19216801.one Open in urlscan Pro
2606:4700:3032::6815:1693 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://19216801.one/
Effective URL:
https://19216801.one/
Submission: On October 11 via manual (October 11th 2021, 10:50:49 am UTC) from ZA — Scanned from DE

Summary HTTP 103 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3032::6815:1693, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19216801.one.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.

This is the only time 19216801.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:303... 2606:4700:3032::6815:1693	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.87.52 13.225.87.52	16509 (AMAZON-02) (AMAZON-02)
1	44.198.9.0 44.198.9.0	14618 (AMAZON-AES) (AMAZON-AES)
15	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
103	16

33 2606:4700:3032::6815:1693 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-52.fra2.r.cloudfront.net

chauffers.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.9.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-9-0.compute-1.amazonaws.com

hereabithec.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	19216801.one 1 redirects 19216801.one	287 KB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	314 KB
14	doubleclick.net googleads.g.doubleclick.net	89 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	211 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	google.com 3 redirects adservice.google.com www.google.com	2 KB
4	googletagservices.com www.googletagservices.com	139 KB
4	googleapis.com fonts.googleapis.com	4 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
1	hereabithec.xyz hereabithec.xyz	37 B
1	chauffers.xyz chauffers.xyz	412 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	656 B
1	aphycolourses.info aphycolourses.info	21 KB
103	14

	Domain	Requested by
33	19216801.one	1 redirects 19216801.one
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	19216801.one pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects 19216801.one
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	19216801.one googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects 19216801.one
1	hereabithec.xyz	aphycolourses.info
1	chauffers.xyz	aphycolourses.info
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aphycolourses.info	19216801.one
103	17

This site contains links to these domains. Also see Links.

Domain
192.168.0.1

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
aphycolourses.info R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
chauffers.xyz Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
hereabithec.xyz R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 14 frames:

Primary Page: https://19216801.one/
Frame ID: 57C053D34B4AA760F2B03025A2E5B2F4
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html
Frame ID: B922670A2FF75E1C2AA12D338B9B4F3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1633949444&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444658&bpp=2&bdt=233&idt=73&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4540328693991&frm=20&pv=2&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=2&pvsid=2657572123641449&pem=178&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
Frame ID: FEC909AF1EBA82243B4DC4FEEFF49C6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110
Frame ID: 9F71A209A6B3A15F62A42CB0BD1338C2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114
Frame ID: 2059D449A749BA4CFB51A09FB8870B32
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117
Frame ID: 6BE6E778AA58782FF3D4EE7931209F52
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 58E9D247B55E62809ED88A11C1293273
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: B25CE157E09AB5654D3ABDFDA958B332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 243264727AC7206246E439C0D0F63D0B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3EE1E25DC846FF11B2503B423F59DA50
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: 5FB7661CED82A37DCFA9962FF2C2F92C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: D28CCC2B7458905A30192643441CF5B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 553640357D46F6E0A0959F21B094DB35
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FA70186729CC8B736C81A989353458D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

192.168.0.1

Page URL History Show full URLs

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<div class=(?:"|')[^"']*elementor
<section class=(?:"|')[^"']*elementor
<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css
elementor/assets/js/[^/]+\.js\?ver=([\d.]+)$

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

16
IPs

3
Countries

1133 kB
Transfer

2917 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1 Admin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9423.C16yYUr-1KF5W8eJ8lmDPBV6-IJPn2rD92uYdofaOT-0GVGRtMKJtjqwfjK68XwH.FWpHzCOTJLoCdCUw4im1qRyqGBU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9423.iacuKnliMmjKqfcWy9p4QydxdxX70Wax36IL3jknYbtTBbW1963EmQEbgLx4iVVnm3nkfnDX1obskuGVbZiAAA%2C%2C.TIp4mLC2XDiWBRh68oOmAZExhpM%2C

Request Chain 52

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A398106397926%3Ahid%3A99831657%3Az%3A0%3Ai%3A2021010110105044%3Aet%3A1633949445%3Ac%3A1%3Arn%3A932648572%3Arqn%3A1%3Au%3A1633949445809017988%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633949444025%3Ads%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C15%2C%2C%2C%2C565%3Adsn%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C14%2C%2C%2C%2C566%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633949445%3At%3A192.168.0.1 HTTP 302
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A398106397926%3Ahid%3A99831657%3Az%3A0%3Ai%3A2021010110105044%3Aet%3A1633949445%3Ac%3A1%3Arn%3A932648572%3Arqn%3A1%3Au%3A1633949445809017988%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633949444025%3Ads%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C15%2C%2C%2C%2C565%3Adsn%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C14%2C%2C%2C%2C566%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633949445%3At%3A192.168.0.1

