts.googleapis.com/
47 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
810bcf37c433416bf09691155966e58f4009692c5920e055c274907ba63ca9cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 14:37:24 GMT
server
ESF
date
Wed, 28 Oct 2020 15:39:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 15:39:45 GMT
jquery.js
19216801.one/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://19216801.one/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2268517
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6yHOqKvbwqTq5ptqnhs3Q7FNHzYY19E92YJFSCquhAiavUaXTlxVKyuivdmdilCGyAzbGa32KWQcj%2B2KQvF3JERdh4C1rXQicc0gwR%2FB%2Fiauo6Jb%2B%2BjChw%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 06 Nov 2019 14:47:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc2dd10-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca4000005bb05b2f000000001
cf-ray
5e95c05a9be905bb-FRA
expires
Sun, 01 Nov 2020 09:31:08 GMT
jquery-migrate.min.js
19216801.one/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
644502
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L3TVWAxeKcQIL1sxvEk1lbFfAUbl852lBLW0zC1bL9z3HJGp5c1LQZcSE4EbipD4c0XLNkd%2F2bQml5tHNYnU0HEzxJpEvgnXZMNe5I9vDIWC5iXF3YosyHI%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 06 Nov 2019 14:47:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc2dd10-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca4000005bb31138000000001
cf-ray
5e95c05a9bec05bb-FRA
expires
Fri, 20 Nov 2020 04:38:03 GMT
sw-6da2e.js
19216801.one/
93 KB
34 KB
Script
General
Full URL
https://19216801.one/sw-6da2e.js
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
189384
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LVt1kIZUMJMLQ0YypgVSSrR5Vlm2x2kPRKvDP1Q%2FfRysmpixCEgl1GBtzO8P2R%2BaUxRUKX7YcD6w8sLhBOMpnuGFMXGuiejj7kIg9dyNs8kZDBulOgXIQsE%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 08 Jan 2020 13:00:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e15d25a-175a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ca4000005bb5b8a4000000001
cf-ray
5e95c05a9bee05bb-FRA
expires
Wed, 25 Nov 2020 11:03:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
131 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4580fddf8ef5cd87458dff74da87d0890fda6e13c868680f019fe25eca68e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45811
x-xss-protection
0
server
cafe
etag
10250443909199195782
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 15:39:45 GMT
internet-speed-1.jpg
19216801.one/wp-content/uploads/2019/11/
6 KB
6 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/internet-speed-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30578031
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZC%2FNmTV7CCvi4ypSIP0gg8CV59IQcBChAoE5hjpm2XVHsyranrKqcI2wztwfowOLDd%2BwWlo1GgGeey5xfLqq3zZ68pzW4%2Fj91lGoGVcCCVIuj6e2rBRSVe0%3D"}],"group":"cf-nel","max_age":604800}
content-length
5981
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 17:19:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc6f507-175d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce1000005bb4bbb4000000001
accept-ranges
bytes
cf-ray
5e95c05afd0a05bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
isp-throttling-1.jpg
19216801.one/wp-content/uploads/2019/11/
2 KB
3 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/isp-throttling-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4272019
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vvaqUMl447olOLehBmbWdEqhqQ4lqyfuU6%2F5Ho8D76vk3YvBLTFsNXi8C5vHdZPBUypYbl%2FedZas74IOaG4O5P%2FOJt1oRKPmyyM0SmFqRQbnK%2By1i8kM7%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-length
2352
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 17:19:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc6f509-930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce1000005bb1a882000000001
accept-ranges
bytes
cf-ray
5e95c05afd0c05bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Speed-Test-1.jpg
19216801.one/wp-content/uploads/2019/11/
6 KB
7 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/Speed-Test-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30410776
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r1cBgp%2FNWEU4vwYj4D3baewACRi6JUA40TxMegj58Zkz5rIdRrpRfzVCha%2Flxl22pIibF7dsEBSNa2wHCuqHywGh9nNcMJ7R%2FksQTN6SNpFndHhcWMBc5Wo%3D"}],"group":"cf-nel","max_age":604800}
content-length
6473
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 11 Nov 2019 15:45:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc9821f-1949"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce2000005bb0b910000000001
accept-ranges
bytes
cf-ray
5e95c05afd0d05bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
wifi-1.jpg
