19216801.one Open in urlscan Pro
2606:4700:3032::6815:1693 Public Scan

URL:
https://19216801.one/
Submission: On April 07 via manual (April 7th 2021, 10:41:00 pm UTC) from BR

Summary HTTP 95 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3032::6815:1693, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19216801.one.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time 19216801.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3032::6815:1693	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	34.196.151.230 34.196.151.230	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
95	17

32 2606:4700:3032::6815:1693 (United States)

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.151.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-151-230.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	19216801.one 19216801.one	269 KB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	267 KB
10	doubleclick.net googleads.g.doubleclick.net	74 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	137 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	googleapis.com fonts.googleapis.com	4 KB
2	seadform.net track.seadform.net
2	google.com 1 redirects adservice.google.com www.google.com	292 B
2	yandex.ru 1 redirects mc.yandex.ru	69 KB
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	398 B
1	aphycolourses.info aphycolourses.info	45 KB
95	13

	Domain	Requested by
32	19216801.one	19216801.one
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	19216801.one pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects 19216801.one
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	19216801.one googleads.g.doubleclick.net
2	track.seadform.net	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects 19216801.one
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aphycolourses.info	19216801.one
95	16

This site contains links to these domains. Also see Links.

Domain
192.168.0.1

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
aphycolourses.info R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://19216801.one/
Frame ID: 9A5197E0A304032506C2FA4011F781F5
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/zrt_lookup.html
Frame ID: CF02F5669EB8360005F035E9AC8ECCD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1617835241&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617835241573&bpp=11&bdt=306&idt=104&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1282550781380&frm=20&pv=2&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: D718FC17AA195A8E79D958958BEF610F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1617835241&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617835241585&bpp=3&bdt=317&idt=123&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZuQa7iRDzw&p=https%3A//19216801.one&dtd=130
Frame ID: 20A61F6307DA38ABA97668C33A58E5C9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241588&bpp=1&bdt=321&idt=134&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=32cwZf5T2p&p=https%3A//19216801.one&dtd=138
Frame ID: 14E62320283A1A8E3DD8B16C4B414D0F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144
Frame ID: 94E8B8A5C5F9080F1F0494718D4356EB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A5F31B443B58EF517B2B158461E704B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Frame ID: 44E10B07EDB0EA06ECD5CDBA5C09284E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Frame ID: 51DC1938F74A39601CC35CCDC3A2008A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Frame ID: 49EA6AE689DE3524B80B1754D58C6A0B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5F10540AEB9972D187693E790294571A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

95
Requests

100 %
HTTPS

82 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1001 kB
Transfer

2721 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1 Admin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9236.4xiHAG2-udWjoTrnvne6J9FWIuIDo8UBwuakYLGHyZLf1UZ-f_NGcemLPmbFr3Wv.7wc2WLnlRx95y7Agvcd7nJzqOHc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9236.28LxbOLlvOVl5nvySby7ZThRDGlbh8nWLQyNUyoqif9eshW_PlhwuYCnZQKopW9qPp85sswMT0feSrCsqzv_kw%2C%2C.5E-hppGt-G_PgpnNwMOwuTRwKnA%2C

Request Chain 51

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A68866612797%3Ahid%3A477852563%3Az%3A120%3Ai%3A20210408004041%3Aet%3A1617835242%3Ac%3A1%3Arn%3A50682428%3Au%3A1617835242846232282%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617835240941%3Ads%3A33%2C15%2C269%2C13%2C0%2C0%2C%2C256%2C27%2C%2C%2C%2C583%3Adsn%3A33%2C16%2C269%2C13%2C0%2C0%2C%2C252%2C26%2C%2C%2C%2C584%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617835242%3At%3A192.168.0.1 HTTP 302
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A68866612797%3Ahid%3A477852563%3Az%3A120%3Ai%3A20210408004041%3Aet%3A1617835242%3Ac%3A1%3Arn%3A50682428%3Au%3A1617835242846232282%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617835240941%3Ads%3A33%2C15%2C269%2C13%2C0%2C0%2C%2C256%2C27%2C%2C%2C%2C583%3Adsn%3A33%2C16%2C269%2C13%2C0%2C0%2C%2C252%2C26%2C%2C%2C%2C584%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617835242%3At%3A192.168.0.1

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

95 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
19216801.one/ 45 KB
9 KB 319ms
270ms Document
text/html 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

4c709d353175b6c48bde05e424d53d0b9263079e3dffb1ba0a8fa882b336ca5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 19216801.one
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d50afbbf8618795349a51817f6d9c48b51617835240; expires=Fri, 07-May-21 22:40:40 GMT; path=/; domain=.19216801.one; HttpOnly; SameSite=Lax
vary: Accept-Encoding
link: <https://19216801.one/wp-json/>; rel="https://api.w.org/" <https://19216801.one/>; rel=shortlink
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
cf-cache-status: DYNAMIC
cf-request-id: 095017c62000004e92b9ab2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T81ovsjdC%2B119MHr6QEwr5%2F%2BGqos%2F%2BEvg9ZYbk0jWskyR8w0Ll972oJE%2B3XjquRf7a0esYOjly6lyoHvZ1Myqs7MeNvLyT90b1RdI%2FFZ4l86lYpj5um90WM%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63c6c2503cbb4e92-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
19216801.one/wp-includes/css/dist/block-library/ 40 KB
6 KB 28ms
18ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 309795
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GyD01LldaN5krbEa5kekB9lTY587nD%2F6eikdQQRaZirT9LRJxYdoUwZzHbwQRbvXF5wSruB%2Frf2qMezXDapDSXp087Z0h4pR4rlDYUeHZfsNwGwLxEe92%2B0%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 11 Jun 2020 02:23:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ee195a3-a055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74600004e92d4064000000001
cf-ray: 63c6c2520f174e92-FRA
expires: Tue, 04 May 2021 08:37:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
880 B 25ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