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
19216801.one/
Redirect Chain

http://19216801.one/
https://19216801.one/

45 KB
10 KB

183ms
141ms

Document
text/html

2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

40219331bb08dcb46fb5f18befd12f51f9096303c25fce9665ddaba207bcb84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 19216801.one
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://19216801.one/wp-json/>; rel="https://api.w.org/" <https://19216801.one/>; rel=shortlink
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6S4TBXOT2BLs5IKfvwFcUB%2FETXaNrPW2usMFc9N9TeuNtkQlY2fQJELpFxiT2eoMUjsns9SZI9C%2ByINyaSkr5x72g9zEDQJ4HhkJlXb4M2aPX0QbKVYiwGjYsUGX9Va64offSLACFcMjEww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69c7877ad9a13744-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Mon, 11 Oct 2021 10:50:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://19216801.one/
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRHLGk%2F3uyXwCreBtMkTdmIUCyHsMf8HUDyGpSn%2B9WAhTlkYcWWPOE4BvAkIekerq0jEmfGzjhpNk2khkknJYoQDKizBSxIWd4AN%2FHqKQ2g8%2BVV0A2AgSoHnErImtUC5NBHAuAAOnFwU7nQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69c787794d42325c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
19216801.one/wp-includes/css/dist/block-library/ 40 KB
6 KB 41ms
39ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dist/block-library/style.min.css?ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29099
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DngTK%2BguMQBwYmzaY38RJnQRNz%2Bjgf2eMfgHwbNsFcv27M48H43kZx62WRF%2BdBFa1wnBK4xXjJkr%2BX7ajnf%2FWW19%2FuSRjZIjTCrW5NcyeNsDqwK1cNvc1lwYJ1UstIWkA%2B5ta448qM9kLE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 11 Jun 2020 02:23:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ee195a3-a055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb3e3744-MXP
expires: Wed, 10 Nov 2021 02:45:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 65ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd523cd14a60804c7ba09eba659a9ca26e900417b0576da36521bdb318390b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 08:56:43 GMT
server: ESF
date: Mon, 11 Oct 2021 10:50:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 10:50:44 GMT

GET
H2 200 dashicons.min.css
19216801.one/wp-includes/css/ 46 KB
28 KB 25ms
23ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dashicons.min.css?ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29099
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Fe9Ppvs6BRbUpRR7zOb7%2FNoBDs%2BYFtLGUgrR0ZPCMao8PYCEWu8fPIcekQvAe540cEroU%2FlmMPysZMfuhSrBI5P5F6zeWUYGEqUYWAouP59fv%2FLsNNCI7r1JoUUn8WD4t9oENZ3OGeK2%2Fg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607892e3-b9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb413744-MXP
expires: Wed, 10 Nov 2021 02:45:45 GMT

GET
H2 200 simple-grey.css
19216801.one/wp-content/themes/simple-grey/css/ 91 KB
18 KB 35ms
34ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29099
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMD0hPrNCdJhlkvzZ3OGuFa3zfKOTJyj7%2BMagbGnIBzM3hlaqEtwPpYuPhPpUbVXIfO2yOZ1BvhP3xYgmYwAIUM6opSttIkq%2Ft6%2Fg3%2FwWI1bKQ%2FHUxcJDd2PDaaq4eUXqZA76GcwGf6DvdE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-16ca4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb423744-MXP
expires: Wed, 10 Nov 2021 02:45:45 GMT

GET
H2 200 default.min.css
19216801.one/wp-content/plugins/tablepress/css/ 6 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/tablepress/css/default.min.css?ver=1.10

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/tablepress/css/default.min.css?ver=1.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2040793
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw%2B0E6sRSWz99nhb4hnQNtSXy6S1V1jY%2FspVwLaa2PuEXyYKkJveOd4gY3Fdl4n90LuXn4wddmmWRmP0T5avgZjE7CPp97H%2FpTnB3%2F702xl3%2FAs60%2BJi0tmZa69ikfgM29Z45XxUH1VPT3E%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de38226-16ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb433744-MXP
expires: Sun, 17 Oct 2021 19:57:31 GMT

GET
H2 200 elementor-icons.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/ 14 KB
3 KB 24ms
23ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyMxpp7onuBBaoSOOVLY0qrYAkP5ql%2FFZWjwFlE1hysVScMkA7n5OOtpwwDcJyRxx3xLOOAiKtvau5vvElVFnK2hnfHA%2BX9KdryNbznPcDrZ5xrv8LrQ4SLdnZbJvFR22h%2BenrK7Eay6PPs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-38c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb443744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 animations.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 31ms
29ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2040925
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnbE9qsjvaFbuxmjphYz9W7vOW%2B2%2BKWK%2B90ECCnbmCy65C7vxs4o6Yj1oOz1kDwG76l7Y21vjWfJt6TSN9RUisQjqOQfNK3uEz2aNL%2FqVSpLqcCSmR6WZ7zvxecF1AUhUCXLwRkyAwW3T8Q%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-4824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb453744-MXP
expires: Sun, 17 Oct 2021 19:55:19 GMT