19216801.one/wp-content/uploads/2019/11/
4 KB
5 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/wifi-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
20382716
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sRpQXKJb5%2FBw0XkaRdwA7tmmPsL2C5bcODCFX%2FJzF2ZYFsNCT37kZCpIIFb4SrHU31zyc9oybIlLEjoeGmfm%2FlDx39PgXUaEimjP7LoM8H%2BVBFzQSHm3mlY%3D"}],"group":"cf-nel","max_age":604800}
content-length
4179
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 17:19:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc6f50b-1053"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce2000005bb12bed000000001
accept-ranges
bytes
cf-ray
5e95c05afd0f05bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
privacy-1.jpg
19216801.one/wp-content/uploads/2019/11/
2 KB
3 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/privacy-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30578031
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XJwWkAoqdJK%2FYs1LqI3eGdEOKj3TZeU9hRvAKKyr1Y2DK7GxU2KW3NRNOF97%2F4I41%2FkkSftUo5xzEMeSCIZ9HU54HwWCMnUAldwH8gKWPbGYn%2FHwSWTIyxo%3D"}],"group":"cf-nel","max_age":604800}
content-length
2505
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 17:19:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc6f50a-9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce2000005bb4e150000000001
accept-ranges
bytes
cf-ray
5e95c05afd1105bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Movie-Streaming-1.jpg
19216801.one/wp-content/uploads/2019/11/
6 KB
7 KB
Image
General
Full URL
https://19216801.one/wp-content/uploads/2019/11/Movie-Streaming-1.jpg
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30410776
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dmfuSGEQMYFSpHrB8g%2FuXnZAuVTWppxcze26gMCwlCZ6ctbTl0xAvsZ4aA3ruPhkBPbLd8zlpP8fHN2kJG0s7b8Uy08kw8vmzIjyJp6pSS9cEZC0Kn5Vjqo%3D"}],"group":"cf-nel","max_age":604800}
content-length
6441
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 11 Nov 2019 15:45:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5dc98221-1929"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000, no-transform
cf-request-id
0611768ce2000005bbde8e3000000001
accept-ranges
bytes
cf-ray
5e95c05afd1305bb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation.js
19216801.one/wp-content/themes/simple-grey/js/
1 KB
748 B
Script
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2268517
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hU%2BONvJ4PoUJyPUfpNR53thwaPg6yTzYQVKlOiJS4pvKjnIugtM61blYtpMVFS7%2BJ960eXVyysyBpOzQmI6Vn66gR6zuK8cX5gUSuG5rqdRZA8BoMPfcaQ8%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ccb000005bb051aa000000001
cf-ray
5e95c05adca905bb-FRA
expires
Sun, 01 Nov 2020 09:31:08 GMT
skip-link-focus-fix.js
19216801.one/wp-content/themes/simple-grey/js/
650 B
597 B
Script
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1587539
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EyJHwBoeg3CS3IGinqqp4PQhJKiT7A%2B0Q%2F%2BJxMBeSZf%2Ff3IMS8kFqVEklHG%2B9oEtS5XPuUcPx768vvHLJ51Jp%2BCmGjuN8VYZObDiw9sGyVHxu2QrFERljYo%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-28a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768cd7000005bb559be000000001
cf-ray
5e95c05aeccf05bb-FRA
expires
Mon, 09 Nov 2020 06:40:46 GMT
oembed-adjust.js
19216801.one/wp-content/themes/simple-grey/js/
455 B
594 B
Script
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2104232
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GPh0QJFSqy09eKa5xB%2BrL06ajhOtmeYUsrsrG3s5puyZzaorOs2kWfb08Ji64xXMQog2qFUqBvLPF2kXWKBmSFBKMdTGloNx1keX2KHViMBsAX19Hk715BE%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-1c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce3000005bbe13b0000000001
cf-ray
5e95c05afcf705bb-FRA
expires
Tue, 03 Nov 2020 07:09:13 GMT
accessibility.js
19216801.one/wp-content/themes/simple-grey/js/
569 B
562 B
Script
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
816335
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Spi7L66QaqajKV694A6DpCWLjEg32lCiJkN4PJax0cnze5nOMFWl3vaFo2O8tmiv5do8t4Wka2j365nB4mdZlu%2BIHvmMPN1Ts4%2Bwk9rZ5%2FHLXIZ9C52Udrg%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-239"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce0000005bbd58f6000000001
cf-ray
5e95c05afcf905bb-FRA
expires
Wed, 18 Nov 2020 04:54:10 GMT
wp-embed.min.js
19216801.one/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://19216801.one/wp-includes/js/wp-embed.min.js?ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678170
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sl2Ei56jFhvCNqVFnEq1a5FnPHKjwluCuvmm%2FafnigLGie6BvajsJB4Og9qUb99g7YYVG%2F6yILh5oufvWjwl5l2r6s8FsRC05yP%2FY%2B20KqNqHs0qSM0bqgI%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 01 Dec 2019 09:04:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de38209-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce0000005bb4aa45000000001