785166fb3c9caaa106a7d5cff782a6aef2f3d32bc82688f19b1c82ef8b33bbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 21:40:01 GMT
server: ESF
date: Wed, 07 Apr 2021 22:40:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Apr 2021 22:40:41 GMT

GET
H2 200 dashicons.min.css
19216801.one/wp-includes/css/ 46 KB
28 KB 20ms
11ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dashicons.min.css?ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y5uko%2BEe0bSoTfdY33gxVU%2FaEC%2BeaRBe2vDosg4VJpP7lOqjpBTboXHnkIbFAx4B96Vehrz2YZvzdy7OOKG8AB%2FVILM6oS7exroeCwQ%2FQ0j5mTceFNkWNFs%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc2dd10-b9c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74700004e929a3fb000000001
cf-ray: 63c6c2520f1a4e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 simple-grey.css
19216801.one/wp-content/themes/simple-grey/css/ 91 KB
16 KB 27ms
18ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 156328
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Av%2FPLXPFDYUEA2eqzjXVm3pPnxV8nn2qWvuAPaB3wrDgu0GW1WkBYLM2S907ZqpOOSy1ZZwA6NCIktJURQUfkyIIfsq855s7BuV%2BVg0wXJ1YGT%2BUklhb4X0%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-16ca4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74800004e928b341000000001
cf-ray: 63c6c2520f1b4e92-FRA
expires: Thu, 06 May 2021 03:15:13 GMT

GET
H2 200 default.min.css
19216801.one/wp-content/plugins/tablepress/css/ 6 KB
3 KB 28ms
19ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/tablepress/css/default.min.css?ver=1.10

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1580723
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ovw0BniESXWE7rlHk%2FTiBOskg0GdmvBcrGAvcX0px3UhhTc5mXKSqVo2nOsNSnpKQsktcG5QtzjW27a8TWHyD10We2WX7bkGFbvEiBPfH4mm8k4aZGM7Xno%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de38226-16ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74900004e92e22f9000000001
cf-ray: 63c6c2520f1e4e92-FRA
expires: Mon, 19 Apr 2021 15:35:18 GMT

GET
H2 200 elementor-icons.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/ 14 KB
3 KB 28ms
20ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 328586
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dHMhymzMbYOX610MGbUQG%2FdeDdCKnVB1E8ydZ4nIDDt7JGXcSTzlj0dPetcQKuXlOA%2FTtzjYpkk8P43CwDzLjMpSXBW7dx2KUetx1JjEFsaJ1WrrY2P06bc%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-38c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74800004e92f28ef000000001
cf-ray: 63c6c2520f204e92-FRA
expires: Tue, 04 May 2021 03:24:15 GMT

GET
H2 200 animations.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 20ms
12ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1884446
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CDMquGLM1nxPa2DOy241TexUF9ULFcRkAQVHErgNyeuW3BZOFP5hJNEuwIZs9Dkj%2FyI8hTke1PqFhWiCApCfesGKU5ow7hb52%2FMdDmZlNVgEaQNaA2jjh3w%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-4824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74800004e92db222000000001
cf-ray: 63c6c2520f214e92-FRA
expires: Fri, 16 Apr 2021 03:13:15 GMT

GET
H2 200 frontend.min.css
19216801.one/wp-content/plugins/elementor/assets/css/ 101 KB
14 KB 28ms
21ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 856808
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WqAQsIRKFb11CMshciiPKykh3iQI9RiaQaSJY7Dctj497GUQQWMSuPaLixtccifye5gt3R%2Ft9vKbaWKcN6rG2fwoWjcRNqi8%2BniZ9HmYusZgtsnZ%2BxKwV08%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-194d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74900004e92e1817000000001
cf-ray: 63c6c2520f234e92-FRA
expires: Wed, 28 Apr 2021 00:40:33 GMT

GET
H2 200 global.css
19216801.one/wp-content/uploads/elementor/css/ 4 KB
842 B 19ms
12ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/global.css?ver=1573318726

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1884291
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8itSukiIVEqoRXOy%2FiH2cjTfapCRUajkjawukiaRABT66ZMc%2FbZJMvCcLNoqocVQtyAo3B6EaeQm7G4XVMhooZ4WXSIs1tkvxThnOBhHGltZN6vYo7yeFEY%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:58:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6f046-f0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74900004e92b51c6000000001
cf-ray: 63c6c2520f244e92-FRA
expires: Fri, 16 Apr 2021 03:15:50 GMT

GET
H2 200 post-8.css
19216801.one/wp-content/uploads/elementor/css/ 14 KB
1 KB 19ms
13ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/post-8.css?ver=1596258357

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2571324
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ESW8v5lbGUEP3xLA9jtV92DoQH%2FMA0LNPBUfFZrkVaKCYsYSyX5SCLdw5mInUJbYRIN0Yt4KCm%2B1B7CAHvbGOrk2o29GR%2F2YEc3U5tQv5cPnZOHORmylvjI%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 01 Aug 2020 05:05:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f24f835-39d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74900004e92c21f5000000001
cf-ray: 63c6c2520f254e92-FRA
expires: Thu, 08 Apr 2021 04:25:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 26ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 21:07:42 GMT
server: ESF
date: Wed, 07 Apr 2021 22:40:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Apr 2021 22:40:41 GMT