GET
H2 200 frontend.min.css
19216801.one/wp-content/plugins/elementor/assets/css/ 101 KB
15 KB 38ms
37ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2043838
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ1itJym2D0tzClCm9U0daaheYjNJO6fIeAaclR6QRgt5T8I4fmBbfS%2BMBFjZ3Mu5UglVVILawqGlQipBdsGN8z1PbYPjqOh9wZ9Wyha8uy%2Babge7sDEWaqoGDxkjpw1I3fhbZqYxGWiURg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-194d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb463744-MXP
expires: Sun, 17 Oct 2021 19:06:46 GMT

GET
H2 200 global.css
19216801.one/wp-content/uploads/elementor/css/ 4 KB
912 B 38ms
37ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/global.css?ver=1573318726

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/elementor/css/global.css?ver=1573318726
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2049503
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwWpdOg6wqILkrdBk%2BiOyndomuU3xF1U3xieLWtWW%2BcpcAbGPsNzqh41l5XehaOJTqUKDBuqLIDxXg5AQ%2BCOSq7GNVdhHz7pSt7L3BWhPIChFnOpGHp1PKsBQHG1va4uQ%2BXCMq5blu2UxR4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:58:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6f046-f0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb473744-MXP
expires: Sun, 17 Oct 2021 17:32:21 GMT

GET
H2 200 post-8.css
19216801.one/wp-content/uploads/elementor/css/ 14 KB
2 KB 31ms
30ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/post-8.css?ver=1596258357

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/elementor/css/post-8.css?ver=1596258357
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaLH8buJrXF8U6SucT4aw7%2Fr0OcrkR%2FghSN32BAFL0KoFBTGvBLrz7pTtjBp3DPVEZmlXJrwFaUrPEgy8komT7oS0vIONkB52YBip3%2BU%2Fh0bz%2BDNtzr%2FVfay4SGiXlNhCAPksrn5Ul0abRg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 01 Aug 2020 05:05:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f24f835-39d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb483744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 64ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 09:36:10 GMT
server: ESF
date: Mon, 11 Oct 2021 10:50:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 10:50:44 GMT

GET
H2 200 jquery.js Show response
19216801.one/wp-includes/js/jquery/ 95 KB
34 KB 38ms
38ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2049503
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szw%2B2RxVi5DukrHMDqY0UiwdTdNL%2BPxeQSrSaQ3cxODTNrqp8rxrh2W4MFalLhQUgj4%2BYoFcbOPhDuaJg0bGGGOZOihqLvbCULTXfzUmRLyKy0CkgshrM4ekwFqyhzfU7FauJf1UPc7EJPk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc2dd10-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877bdb493744-MXP
expires: Sun, 17 Oct 2021 17:32:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
19216801.one/wp-includes/js/jquery/ 10 KB
4 KB 39ms
39ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2040921
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqXWX2xLAeAKum7TrTLcGCcG%2BoFLz9Gqg%2FETX9RQ4SwUauCMNAraEd9mzB8X4MvNKzZSxIEOd%2BtNIZ4%2BZFJP2Vx9HGJxc6OqRKm5MXSiXBgGvIPC4zw9KEBOoPvkjLHISdC5f0NHtx3Jk4o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc2dd10-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877beb573744-MXP
expires: Sun, 17 Oct 2021 19:55:23 GMT

GET
H2 200 sw-6da2e.js Show response
19216801.one/ 93 KB
37 KB 39ms
39ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/sw-6da2e.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sw-6da2e.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1824739
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2S%2FUQIXEdjo1Qvmhe2bZ%2FXPAUvY3q4nSWj3f1QupyPUrgBwtRdAIcJjr0xiN4nx055Ko3JJXlgjes1TITuskk4%2BhwKMwr9SYpmSHNnXpPCF90vzxQvsgG1kkshZWxHwT4yJQSu%2Bh84Vb5U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 08 Jan 2020 13:00:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e15d25a-175a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877beb583744-MXP
expires: Wed, 20 Oct 2021 07:58:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 97ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bf980bac2c9589913da19ec43dd255548771e2ff6599b9f0a5df8d56b85f2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51275
x-xss-protection: 0
server: cafe
etag: 7622083519560749111
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 10:50:44 GMT