cf-ray
5e95c05afcfa05bb-FRA
expires
Sun, 08 Nov 2020 05:30:15 GMT
frontend-modules.min.js
19216801.one/wp-content/plugins/elementor/assets/js/
46 KB
13 KB
Script
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HjA0VBPX7GH5lrKWV7g1XjFojCWkEYrsE6491vHggioBZjiFyrX9u19cnAeePNQKmxm7d7q9nJYOhrGjY8j0WhoLZq5humJQRd5ztz%2BC0lahTxSj7muJGXQ%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbd-b82f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce0000005bb051ab000000001
cf-ray
5e95c05afcfb05bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
position.min.js
19216801.one/wp-includes/js/jquery/ui/
6 KB
3 KB
Script
General
Full URL
https://19216801.one/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6G%2BkGIX59mHTY9QFs3tXU7XK7ZXJ8quu9DmoF9lNmJWok3m9IeagHp8Jhvu3AemthJCHomSZ9b1O3J%2Bxlv0jJcSL0S8%2BJ0cO6PEK19KM7%2FZBf%2FON%2Bzibu2Q%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 01 Dec 2019 09:04:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de38209-1952"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce0000005bbeb1bd000000001
cf-ray
5e95c05afcff05bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
dialog.min.js
19216801.one/wp-content/plugins/elementor/assets/lib/dialog/
10 KB
4 KB
Script
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tzx%2FZm8lq9N7yQ3d1TEaslIzZ8gWO%2FRJ2WcG1EI7DHvv8lAbGYgQqWwdUjE9voD8WOWfyCI1o9%2BB1ZRquNieIYFfc%2F0hwsq9jX3k%2FJEWXGKbVVUMdNYP5m0%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbd-29b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce2000005bb2fb34000000001
cf-ray
5e95c05afd0205bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
waypoints.min.js
19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2049095
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bl3jxkoizCuXQN%2BueSPfWEIR7hgK2597xTWIgOl2ArxaQN%2FWS4hxMPiWHnTkE6PGZgQvw0RaXp9DktzvB6yboSStO19DNDHVC6JCxcwvUc7Ucs%2FmZR5ESLA%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbc-2fa6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce1000005bb3ba40000000001
cf-ray
5e95c05afd0405bb-FRA
expires
Tue, 03 Nov 2020 22:28:10 GMT
swiper.min.js
19216801.one/wp-content/plugins/elementor/assets/lib/swiper/
123 KB
31 KB
Script
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1675356
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uNz3%2Bgvh2ApmGjUUF%2Fid9SykJwlT8FS3cZgrPpT9LeuPt2LkV4Fd0G6zPUaQgQ%2FdW9iC8m66xlaV724pr2XstsZCXGnA9kBLOjzN8bG9YCtg3P3peBIDmf0%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbd-1ea8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce1000005bbed223000000001
cf-ray
5e95c05afd0605bb-FRA
expires
Sun, 08 Nov 2020 06:17:09 GMT
frontend.min.js
19216801.one/wp-content/plugins/elementor/assets/js/
92 KB
23 KB
Script
General
Full URL
https://19216801.one/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2047566
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IxqRxBFJJUQczHznH7ZYoJCxJ8QYtVlT2TPQ3Kk%2FhuCH3ZG%2BmxFlqEL9J93P73nMSglp8LT2l095wfaWaBxh7ub0RrN3BJRQme1LlCRp3z%2BtvhDL7gWPupU%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sat, 09 Nov 2019 16:56:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc6efbd-16f43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce1000005bbf228f000000001
cf-ray
5e95c05afd0705bb-FRA
expires
Tue, 03 Nov 2020 22:53:39 GMT
wp-emoji-release.min.js
19216801.one/wp-includes/js/
14 KB
4 KB
Script
General
Full URL
https://19216801.one/wp-includes/js/wp-emoji-release.min.js?ver=5.3.4
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678170
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nGir%2F0ccWhA8QvixRWtbnxUOXe%2FjSs%2BM%2BMZyXYyq8fod%2F1vlJP4yAxQohLRpsvgZh6ku90qYTgqZvIjB7cISx7bRVb5uXAV9GoDQ%2Fap0u0x2nQqR6SAg6M%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 01 Dec 2019 09:04:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de38209-362a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce3000005bb58280000000001
cf-ray
5e95c05afd1405bb-FRA
expires
Sun, 08 Nov 2020 05:30:15 GMT
style.css
19216801.one/wp-content/themes/simple-grey/
661 B
710 B
Stylesheet
General
Full URL
https://19216801.one/wp-content/themes/simple-grey/style.css?ver=1.6.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordOps
Resource Hash
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
816119
x-powered-by
WordOps
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=naLk2g20tI0VrRRejzbAtREiX5JGGx9uCtwWN2zz1SEixGIlEC6QvTH%2FyGTNuMAeiMp2GrhAfwtq%2F6BfBI8%2F2BV1HSgN2KljxiPlrk%2B1qhkdhDX32YChl%2FU%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 09 Sep 2019 16:59:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d76850c-295"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-request-id