GET
H2 200 jquery.js Show response
19216801.one/wp-includes/js/jquery/ 95 KB
32 KB 27ms
22ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oCc90BuaqiSkIUVXOuLJvVjEPoKRStRoMZgQoYyZK%2FMEPMAyTBXM4uYgxl15lt60gTntSo%2FQZ0craEeY84uHGDk2%2BMiM5djZecgmyTL6q0HoPt%2FGnO%2BbbyU%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc2dd10-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74a00004e9297bf5000000001
cf-ray: 63c6c2521f264e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
19216801.one/wp-includes/js/jquery/ 10 KB
4 KB 21ms
17ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2492782
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VvIZXMby4sLTX8ZhRcgUssdSjY6GKFGb5N6NRB4ARdRcO5ZgRoe8XZyRN61hh8Pe5BH22Jh9SQY0hb5J8OUoPQ%2B%2Fy6%2FOc56Qj5%2FHJgVyBb4PfPBP72K0M1s%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc2dd10-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74a00004e92a7377000000001
cf-ray: 63c6c2521f274e92-FRA
expires: Fri, 09 Apr 2021 02:14:19 GMT

GET
H2 200 sw-6da2e.js Show response
19216801.one/ 93 KB
34 KB 27ms
24ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/sw-6da2e.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Nf2BAJUr%2FBRULYQ3gTS7tMryQC2k3c9JN2KcSrQlHCfo6Cd5s0Hrm3A1wqPbKZ7GkXmNMm3azBXEf2w7NMIAgC%2BtpsrqCBteum%2FfDaQ%2FlQ6hLEv7TSdeGE%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 08 Jan 2020 13:00:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e15d25a-175a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c74a00004e928fad1000000001
cf-ray: 63c6c2521f284e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b2a0f1e86abfa08804e22ecd2cfe7ab2eeb6a904776d873975814f19801fe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47973
x-xss-protection: 0
server: cafe
etag: 14156890614107234780
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Apr 2021 22:40:41 GMT

GET
H2 200 internet-speed-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
6 KB 13ms
11ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/internet-speed-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9662210
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2UmEUc7%2BJwPJ7CH%2FVx%2F3C3g1djktvprwNpnLKeW7EHGb%2FKRq%2Bp6wV38zle11aGmxabPcRqQtUioP9ZoAcZM9P8Gk5Z7ImzoitxfUrSdLU10HwFqSnSdI19c%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f507-175d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79d00004e929a000000000001
accept-ranges: bytes
cf-ray: 63c6c2529fc84e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isp-throttling-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 14ms
12ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/isp-throttling-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4372578
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V2U1sIK3cBPYrQ7tzAimfX0HKxA14v3L8vnOZopMIszOu%2FOm7aqyD%2B46KAvMquqpoLKJE57qrc9QrkNdz9xE5oxkCRIGIZRfglbhO3M0C5MDV%2FhvHJnA4NY%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f509-930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79d00004e9279296000000001
accept-ranges: bytes
cf-ray: 63c6c2529fc94e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
19216801.one/wp-includes/js/ 14 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 857941
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i3GfEhJ5NWlCgnnid6No7131WTr032AOLSZOl%2FIcPTsXWU%2FfCBqtWPg60bkYZOEQrWc4UFSszSf4%2BycEb7hPnuoN6OuvNPXRACiRmoNlxA9Rdewi45Sawco%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de38209-362a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79d00004e92d09e4000000001
cf-ray: 63c6c2529fca4e92-FRA
expires: Wed, 28 Apr 2021 00:21:40 GMT

GET
H2 200 style.css
19216801.one/wp-content/themes/simple-grey/ 661 B
705 B 26ms
24ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/style.css?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 409278
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vMAIRSVGABbYvkHFPOR6DYwYYGS6krzDUiwlwIB0mTey%2BpFqtzOjfYKYfNEilRHQGocDuy6fPXPImoQHF3JOvwBEBWo05RQHccFsmnPT%2F4wtVmWSUZwokp0%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-295"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79e00004e92859f2000000001
cf-ray: 63c6c2529fd04e92-FRA
expires: Mon, 03 May 2021 04:59:23 GMT

GET
H2 200 Speed-Test-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 22ms
20ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Speed-Test-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4372578
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BxdUAGXyB%2FariZ9moBD%2B3dKm9Vq%2F40mx3VI%2BM%2BnxHOOXG61KZY11gXBLaHU0Y8R9jPs0JCm91Lv4LcQKhm9%2FpLaH0ZTGQJqctxmwdImh7HweHp7TfcWf2x8%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6473
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc9821f-1949"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79d00004e928b346000000001
accept-ranges: bytes
cf-ray: 63c6c2529fcb4e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wifi-1.jpg
19216801.one/wp-content/uploads/2019/11/ 4 KB
4 KB 27ms
25ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/wifi-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13107413
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6o%2BqnGlZMeMOLPPRQnsOmnz3PUzxlgKYTC41cCKKefLqUZoXqhDVgoipZVS3TctvuK9tffoT7OgxCd6wU2zXS5N4VKQRf0ub22AmeVTyyzetL4Q7PNV69RI%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4179
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f50b-1053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79e00004e92e22fe000000001
accept-ranges: bytes
cf-ray: 63c6c2529fcd4e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 privacy-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 15ms
13ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/privacy-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11227660
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n8E4Nl%2BGZLGNBlIBd8Twx1OkDNmq5khj5UhG3ywiw5JKAVAHz2ItwqpseZs0s74Fc01WnymQhShGdnGXJUiNX7sGvlw3VsrCYYkEpBV4z1lUAQGR49kVW7c%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f50a-9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79e00004e92db224000000001
accept-ranges: bytes
cf-ray: 63c6c2529fce4e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Movie-Streaming-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 18ms
16ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Movie-Streaming-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13207457
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iolQ60UNZYJ2H55OPujbMnYn5upYPKmvXQQPzoYFZgftMsKIWfoeTDhCYeDtWCG3yJJsmjHFdFjk5OE%2F8q8oYNWjw92%2FN5wrJuUvW3iHheqKEsqLKTI%2Fsi0%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6441
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc98221-1929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
cf-request-id: 095017c79e00004e929f30b000000001
accept-ranges: bytes
cf-ray: 63c6c2529fcf4e92-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 1 KB
718 B 11ms
11ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 149191
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FWgahnot9R267QrqieBJGqXctiAftNjZM7SoSqKtV7KPHKxpJwloRN6fgARUlfe57lb3eiM7gIlVKNRdNujKu%2B0SZktg1DJwT%2FW%2FFbTIMXeuDPDqWP%2BdjYs%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c78900004e92c680d000000001
cf-ray: 63c6c2527f984e92-FRA
expires: Thu, 06 May 2021 05:14:10 GMT