GET
H2 200 internet-speed-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 30ms
28ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/internet-speed-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/internet-speed-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7030046
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujD0pek6pNrbdzV9VhIW1HJYSriy7Q5Ezmva6OuPUK4wgdznyCGuceQvox161w5WYWRoFr7k0Ic56SrPIZFZiSvv0e9E0hliZeC5TQUyUcIjSUZ2NCJB5CqhH%2B%2Folh8zFEXgzNbizmmExSs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f507-175d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c0c3744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isp-throttling-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 35ms
33ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/isp-throttling-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/isp-throttling-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4632795
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6TDJoQ3Td9Dc%2F%2F1cXHvfIB9XDyseXeglLlpzcy2vx1JgW3e%2FlvDzpZLv6rdZAuLYGjrBrVcuHlWjbi1WPy1S7ITCsUFs5VU%2FkaKBcXAAw8Fgs8a%2B7DttSOyJFWQ3ErRYN7elDUkKvI7ujg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f509-930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c0d3744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Speed-Test-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 38ms
37ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Speed-Test-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/Speed-Test-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14788958
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Gi6pke5NP3cr4%2B4DmPOfFpB85Bni%2FHCAglHrvnytong4KIBvUlN%2FwGkVNv9YVvODL57LuRzSzJSH5e1n%2BkXQ33rczOXZw0WibWZsAC8r8xfj6cYZARf1n8GUDEG1jWp7JOYS0f9IpIa1n8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6473
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc9821f-1949"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c0e3744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wifi-1.jpg
19216801.one/wp-content/uploads/2019/11/ 4 KB
4 KB 35ms
34ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/wifi-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/wifi-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14788958
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD4cDb2xlX313CKbe2i5mt8Ncyyr0f4DowQJOQd3oNou86dyystOpGoDKskMEbEJ79TJCoXYMrTndhrhr%2Fz93R4WuinMtmvaK9IBphwA0VBZ5t6Kv3Fs1Opmw0tpzPjrxTFf70beEFFWevs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4179
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f50b-1053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c0f3744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 privacy-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 40ms
38ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/privacy-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/privacy-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4641501
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgrtgPmr8lx%2F0QFtaylYBiFoiIzOpJ%2BtkZa1RQY9Yo8DR1jKFZ766pByZtLOGi2h65q7lxMZ34QXmJWs7KVlLssRd4mQX%2FF1oBFB6osYQcpDlUN4%2FgEWoYi4PcbHqWrrilFe%2FPGzs43qBdk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc6f50a-9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c113744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Movie-Streaming-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 32ms
30ms Image
image/jpeg 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Movie-Streaming-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/Movie-Streaming-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4632941
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkA7vjEOlkFHW5sfd0wgqDTgVoAGL5mWFnCrj6zqHnkWTLm5kAlLsIZDXOSAHWfhVBNBisrUFrQ5ciC0i6pc66VE6urYfxgyTVM%2BLsabkJ0bvx7ij1ERT9Mp%2FvbA3hXj6bKzx6a0f8%2B9HMc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6441
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dc98221-1929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 69c7877c6c123744-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 1 KB
742 B 24ms
24ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826133
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4R0sYU4ROtlFVEyxNOWG7dMSk%2BraJQtPKdGwVSUZXe3R7OcCQXN611aMXRV1AwjV3RP2jQo82v8zK9XXl15e9T7%2BoXdZPMZewk4yExdLz7NpTFzLuce5XbVUpNuDond1vdzgUBW2HQCgHw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c4bc63744-MXP
expires: Wed, 20 Oct 2021 07:35:11 GMT

GET
H2 200 skip-link-focus-fix.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 650 B
676 B 23ms
23ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2049501
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2N40K1amnM8RnXE8nMZyFnxTV9g%2FhQczWoyH%2Fg7yYUOQi6KXRSCXa6K6JMMBtVW8mvtmucya0reHlNVzpuZGI%2FnIg5goWK3Z7fvwad8ZBP8JzJqK%2B37rAwXFviKNFd3qsLGDTpbzDyqZi8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-28a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c4bca3744-MXP
expires: Sun, 17 Oct 2021 17:32:23 GMT

GET
H2 200 oembed-adjust.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 455 B
589 B 31ms
28ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2043837
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1mKx3Ac2UwFQezlZVcrbV7%2BkkNvil5WiN3s1GDPOe%2BeWmzywCGPMv6Ykq9TndU7aEQzcpevG%2FsaQfjjhAaZ%2BpiNz%2FqCRM4MmvIlcofR5S5nVia3cBqRJh5zdHGmmXTJps4ofVQ1eZPo3rA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-1c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6bfb3744-MXP
expires: Sun, 17 Oct 2021 19:06:47 GMT