0611768ce3000005bb12318000000001
cf-ray
5e95c05afd1505bb-FRA
expires
Wed, 18 Nov 2020 04:57:46 GMT
aDF2cWETEwUGPh1DGlNbSlkCBREbC1leUFEDR0dZWABYHg8NHgUGTF5VF0MERlsFU01KQhsXQ1IAWlMVCVYpGAVKC1RJU1oCR0RDRBMFBAM3WBJDQ1ITQ0dTXFJAQwVFCU5EV0UFRUMARVBOEgRFA0RAUlsFRRAAWwkVUxw
aphycolourses.info/
38 KB
16 KB
Script
General
Full URL
https://aphycolourses.info/aDF2cWETEwUGPh1DGlNbSlkCBREbC1leUFEDR0dZWABYHg8NHgUGTF5VF0MERlsFU01KQhsXQ1IAWlMVCVYpGAVKC1RJU1oCR0RDRBMFBAM3WBJDQ1ITQ0dTXFJAQwVFCU5EV0UFRUMARVBOEgRFA0RAUlsFRRAAWwkVUxw
Requested by
Host: 19216801.one
URL: https://19216801.one/sw-6da2e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.144.3.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-3-29.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e0f4acc9562fe563efbb6d8b5158cbe56bcaaf2876674352751998cfc87cf192

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"9616-UPrLOVKOmY9N2jPRP4bOv1fPSes"
status
200
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://19216801.one
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
15551
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:34 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://19216801.one
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
15550
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:35 GMT
memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://19216801.one
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:21:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:46 GMT
server
sffe
age
15500
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9684
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:21:25 GMT
tag.js
mc.yandex.ru/metrika/
368 KB
94 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:46 GMT
content-encoding
br
last-modified
Wed, 28 Oct 2020 09:35:38 GMT
status
200
etag
"5f99377f-175fc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
95740
expires
Wed, 28 Oct 2020 16:39:46 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49a44824c3371216dcba3e1089ed5cda6fce27c200e23ea43c840b85b7837eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88453
x-xss-protection
0
server
cafe
etag
643044372586169514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 15:39:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/ Frame 6FA5
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201022/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 28 Oct 2020 00:42:09 GMT
expires
Wed, 11 Nov 2020 00:42:09 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
53856
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
202 B
627 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=19216801.one&callback=_gfp_s_&client=ca-pub-4812870882449745
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
2cabdeb14795a9e53fa669212b3b7854154a7db308a6d2506c9bc08cd42385a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
832 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=19216801.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 15:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
246 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=19216801.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 15:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A433
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1603899586&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585948&bpp=12&bdt=262&idt=78&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7446935617156&frm=20&pv=2&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=158117790744575&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1603899586&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585948&bpp=12&bdt=262&idt=78&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7446935617156&frm=20&pv=2&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=158117790744575&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 15:39:46 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 15:54:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Oct 2020 15:39:46 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 15:39:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C86A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1603899586&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585960&bpp=5&bdt=274&idt=94&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jorxzx2YCV&p=https%3A//19216801.one&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1603899586&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585960&bpp=5&bdt=274&idt=94&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jorxzx2YCV&p=https%3A//19216801.one&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 15:39:46 GMT