GET
H2 200 skip-link-focus-fix.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 650 B
584 B 34ms
34ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1806820
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jvOP2Sd6adwpm7CeIMqha%2F586Aq8qmQ5l2L9URPkQXu0IYQYfgFxdcn3ymVU7ex2HF%2BX%2Fsydou1udDqmSAAfmKG2NCmb2mjr2zswpfJqTKAUTOiF3lt9194%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-28a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79300004e92f28f6000000001
cf-ray: 63c6c2528faa4e92-FRA
expires: Sat, 17 Apr 2021 00:47:01 GMT

GET
H2 200 oembed-adjust.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 455 B
535 B 18ms
14ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 230438
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L1JhmRrN3gjSiJ6QistUfSXIiClBVmdbdBp5DGqpeiWCoBh2Qpq7dYBRENenybxoXM2jW%2Feugy6tpWtfZllb22IhaGmA2NVuyOPdKj8l1q93V2SCBZkZ7eI%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-1c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79b00004e92af8a4000000001
cf-ray: 63c6c2529fbd4e92-FRA
expires: Wed, 05 May 2021 06:40:03 GMT

GET
H2 200 accessibility.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 569 B
604 B 16ms
13ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 230438
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a61kKtvYWPdBjFYexScs8rYDqmxMffOX0axqfyY7JZHnXqHn4i1NxYZTUdtDNbYVjxPPpeHUTO6NWruXsLx%2B73Yysiqg8k%2FDuDVph6ZZPioNdBdnbJx%2FR1Q%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79b00004e92b43cd000000001
cf-ray: 63c6c2529fbe4e92-FRA
expires: Wed, 05 May 2021 06:40:03 GMT

GET
H2 200 wp-embed.min.js Show response
19216801.one/wp-includes/js/ 1 KB
958 B 13ms
10ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-embed.min.js?ver=5.3.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UamTV2u7xuhxXsqFp9imIAkO2VeUL6tcot4A0sEs5ZZYgR5hfvYF%2FeQwdSAKL9oPOqxu%2FHNQ8M7tD%2FMlZsgx32CGy7o51%2FYhO3X4yVlfaKUfoasXgkAJSwU%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de38209-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79b00004e92b9ac4000000001
cf-ray: 63c6c2529fbf4e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 frontend-modules.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 46 KB
13 KB 18ms
15ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r5yKRGn8zeRc2t%2BaBSGi%2Bffat4puNhyeiF5bzavUoOeve1pS2sUoLzv9JV1w%2FKGitLNlegUj3Gan48bzMCb0EjCEmcp4Qm19oGceesRxNHf9P2jCMAIavCg%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-b82f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79c00004e92dd16d000000001
cf-ray: 63c6c2529fc04e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 position.min.js Show response
19216801.one/wp-includes/js/jquery/ui/ 6 KB
3 KB 15ms
12ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 55136
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJ%2B7WSLuXfqa8h%2BSShOS1fh7imatrCjPNSi8YwxoyUFTK8sPwV8YmAen0jZ%2BeMb%2FBooVMqFNRaRiDfVK4QLeem99g0Wt7oc8ra%2FdZNcmOhGZN8zPPRU1vyo%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de38209-1952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79c00004e92aca4a000000001
cf-ray: 63c6c2529fc14e92-FRA
expires: Fri, 07 May 2021 07:21:45 GMT

GET
H2 200 dialog.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 23ms
20ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 856808
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=algTrN%2BkHrDgQYnxsuCANIpkPnsGAXXBdtT1Jyy5CgK9KLDSBfwcPoPvXYa7qvQIOXEZD8u9gGQS6iXgs2xK%2BVcIAbq95nScADia1gnmJh9W30VlSNxAPBw%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-29b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79c00004e927c30d000000001
cf-ray: 63c6c2529fc34e92-FRA
expires: Wed, 28 Apr 2021 00:40:33 GMT

GET
H2 200 waypoints.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 18ms
16ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 59987
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gozOLMU8iPWLbRME8Vmwj%2BTSgJwddSpxP7RWpdoASrbL2kLrndE51eXdEQjOhh2iIjkobN%2F30yxgW9MRV4amBgv5GT%2FmPwtagPyg%2FRA1gIeEfOlguuZKsVA%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-2fa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79c00004e92c680e000000001
cf-ray: 63c6c2529fc44e92-FRA
expires: Fri, 07 May 2021 06:00:54 GMT

GET
H2 200 swiper.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
31 KB 23ms
20ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1780560
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OiRDl23ZSTEvYZCEEFBT11hgzO50CzqOH%2BUW3ZlMpfNEaEv1v7ILkVA%2BVUW1xycHQhnp05XBb%2BczrUbrHZXWFOLhXZTJH1G1SQF1pWvPFLM6hqvmWt8YOYc%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-1ea8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79c00004e92fc214000000001
cf-ray: 63c6c2529fc54e92-FRA
expires: Sat, 17 Apr 2021 08:04:41 GMT