GET
H2 200 accessibility.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 569 B
989 B 40ms
37ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826133
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl0X12r6f8wKxxb60JitmEHIJEZhVJEb1aVWziamghbYqSSkncdxx3LNywRwydb6UOKH1ajUawr2ht9FtwgRi1r%2Fh3m5ELxSUW8ccQRD3Xyzi8JXxc2V06CDZHHCoiavGHschQBAXo72Rsk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c033744-MXP
expires: Wed, 20 Oct 2021 07:35:11 GMT

GET
H2 200 wp-embed.min.js Show response
19216801.one/wp-includes/js/ 1 KB
1 KB 35ms
32ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-embed.min.js?ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29098
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsEqJiUmhnE9XkU67IcLj3aFEv3UIdtRDxH0wwgk794%2F1ac5c0%2B0ex2GoaNJ5xNgJGzzwtAo3GqHq5qNl%2FTljY2ab0pEHjPBU%2BTu%2FjK%2B%2FdqZQy6q0TDxWyd7MWU%2F8Ftc0VQ85R%2BklfaOvEM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607892e3-56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c053744-MXP
expires: Wed, 10 Nov 2021 02:45:46 GMT

GET
H2 200 frontend-modules.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 46 KB
14 KB 32ms
30ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieu1ynqfCXtclyf0YbHoc6eFuysrRoatigj%2FD7hk0Wh2g52wTYZvTqyZJbJsSdlHq%2B5LV%2BDh4zbgifuXjwdTG8Q4Mm0F7%2BA34OY9HArV78%2BZ8LsPkWk972UsTYs5BXMf06ZNjflOA3BFaOA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-b82f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c063744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 position.min.js Show response
19216801.one/wp-includes/js/jquery/ui/ 6 KB
3 KB 31ms
29ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2040793
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUhNRHbzRWOm5Y41kwrmC1b1FJKK%2F5UJ898M2ursA61HDj9inOuLfKOIX7RJPQl%2Fffe%2BoETnQL1B1jU0ASVHuk7L7j2Fs%2Fw50D3hZV2b3QBxtfVYLjvtip%2BUu8qI8vmAY4WSzqEy8JucWmM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607892e3-1926"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c073744-MXP
expires: Sun, 17 Oct 2021 19:57:31 GMT

GET
H2 200 dialog.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 29ms
27ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bu2QFDGWHyszvru2NIydGNSJgmySV6sdk9FIff5cBT%2FzDVz5y%2FIrx4EsyaIFg3n2U92l3yNpAo8Ir2R3G6gEQSRuXxUDuU5aoCTYON1UnJI3AP9Yb8kMimW1%2FOZSTjbB8ryGs7J4TALDyhE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-29b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c083744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 waypoints.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 31ms
29ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU4YA%2BHG3SjMHtk4FoNhp4srPm4zYfPnw9kUA1q%2FUpERujIjxWc2Iy6Phc8UNMgM%2B6mE3yrSZBLgPRxALlUGFBTeYWEShQu4InPYMJgDGkHh1qF30rt%2BPOBQ4r%2BkKeyNNdKPzbUhMu3YMR8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbc-2fa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c093744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 swiper.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
33 KB 36ms
34ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd6efDQbl3MxTsM770NncU1T6dnBRJx1bEB7ru%2FjHysUYBvLkGOq7bAoWRZUDt132yOuf8FkxaUjaVOZaZPuOxmYjcytUO%2F94kz8NzMglwh0AwWEeJOEa17IjthVdb5PfL6pMWE0Pq%2BoF3k%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-1ea8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c0a3744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 frontend.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 92 KB
25 KB 41ms
38ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826038
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkRScYkHn3eIIj0f8Sdxt9v%2FIswq01c0o5O7O6n7mOUblhnx2i2p5bpmWHn9rHEmwaRIdaXm62qot4NsDMMpEU5COeGYcFYiu4joIEt3Q%2BamL95u8tzg%2FLuSW8TUxuUpN1Yb5Av4CD3CeiM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dc6efbd-16f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c0b3744-MXP
expires: Wed, 20 Oct 2021 07:36:46 GMT

GET
H2 200 wp-emoji-release.min.js Show response
19216801.one/wp-includes/js/ 14 KB
5 KB 39ms
38ms Script
application/javascript 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-emoji-release.min.js?ver=5.3.9