server
cafe
content-length
12689
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 15:54:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Oct 2020 15:39:46 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8B17
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585965&bpp=1&bdt=279&idt=99&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A2h38VVnHH&p=https%3A//19216801.one&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585965&bpp=1&bdt=279&idt=99&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A2h38VVnHH&p=https%3A//19216801.one&dtd=103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 15:39:46 GMT
server
cafe
content-length
12598
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 15:54:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Oct 2020 15:39:46 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 655F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585966&bpp=1&bdt=281&idt=104&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lsE4iG7K9e&p=https%3A//19216801.one&dtd=109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15928425126716118450/300x250/telekom_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15928425126716118450/300x250/telekom_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIXI1sjP1-wCFRBH4Aodb34OoQ&gqi=wpCZX72aBeS5lQfZ2J2gCg&layout=/sadbundle/%24csp%253Der3%24/15928425126716118450/300x250/telekom_300x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1603899586&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603899585966&bpp=1&bdt=281&idt=104&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=7446935617156&frm=20&pv=1&ga_vid=1182720904.1603899586&ga_sid=1603899586&ga_hid=1401174058&ga_fc=0&iag=0&icsg=2409917604429823&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20207459%2C21066428%2C21066706&oid=3&pvsid=2403067876878005&pem=822&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lsE4iG7K9e&p=https%3A//19216801.one&dtd=109
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15928425126716118450/300x250/telekom_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15928425126716118450/300x250/telekom_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIXI1sjP1-wCFRBH4Aodb34OoQ&gqi=wpCZX72aBeS5lQfZ2J2gCg&layout=/sadbundle/%24csp%253Der3%24/15928425126716118450/300x250/telekom_300x250.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 15:39:46 GMT
server
cafe
content-length
30099
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 15:54:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Oct 2020 15:39:46 GMT
cache-control
private
1
mc.yandex.ru/watch/55749736/
Redirect Chain
  • https://mc.yandex.ru/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
  • https://mc.yandex.ru/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136261...
186 B
268 B
XHR
General
Full URL
https://mc.yandex.ru/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201028163946%3Aet%3A1603899586%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A105678869367%3Arqn%3A1%3Arn%3A290903825%3Ahid%3A861590817%3Ads%3A0%2C16%2C313%2C1%2C252%2C0%2C0%2C218%2C24%2C%2C%2C%2C803%3Afp%3A749%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603899586%3Au%3A160389958643257049%3At%3A192.168.0.1
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
42b1c5df052a798ad9ec3e9c2a1047ca9ab1dd175f5d2d1a3c00420b34c8dea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 15:39:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 28-Oct-2020 15:39:46 GMT
status
200
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://19216801.one
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Wed, 28-Oct-2020 15:39:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Oct 2020 15:39:46 GMT
last-modified
Wed, 28-Oct-2020 15:39:46 GMT
status
302
location
/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603899585101%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201028163946%3Aet%3A1603899586%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A105678869367%3Arqn%3A1%3Arn%3A290903825%3Ahid%3A861590817%3Ads%3A0%2C16%2C313%2C1%2C252%2C0%2C0%2C218%2C24%2C%2C%2C%2C803%3Afp%3A749%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603899586%3Au%3A160389958643257049%3At%3A192.168.0.1
access-control-allow-origin
https://19216801.one
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 28-Oct-2020 15:39:46 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: 19216801.one
URL: https://19216801.one/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:46 GMT
last-modified