GET
H2 200 frontend.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 92 KB
23 KB 26ms
23ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2562934
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7OAi5A26LZIEmRBZ4FdH4e5ZoefLyYGQJpyq8W%2BfUm3EaS8ANhcL2%2Fx9xci8x4aNpVLsND1YRqRUhGqv38xWaM7GNe2aNcS4HwmMf4HKnL5vCWcToInH3z4%3D"}],"max_age":604800,"group":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-16f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-request-id: 095017c79d00004e92d4068000000001
cf-ray: 63c6c2529fc64e92-FRA
expires: Thu, 08 Apr 2021 06:45:07 GMT

GET
H2 200 aVNLVTEScTgibhwhJ3cLSzs%2FIUEaaWR6AFBhemMJWWJlOl8MfDgiHF83KmdURzk4dx1LICYzE1NiZ3dFCDQUPFVLaWltA1tgemATRXE4IFM2Oi9nE1NxfmMDXTB9Z1VEa3NgB0RneGdQRDJzNlREYXlkAlpneDRQWmsod0w Show response
aphycolourses.info/ 116 KB
45 KB 337ms
113ms Script
application/javascript 34.196.151.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/aVNLVTEScTgibhwhJ3cLSzs%2FIUEaaWR6AFBhemMJWWJlOl8MfDgiHF83KmdURzk4dx1LICYzE1NiZ3dFCDQUPFVLaWltA1tgemATRXE4IFM2Oi9nE1NxfmMDXTB9Z1VEa3NgB0RneGdQRDJzNlREYXlkAlpneDRQWmsod0w
Requested by: Host: 19216801.one
URL: https://19216801.one/sw-6da2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.151.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-151-230.compute-1.amazonaws.com
Software: / Express
Resource Hash: f1354d5cdc65fd7fe61238e9d6932f2407d7555ca92b4264ba0bda9ed017b516

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"1cfcd-JBQC9zanOowObnMPYFtIxxISXew"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://19216801.one
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 477424
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://19216801.one
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 477424
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://19216801.one
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 17:40:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 104424
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13852
x-xss-protection: 0
expires: Wed, 06 Apr 2022 17:40:17 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
68 KB 50ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4a1ffa1ba38dba98eb33a64eeba9347788e4aff54fc026387d715329858db994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: br
last-modified: Mon, 05 Apr 2021 18:52:27 GMT
etag: "6064af5d-11065"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69733
expires: Wed, 07 Apr 2021 23:40:41 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/ 224 KB
84 KB 56ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4812870882449745&plah=19216801.one&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6868b2350ea5d1774a1160452024dd020dc64c65e9281f2674e46e90dcef57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85922
x-xss-protection: 0
server: cafe
etag: 12501389591399758798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Apr 2021 22:40:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/ Frame CF02 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Apr 2021 19:37:49 GMT
expires: Wed, 21 Apr 2021 19:37:49 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 10972
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9236.4xiHAG2-udWjoTrnvne6J9FWIuIDo8UBwuakYLGHyZLf1UZ-f_NGcemLPmbFr3Wv.7wc2WLnlRx95y7Agvcd7nJzqOHc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9236.28LxbOLlvOVl5nvySby7ZThRDGlbh8nWLQyNUyoqif9eshW_PlhwuYCnZQKopW9qPp85sswMT0feSrCsqzv_kw%2C%2C.5E-hppGt-G_PgpnNwMOwuTRwKnA%2C

75 B
75 B

49ms
49ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9236.28LxbOLlvOVl5nvySby7ZThRDGlbh8nWLQyNUyoqif9eshW_PlhwuYCnZQKopW9qPp85sswMT0feSrCsqzv_kw%2C%2C.5E-hppGt-G_PgpnNwMOwuTRwKnA%2C

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9236.28LxbOLlvOVl5nvySby7ZThRDGlbh8nWLQyNUyoqif9eshW_PlhwuYCnZQKopW9qPp85sswMT0feSrCsqzv_kw%2C%2C.5E-hppGt-G_PgpnNwMOwuTRwKnA%2C
date: Wed, 07 Apr 2021 22:40:41 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
72 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
last-modified: Thu, 01 Apr 2021 13:57:39 GMT
etag: "6064af5d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Apr 2021 23:40:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
398 B 58ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=19216801.one&callback=_gfp_s_&client=ca-pub-4812870882449745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210401/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4812870882449745&plah=19216801.one&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

4a1ea2de76301101059a7d7501c560bc4b252d00377882d4eb3c8db7b48ecb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 14ms
13ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=19216801.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
196 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=19216801.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D718 54 B
596 B 77ms
64ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1617835241&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617835241573&bpp=11&bdt=306&idt=104&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1282550781380&frm=20&pv=2&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1617835241&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617835241573&bpp=11&bdt=306&idt=104&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1282550781380&frm=20&pv=2&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Apr 2021 22:40:41 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Apr-2021 22:55:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 22:40:41 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660453263920"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28267
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:41 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20A6 71 KB
23 KB 549ms
548ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1617835241&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617835241585&bpp=3&bdt=317&idt=123&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZuQa7iRDzw&p=https%3A//19216801.one&dtd=130

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69fa4d646110177119578c5a031ec26cafb5773de51564dc59723a4b91ad03f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1617835241&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617835241585&bpp=3&bdt=317&idt=123&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZuQa7iRDzw&p=https%3A//19216801.one&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Apr 2021 22:40:42 GMT
server: cafe
content-length: 23944
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Apr-2021 22:55:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 22:40:42 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14E6 69 KB
23 KB 581ms
581ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241588&bpp=1&bdt=321&idt=134&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=32cwZf5T2p&p=https%3A//19216801.one&dtd=138