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29098
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4xfum6JMFM0yU3dQRN%2BijQINi35BX3N2OzSxG52%2FKWXOB5%2FNesortaGlPZGXFAlXBZnxTdis6rVBXpzHgNvnnJqZIFAf3hdY3TP6%2Feh5wwbvP1FvrhoJGhPsBoz1TyTI6u6LK6xjONs2%2B4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607892e3-3619"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c133744-MXP
expires: Wed, 10 Nov 2021 02:45:46 GMT

GET
H2 200 style.css
19216801.one/wp-content/themes/simple-grey/ 661 B
1 KB 34ms
33ms Stylesheet
text/css 2606:4700:3032::6815:1693
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/style.css?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1693 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simple-grey/style.css?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 19216801.one
referer: https://19216801.one/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845137
x-powered-by: WordOps
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZRKypoYxX6QJn703SBf4W%2Fjx0AuMgM8TUGK7flBSdPhF6ScIvGkFN9nD1ZU1w190qbU7hvK%2B3pqNEori7kKYLYxGiLm0iSlu41RC1Vf50tCD%2FQ1vR0rCijxIPgOfOoQ8hpAj89DNIGonO0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d76850c-295"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 69c7877c6c153744-MXP
expires: Wed, 20 Oct 2021 02:18:27 GMT

GET
H2 200 T0pRdUc0aCICGDo4PVd9bSIlATc8cH5adnZ4YEN%2Ff3t%2FGikqZSICankuMEciYSAiV2ttOTwTZXV7fVczLi0OHCNtcHNNdX15YEBlY2giACUQIzVHZXVoZEN1eylnRyNicmlAcWJ%2BYkcmYitpFiJieGNEdHx%2BYhQmfHIyVzo Show response
aphycolourses.info/ 56 KB
21 KB 328ms
105ms Script
application/javascript 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/T0pRdUc0aCICGDo4PVd9bSIlATc8cH5adnZ4YEN%2Ff3t%2FGikqZSICankuMEciYSAiV2ttOTwTZXV7fVczLi0OHCNtcHNNdX15YEBlY2giACUQIzVHZXVoZEN1eylnRyNicmlAcWJ%2BYkcmYitpFiJieGNEdHx%2BYhQmfHIyVzo
Requested by: Host: 19216801.one
URL: https://19216801.one/sw-6da2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 58f5ba20dc6f553e8fdb68bd140487c8c42ec16071c310acbe52e13d6807dabc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"df76-AvRIy0bE6716kqLdnoMBVK4gYbA"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 44ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 323173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:04:31 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 47 KB
47 KB 53ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 397119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 20:32:05 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 191 KB
65 KB 216ms
93ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: br
last-modified: Fri, 08 Oct 2021 08:33:42 GMT
etag: "615fd836-1031a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66330
expires: Mon, 11 Oct 2021 11:50:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/ 257 KB
95 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4812870882449745&plah=19216801.one

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2f3c118bd591281d5d16ba63d77ab8c6ab5fb10cf4d24a8f8f6522df6174318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97116
x-xss-protection: 0
server: cafe
etag: 5245556918410880553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 10:50:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/ Frame B922 10 KB
5 KB 71ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211006/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 10 Oct 2021 17:14:18 GMT
expires: Sun, 24 Oct 2021 17:14:18 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 63386
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
656 B 39ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=19216801.one&callback=_gfp_s_&client=ca-pub-4812870882449745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4812870882449745&plah=19216801.one

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7123a5e0a51919df0153fff22a116d79c0be26cf84e6adc292784b1bfec9a16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=19216801.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 67ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=19216801.one

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 10:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEC9 0
188 B 67ms
67ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1633949444&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444658&bpp=2&bdt=233&idt=73&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4540328693991&frm=20&pv=2&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=2&pvsid=2657572123641449&pem=178&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1633949444&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444658&bpp=2&bdt=233&idt=73&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4540328693991&frm=20&pv=2&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=2&pvsid=2657572123641449&pem=178&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 11:05:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:44 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F71 86 KB
29 KB 737ms
737ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a3e94f73377432c94e57a168e9920dff0c278c7ad4fde6196c0b4e501be892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 10:50:45 GMT
server: cafe
content-length: 29077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 11:05:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 2024ms
1972ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c18552b95b71e872a75b7ff7db3b56912d6e976379cb98578d37222c81f70748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27537
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547232125660"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 10:50:46 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tagging_dupdiv&b=1&dp=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2059 85 KB
28 KB 608ms
608ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02b495af3c0e04d03b5736f07a8c4a64f3cb2657ed7094db04970b7b55b8b1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 10:50:45 GMT
server: cafe
content-length: 28898
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 11:05:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BE6 67 KB
25 KB 535ms
535ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