Tue, 27 Oct 2020 20:32:40 GMT
status
200
etag
"5f97e563-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 28 Oct 2020 16:39:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201022&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c4c5cdced3a80194f5eab7dbe3a5846dd66e4c1a2092267af49ba92c52e585f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 15:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6633
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 15:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 15:39:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame C637
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://19216801.one/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://19216801.one/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 15:16:38 GMT
expires
Thu, 28 Oct 2021 15:16:38 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1389
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
663 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201022&jk=2403067876878005&bg=!_v2l_d3NAAVp0lmVaVh8dhZIHCK6DgIAAAB7UgAAABUKAKh0FXpZeE4tBZ0MAGM_plfrtYAa3GR-OEZPhBxiR6eNQ443uDd_MS8hNVrQhz5enhM_x-Ma1lxeBNLMYlCGL2vxxAd59zg9xirX5IJYi42AipToN3UzUZCSHpMUgWiaJnbdafvWriDDhksQaTuXK0x2Hmg1hE1ewwjpi7bd27w-Xh8gkw9Ae4SCo5mxWVdLEq2Gyk0fRxqFrRToWAIoYPCYoOScY5QyeyeZAbWVXw7p5nTRwFnLUa6lE7HiCiRw1X81h9g4a__Nnn40PbOE_f3RcOG5Z5ZzFrlFQx5F0DSb4q_66e7cPj9R_ZHJAAvlpj6ESN16MMwEjelQ8GfvJgHo5umCQMNvDrOKHuWYmpu3OXHjaPh9zoPlRX-Glu99hlGjkfSnFrtsY8uSoq81ue7JXAC6gSMFNdrvJ2acybpvxcBZy6Xx10tCl8p1Pqo-uFL2_EhrEyehWW4fXuooOns1IaU2vKdo-x05cS5GbCR26-vKyimbjHhDfCwDGozaEWGYNP2EoPNtEGr-jOf3taBKcrUEcCX1jGaQt8M57z93njqlE30EOSdTJAG7UYbh5Hp53M4GBo8wPujFE74-y0G7cgPmX6nKIPqgsuxNLhak3HX4ZOvKBVQFGLMC2QnffRzAX4cLGzQlK6PmOka_Y0MAS5ddT4JPLkr73AuVptXglXeGtIKjTxQ4MQU8icuhvkefGoTLJ90YE1vYaOeKSHWE4nQpffRho0lz_LKLhv8pRw-YSdMl9ajHyfHx6GZA85VxnIBZ_-_cDUlJdwRUdOhEH2nt5or2cMxIcftlZ0xkvQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19216801.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 15:39:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery function| s function| e1GG function| K1GG function| x5dd string| r6II object| adsbygoogle function| ym object| wp object| __core-js_shared__ object| core object| elementorModules object| DialogsManager function| Waypoint function| Swiper object| elementorFrontendConfig object| jQuery112408192338164690478 object| elementorFrontend object| twemoji object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Ya object| yaCounter55749736 function| T400 function| o800 object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUl5Q-dBcE6onCvqDOoQo8JvkSWbo4TyEdHEvNLzRXGmgFP6bGUdAHhUZbsN
.doubleclick.net/ Name: DSID
Value: NO_DATA
.19216801.one/ Name: _ym_isad
Value: 2
.19216801.one/ Name: __gads
Value: ID=38d2011faa4693aa-22464d8259a60045:T=1603899586:RT=1603899586:S=ALNI_MbUD_Yn6Rul04FMLfm-IwZNchuR1A
.19216801.one/ Name: _ym_d
Value: 1603899586
.19216801.one/ Name: _ym_uid
Value: 160389958643257049
.19216801.one/ Name: _ym_visorc_55749736
Value: w
.19216801.one/ Name: __cfduid
Value: d6a881f5c4801ec6fbc9ec8eff209cf241603899585

1 Console Messages

Source Level URL
Text
console-api log URL: https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19216801.one
adservice.google.com
adservice.google.de
aphycolourses.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.googletagservices.com
216.58.212.162
2606:4700:3035::ac43:cd55
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:815::2003
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2002
2a02:6b8::1:119
54.144.3.29
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
2cabdeb14795a9e53fa669212b3b7854154a7db308a6d2506c9bc08cd42385a6
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
3c4c5cdced3a80194f5eab7dbe3a5846dd66e4c1a2092267af49ba92c52e585f
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
42b1c5df052a798ad9ec3e9c2a1047ca9ab1dd175f5d2d1a3c00420b34c8dea0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a44824c3371216dcba3e1089ed5cda6fce27c200e23ea43c840b85b7837eaf
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
810bcf37c433416bf09691155966e58f4009692c5920e055c274907ba63ca9cd
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
b4580fddf8ef5cd87458dff74da87d0890fda6e13c868680f019fe25eca68e8a
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
d4d545f93382b601f6a701caa6a60eb1c7888e2018cebbdd559b66c9cca5a5ff
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0f4acc9562fe563efbb6d8b5158cbe56bcaaf2876674352751998cfc87cf192
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
eff18733558cc973e5248193948e4dfcc37ddff3979a8f01e6a13100c53c7a60
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c