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15174e3acb6138980ef184d57129fa4ab59907833bddf97d32886c6762891db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241588&bpp=1&bdt=321&idt=134&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=32cwZf5T2p&p=https%3A//19216801.one&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Apr 2021 22:40:42 GMT
server: cafe
content-length: 23581
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Apr-2021 22:55:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 22:40:42 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94E8 57 KB
22 KB 498ms
497ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d23b36bed430d98c11841f5bcc6595010f3862eb7e41f765e0ae829c00b43f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 07 Apr 2021 22:40:42 GMT
server: cafe
content-length: 22096
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Apr-2021 22:55:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 22:40:42 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/55749736/
Redirect Chain

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

203 B
281 B

53ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A68866612797%3Ahid%3A477852563%3Az%3A120%3Ai%3A20210408004041%3Aet%3A1617835242%3Ac%3A1%3Arn%3A50682428%3Au%3A1617835242846232282%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617835240941%3Ads%3A33%2C15%2C269%2C13%2C0%2C0%2C%2C256%2C27%2C%2C%2C%2C583%3Adsn%3A33%2C16%2C269%2C13%2C0%2C0%2C%2C252%2C26%2C%2C%2C%2C584%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617835242%3At%3A192.168.0.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9107cadffa6bbc50e500b3d2eb4e0a6976fe313812e70c989ce234b93f5b2fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 07-Apr-2021 22:40:41 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Wed, 07-Apr-2021 22:40:41 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:41 GMT
last-modified: Wed, 07-Apr-2021 22:40:41 GMT
location: /watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A514%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A68866612797%3Ahid%3A477852563%3Az%3A120%3Ai%3A20210408004041%3Aet%3A1617835242%3Ac%3A1%3Arn%3A50682428%3Au%3A1617835242846232282%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617835240941%3Ads%3A33%2C15%2C269%2C13%2C0%2C0%2C%2C256%2C27%2C%2C%2C%2C583%3Adsn%3A33%2C16%2C269%2C13%2C0%2C0%2C%2C252%2C26%2C%2C%2C%2C584%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617835242%3At%3A192.168.0.1
strict-transport-security: max-age=31536000
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 07-Apr-2021 22:40:41 GMT

GET
H2 200 8720810924892310174
tpc.googlesyndication.com/daca_images/simgad/ Frame 94E8 23 KB
23 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8720810924892310174

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483ac023489dee41f6c33419a2edcf68cd0e13d66fdca4d38aa55e47e31e08c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:38:03 GMT
x-content-type-options: nosniff
age: 507759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23765
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 13:05:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 01:38:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 94E8 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:38:55 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 94E8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:32:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94E8 118 KB
36 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660447179276"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 94E8 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:31:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 94E8 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10481
x-xss-protection: 0
server: cafe
etag: 6535096331343443408
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 14:03:17 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94E8 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXs1i6TRuYJrRLY-ArATl-6OgC9yJ6dphwtey_q4LuL_W7fsOEAEgopHrTWCViviBlAegAaD59_4CyAECqQK7mc_MJ_GzPqgDAcgDyQSqBNABT9CiQiR3wdUJNSOGYjjGsTibegm7ZJuQcbuE3pf8ugtr7wZzSgtE7xlyuoeJY65iiPtqd5UkcKFRPOdK0tsyN8H8I5Ek6G8CozOU3R1RigOBmePvC1DrpiabiLSZu3gKEgD-0c7ZWwGgkWXherE7-Tjk1ieygD7NlRI1zATHTbywLmIfqopx8KFgk52Rm6EcqSjNG2N8NvJApxiAweKwd5MtbVyFI7VE7nX01Q2pGVs1BL50p2rMLtoITg5sTHYUc3HdwzjvoQiqvgT3qywmKsAEs9uG2fICkgUECAQYAZIFBAgFGASgBgKAB8iGiIEBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELeTBtIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi00ODEyODcwODgyNDQ5NzQ1&sigh=rrhQr6eJt10&tpd=AGWhJmunGUx-jvZ_prWwD3LSZ8Oea07mCDcU91Z8FruXRdBlHQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 07 Apr 2021 22:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A5F3 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241589&bpp=1&bdt=321&idt=141&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ElmPvnroNG&p=https%3A//19216801.one&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 07 Apr 2021 22:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1037
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A5F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

15ms
14ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Apr 2021 22:40:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 07-Apr-2021 23:40:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 22:40:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Apr 2021 22:40:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 20A6 3 KB
646 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1617835241&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617835241585&bpp=3&bdt=317&idt=123&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZuQa7iRDzw&p=https%3A//19216801.one&dtd=130

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 21:54:04 GMT
server: ESF
date: Wed, 07 Apr 2021 22:40:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 20A6 1 KB
980 B 36ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:12:53 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 20A6 17 KB
7 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:38:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 20A6 2 KB
1 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:32:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20A6 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660447179276"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 20A6 13 KB
6 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:31:28 GMT

GET
H2 200 1f3867f1f27527e43574e1cbaa2e66c3.js Show response
www.gstatic.com/mysidia/ Frame 20A6 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1f3867f1f27527e43574e1cbaa2e66c3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 07:29:15 GMT
server: sffe
age: 572626
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10498
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:36:56 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4910348745643962454/ Frame 20A6 17 KB
17 KB 30ms
21ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4910348745643962454/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8235322561dbf13b0c4076e555480e2d46f36f6f67f14601ae1149fa79ad88a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:06:06 GMT
x-content-type-options: nosniff
age: 506076
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17045
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 12:49:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 02:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 20A6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
track.seadform.net/adfserve/ Frame 20A6 35 B
0 105ms
33ms Fetch
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=44373739;1x1inv=1;srctype=3;ord=1643859391