514bc637b1224c2308266cae29b22f57e8e2fff043c3fee5aa8c2b7647648d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 10:50:45 GMT
server: cafe
content-length: 25781
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 11:05:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9423.C16yYUr-1KF5W8eJ8lmDPBV6-IJPn2rD92uYdofaOT-0GVGRtMKJtjqwfjK68XwH.FWpHzCOTJLoCdCUw4im1qRyqGBU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9423.iacuKnliMmjKqfcWy9p4QydxdxX70Wax36IL3jknYbtTBbW1963EmQEbgLx4iVVnm3nkfnDX1obskuGVbZiAAA%2C%2C.TIp4mLC2XDiWBRh68oOmAZExhpM%2C

75 B
75 B

49ms
49ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9423.iacuKnliMmjKqfcWy9p4QydxdxX70Wax36IL3jknYbtTBbW1963EmQEbgLx4iVVnm3nkfnDX1obskuGVbZiAAA%2C%2C.TIp4mLC2XDiWBRh68oOmAZExhpM%2C

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9423.iacuKnliMmjKqfcWy9p4QydxdxX70Wax36IL3jknYbtTBbW1963EmQEbgLx4iVVnm3nkfnDX1obskuGVbZiAAA%2C%2C.TIp4mLC2XDiWBRh68oOmAZExhpM%2C
date: Mon, 11 Oct 2021 10:50:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:44 GMT
last-modified: Fri, 08 Oct 2021 08:33:42 GMT
etag: "615fd836-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Oct 2021 11:50:44 GMT

GET
H2 204 utx Show response
chauffers.xyz/ 0
412 B 158ms
98ms XHR
text/plain 13.225.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chauffers.xyz/utx?tid=822315&top=19216801.one&cb=XhfJ0kjK8Z1G
Requested by: Host: aphycolourses.info
URL: https://aphycolourses.info/T0pRdUc0aCICGDo4PVd9bSIlATc8cH5adnZ4YEN%2Ff3t%2FGikqZSICankuMEciYSAiV2ttOTwTZXV7fVczLi0OHCNtcHNNdX15YEBlY2giACUQIzVHZXVoZEN1eylnRyNicmlAcWJ%2BYkcmYitpFiJieGNEdHx%2BYhQmfHIyVzo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-52.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:45 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://19216801.one
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: uMq99NBsH1dPgVTYFIE5LdPoEV8Mn2yeUnbIjP8IJ7VqMB9FmreVnQ==

GET
H2

200

1 Show response
mc.yandex.com/watch/55749736/
Redirect Chain

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

350 B
432 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A398106397926%3Ahid%3A99831657%3Az%3A0%3Ai%3A2021010110105044%3Aet%3A1633949445%3Ac%3A1%3Arn%3A932648572%3Arqn%3A1%3Au%3A1633949445809017988%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633949444025%3Ads%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C15%2C%2C%2C%2C565%3Adsn%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C14%2C%2C%2C%2C566%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633949445%3At%3A192.168.0.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

fedfae42879de0b817d53fb3138dfe2465cafafb4b3f7f039fe0b54b4a36e8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 11-Oct-2021 10:50:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 10:50:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:45 GMT
last-modified: Mon, 11-Oct-2021 10:50:45 GMT
location: /watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A398106397926%3Ahid%3A99831657%3Az%3A0%3Ai%3A2021010110105044%3Aet%3A1633949445%3Ac%3A1%3Arn%3A932648572%3Arqn%3A1%3Au%3A1633949445809017988%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633949444025%3Ads%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C15%2C%2C%2C%2C565%3Adsn%3A0%2C42%2C141%2C4%2C214%2C0%2C%2C165%2C14%2C%2C%2C%2C566%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633949445%3At%3A192.168.0.1
strict-transport-security: max-age=31536000
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 10:50:45 GMT