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20A6 0
0 49ms
45ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFoPK6TRuYODCLdfb3wPp04LICtCLx9NhmJPlqdANqpaDsegOEAEgopHrTWCViviBlAegAcjk14oDyAEJqQKD7iruVe-zPqgDAcgDywSqBNABT9CXOVAXb1PZ50IqU7HeW9sT0BpmrSRTZnTVAemwcsiSX-hFik-lWnbqedvYqM8Z2jYpaJ1T9s1FDufaX6WTyAenq_g-8BcmhwLFO8j2QDPe8Dc47W-uviRUahtbtnYELqBcq4bZoiXFD5eOExu_xWbZwql7Sc64stvXz2A2aT6ExO1pIlKv3VSNp7DqxywgrilcetBynoSG2ByqOJEcw3J-9XPfGmYLAh9P5jEZW8g37ZAPDUfI3uHazz7X4SNYjvp2ENFWbFfqHoRdgtV_yMAErbWc8q0DkgUECAQYAZIFBAgFGASgBi6AB6CbqHWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQoaCFAdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi00ODEyODcwODgyNDQ5NzQ1&sigh=WbEpKw4ZB40&template_id=5000&tpd=AGWhJmt73WFSPGJ7jY4UYQYw62jYPu7S4I0LX9H6-dQnz-npcQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1617835241&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617835241585&bpp=3&bdt=317&idt=123&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZuQa7iRDzw&p=https%3A//19216801.one&dtd=130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 07 Apr 2021 22:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 94E8 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c824c9805f2abbc233344a260351c6313572400f50603282bddf27f9cf64b49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 20A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ae6a8225e44fdb82b2f01263e27ed0dd31117f7cfac35a9c99253c1f9deee57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 14E6 4 KB
639 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241588&bpp=1&bdt=321&idt=134&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=32cwZf5T2p&p=https%3A//19216801.one&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 22:03:29 GMT
server: ESF
date: Wed, 07 Apr 2021 22:40:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 20A6 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 477425
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 20A6 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 3499
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:42:23 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 14E6 1 KB
910 B 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:12:53 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 14E6 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:38:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 14E6 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:32:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14E6 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660447179276"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 14E6 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 22:31:28 GMT

GET
H3-Q050 200 1f3867f1f27527e43574e1cbaa2e66c3.js Show response
www.gstatic.com/mysidia/ Frame 14E6 25 KB
11 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1f3867f1f27527e43574e1cbaa2e66c3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 07:29:15 GMT
server: sffe
age: 572626
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10498
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:36:56 GMT

GET
H3-Q050 404 downsize_200k_v1
tpc.googlesyndication.com/simgad/9916760456037379454/ Frame 14E6 43 B
136 B 40ms
39ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9916760456037379454/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:42 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
DATA 200
OK truncated
/ Frame 14E6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 44E1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 4696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:22:26 GMT

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 51DC 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 4696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:22:26 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame 14E6 35 B
0 33ms
33ms Fetch
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=40960515;1x1inv=1;srctype=3;ord=933191206

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14E6 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9iK86TRuYKzLLdqx3gPS9Y2gBfq2y45igZeLs-0MxbmD_oAQEAEgopHrTWCViviBlAegAcjk14oDyAEJqQKD7iruVe-zPqgDAcgDywSqBMkBT9BzVX6Zu4mkhPkRDWEEQ-Q0_zR_ZYZ3luyzkw4U146IckPokZWSGYkt9FRSyTowMwvc1KyOExROXvbO8fiLX4bH2UVEiBuXGe9dDpWv8fontSxjaZfy6oHCmfhybC8lRniy7K-tR7FU0wtyGYJzs-Yjb8wogr_IVfqb3Kt9-dERPkXsCU-hlkTvHlggMnAy-CkGyQfyK4LhgIf2mWbeylniOA9JLnQ6fl8m4UuL_eF817s6bBEb-87ZLQ84XLiP9wVIg7oIbWyWwATU4OXlsgOSBQQIBBgBkgUECAUYBKAGLoAHoJuodagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCo1zDSCAkIgOGAEBABGB-ACgHICwHYEw2IFASYFgGyFxoKGAgAEhRwdWItNDgxMjg3MDg4MjQ0OTc0NQ&sigh=zNpZZvPM9Uo&template_id=5000&tpd=AGWhJmtD6FQrfGpgKfbDF0--GDBZScBoJgnCenTrABS_cJgSJg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1617835241&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&dt=1617835241588&bpp=1&bdt=321&idt=134&shv=r20210401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1282550781380&frm=20&pv=1&ga_vid=1538259629.1617835242&ga_sid=1617835242&ga_hid=1582173542&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44739390%2C44740079%2C44739387&oid=3&pvsid=3066263986043393&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=32cwZf5T2p&p=https%3A//19216801.one&dtd=138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 07 Apr 2021 22:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 14E6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a301ea46baca66247e8fcaff7430267ba480dcb7dad7aa88455fc0288a4a0611

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 14E6 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 98717
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 06 Apr 2022 19:15:25 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 14E6 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 177922
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:20 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210401&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5921477d3c4250bce795d8527a11b1fb0db7543cfc7bd8acb6dc1f8cad9eb34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 22:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 49EA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 4696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:22:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:40:42 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5F10 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://19216801.one/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 21:31:30 GMT
expires: Thu, 07 Apr 2022 21:31:30 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4152
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F10 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 4696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:22:26 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 39ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210401&jk=3066263986043393&bg=!HxylHFjNAAY56aLOOek7ACkAdvg8WiYLbMcg_v4ndTGJdtyORi5J-cLV664TOEg1Hw8fqzzDY4lKEQIAAABfUgAAAAxoAQcKAEQJcUqXD6Spg1UMfX2_bPa6goAUsCZ39tS9gXEIEZlSdDkDKdtJIWcyy6Q6q5gtDRDnpP0H_lZ_qHbioTymdRMr79UTg5kB18z5ZdESPxbXC9-QHm1_3pqFtLWx2OM-5O6DEL2NKdcZTQXtpF9jCa4Fl55xyvrg_phAHB0CQWMndrod3Vv37P2XqcUEVnpTy0FTs2dlVtmXB6_r1vXVMKFUj2bJiW8CZhAm3jGOmi1KAhz-ctDDinKYAFZOZsWW_x1RZdHzyIvKyYfMJenkvuZQ-ccC9KMRxc0bpzinCQsFUojQeCCUnVRhkaG-RFPED67tkHLvJFw3dpntAzLsvTnY-Xb412PrLeOrABaEGiHrkXcoTzsY5xPWJNuCPQIjXyDe3nYxQPq3L1iwBQ6OtH6WAltdiApiV1SqnIeLCCX0TVFNiDyrNtIwtRJ0paJ108dbKDAKReeOGzY0Cj9VOOUFoiqcLlR7upTFNu2lCAyiciucwm1lduOe_sS_TKgeIEHQtJq4u4VIFKtkVxSoiRZtRpuJLt5EXJ0_2ANRjYhX64BqhvtHFYuF-y_4J5zfVl126vJwfSzsLiBgA9CPes0JhckpXA-P2LjUpqvlJkWd-9syud9adRN25c0pGPJVKsN2X6FuM9LFHUKhB6722EkufAigHw2GpkRBqJUPVuG-RIMr9yAdiIayLnjMf92Kx6couiwRyyejfXMGxFJ9pQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20A6 42 B
155 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgybA6cu5YPkKIeENPXlvubqDL5GFPYmu5ZUvqwhp7FDH2-XCAptAQry4g5g1YebrU7ybXAaP-K_Vx8kqKowUH2CPlg3cLxHAWgPf81-ks0jbB_VCFNhmgXLTpLw&sai=AMfl-YQPKdrdnc8nBv_5biJPbUzvEQI_LR-FjzAHllYmdHiW8HPiqQWJDCZ3YHliAd6HDhUpyg6lCqloqI_S&sig=Cg0ArKJSzKXFNhdvt0vhEAE&id=osdim&mcvt=1001&p=105,200,385,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210405&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3451990369&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617835241719&dlt=549&rpt=49&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 22:40:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:23:56	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:45:31	Name: IDE Value: AHWqTUn4u9NozyRqmyE2bQw7GX9fBX17IAlzw-mqFN227VEQrYoO6-KzgzVnoQvWltg
.19216801.one/	1970-01-20 02:45:31	Name: __gads Value: ID=4bf5d6ac06e0197f-22055618feba00af:T=1617835241:RT=1617835241:S=ALNI_MYRo9JV6bT0fNSBQL-3wCcmi_EaAw
.doubleclick.net/	1970-01-19 17:23:58	Name: DSID Value: NO_DATA
.19216801.one/	1970-01-19 17:25:07	Name: _ym_isad Value: 2
.19216801.one/	1970-01-20 02:09:31	Name: _ym_d Value: 1617835242
.19216801.one/	1970-01-20 02:09:31	Name: _ym_uid Value: 1617835242846232282
.19216801.one/	1970-01-19 18:07:07	Name: __cfduid Value: d50afbbf8618795349a51817f6d9c48b51617835240

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19216801.one
adservice.google.com
adservice.google.de
aphycolourses.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
track.seadform.net
www.google.com
www.googletagservices.com
www.gstatic.com
216.58.212.162
2606:4700:3032::6815:1693
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a02:6b8::1:119
34.196.151.230
37.157.2.238
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0ae6a8225e44fdb82b2f01263e27ed0dd31117f7cfac35a9c99253c1f9deee57
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
10879c90d675623954d308fa8d34ab038c915646aa4167764fd8bb02804cbbf9
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
15174e3acb6138980ef184d57129fa4ab59907833bddf97d32886c6762891db3
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
3b2a0f1e86abfa08804e22ecd2cfe7ab2eeb6a904776d873975814f19801fe6f
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc
47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b
483ac023489dee41f6c33419a2edcf68cd0e13d66fdca4d38aa55e47e31e08c4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a1ea2de76301101059a7d7501c560bc4b252d00377882d4eb3c8db7b48ecb1a
4a1ffa1ba38dba98eb33a64eeba9347788e4aff54fc026387d715329858db994
4c709d353175b6c48bde05e424d53d0b9263079e3dffb1ba0a8fa882b336ca5e
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5921477d3c4250bce795d8527a11b1fb0db7543cfc7bd8acb6dc1f8cad9eb34e
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5c824c9805f2abbc233344a260351c6313572400f50603282bddf27f9cf64b49
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
69fa4d646110177119578c5a031ec26cafb5773de51564dc59723a4b91ad03f2
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
6d23b36bed430d98c11841f5bcc6595010f3862eb7e41f765e0ae829c00b43f3
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
785166fb3c9caaa106a7d5cff782a6aef2f3d32bc82688f19b1c82ef8b33bbf5
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
8235322561dbf13b0c4076e555480e2d46f36f6f67f14601ae1149fa79ad88a1
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
9107cadffa6bbc50e500b3d2eb4e0a6976fe313812e70c989ce234b93f5b2fbd
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a301ea46baca66247e8fcaff7430267ba480dcb7dad7aa88455fc0288a4a0611
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab6868b2350ea5d1774a1160452024dd020dc64c65e9281f2674e46e90dcef57
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1354d5cdc65fd7fe61238e9d6932f2407d7555ca92b4264ba0bda9ed017b516
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

19216801.one Open in urlscan Pro 2606:4700:3032::6815:1693 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

82 %IPv6

13 Domains

16 Subdomains

17 IPs

4 Countries

1001 kBTransfer

2721 kBSize

8 Cookies

1 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

19216801.one Open in urlscan Pro
2606:4700:3032::6815:1693 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

82 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1001 kB
Transfer

2721 kB
Size

8
Cookies

95 HTTP transactions
5 data transactions