POST
H2 200 / Show response
hereabithec.xyz/ 0
37 B 368ms
106ms XHR
text/plain 44.198.9.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hereabithec.xyz/
Requested by: Host: aphycolourses.info
URL: https://aphycolourses.info/T0pRdUc0aCICGDo4PVd9bSIlATc8cH5adnZ4YEN%2Ff3t%2FGikqZSICankuMEciYSAiV2ttOTwTZXV7fVczLi0OHCNtcHNNdX15YEBlY2giACUQIzVHZXVoZEN1eylnRyNicmlAcWJ%2BYkcmYitpFiJieGNEdHx%2BYhQmfHIyVzo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.198.9.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-9-0.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://19216801.one/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H2 200 8691886205056368080
tpc.googlesyndication.com/simgad/ Frame 6BE6 37 KB
37 KB 38ms
15ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8691886205056368080?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmcyAsjgZIqeAwL9_xHCicty4z-RA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5284347f74e083ea66734e8760bc7c81b62732fcd4e35572fbec199c848cb5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 11:08:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 16:38:32 GMT
server: sffe
age: 258151
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37406
x-xss-protection: 0
expires: Sat, 08 Oct 2022 11:08:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 6BE6 18 KB
8 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 6BE6 3 KB
1 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:46:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BE6 123 KB
38 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 6BE6 14 KB
6 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:21 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 6BE6 27 KB
11 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac244053a1b6574a990d3bfa0536eb9c64e1c9736fb7384b4c367de64891d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11129
x-xss-protection: 0
server: cafe
etag: 7413922213441039714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:07:12 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BE6 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0flWBBdkYayPMeTF7_UP16CDgA_zm8jDZbvM6oisDvvn6fH7HhABIKKR601gleKQgqAHoAGSmav8AsgBAqgDAcgDyQSqBN8BT9BE8oKsESBAH08Dfie1EPmf8UunmZ0q17G298MQIMHlu2nOevepExL1c6rbPXNh9KgYVS6SA-PDuGMS_RyJBgXnWokf9nVyIUMCdQGCaOpYxArS6E3TM_C5cOIGB3S_QY0GBjEc5Fj8dW_bx4cBm2W-OtMUarwt1i-VLKD1MUwXJA-OVBmIT-C3P7jZ8Q3Ff7kcDjDitp3YCVJlRTuLaUCrdOALlkRjfSWUQnTRlWYQXeHjBJFM2mGmV740mCfMYb5F3G9f4RGjgxfG41U-uidMqhYP4u9vDYP001g9ucAE5oW38LEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9bm1IMBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCevwXSCAkIgOGAEBABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDgxMjg3MDg4MjQ0OTc0NRgA&sigh=V4wMifHXAw0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 10:50:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 58E9 143 B
226 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444663&bpp=1&bdt=238&idt=115&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HVbra2Z1Bi&p=https%3A//19216801.one&dtd=117

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 10:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6BE6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8edc3ff6c488e38c65ae8917deb57ea157cac33592cb5b81c8690eac61d82ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 f14dc7a62bcf992c762f7db4d8023af3.js Show response
www.gstatic.com/mysidia/ Frame 2059 7 KB
4 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3144
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
H2 200 51960db45470192acc393a412d64dac5.js Show response
www.gstatic.com/mysidia/ Frame 2059 8 KB
3 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3401
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Tue, 04 Jan 2022 09:28:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2059 3 KB
676 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 10:17:08 GMT
server: ESF
date: Mon, 11 Oct 2021 10:50:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 2059 1 KB
944 B 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:45:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 2059 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 2059 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:46:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2059 123 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 2059 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:21 GMT

GET
H2 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 2059 26 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 58E9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

47ms
46ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 11:50:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame B25C 35 KB
13 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 09:08:57 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2059 0
0 72ms
72ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COZG4BBdkYZDvMPqf7_UPiI2N2Ae-9uPzZO3m4fCcDsCNtwEQASCiketNYJXikIKgB6AB9dKe-QLIAQGpArU1OUF7brM-qAMByAPDBKoE5QFP0KhyLfTK3Cei1KhNcm1EzSU5uuhHTpdsTqrrwQADX8fIbD1fqC4zDOiXAlZR7pTHsRThvJ7kEOQCBZ1TgRmELTDxxKpvnOtEN4pTUHFcdC51m3n0KPCPQ_ZPILzEQJdIPli-Nah9wFhBHEbuAVQuF_ZwCm9t2WUcgOAlKcsy8Eyi1KtxFSglb5xVKQR4GeW58GllUeje0nK3-A0aVWX55XkYETK5k_2NxOTT5cnm_xFP9QER2wBeebMYEE6lN7u2DKzLWrpF7HGidCxC8miiocST35MrREqaAKdX6ZimlSSDULd2wATz9Zvu7AOSBQQIBBgBkgUECAUYBKAGZoAH86zhhgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEJeJCdIICQiA4YAQEAEYX4AKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00ODEyODcwODgyNDQ5NzQ1GAA&sigh=haJoorZ4Y1o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 10:50:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 f14dc7a62bcf992c762f7db4d8023af3.js Show response
www.gstatic.com/mysidia/ Frame 9F71 7 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3144
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
H2 200 51960db45470192acc393a412d64dac5.js Show response
www.gstatic.com/mysidia/ Frame 9F71 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3401
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Tue, 04 Jan 2022 09:28:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9F71 3 KB
653 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 10:18:12 GMT
server: ESF
date: Mon, 11 Oct 2021 10:50:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2432 143 B
198 B 14ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1633949444&psa=0&format=300x250&url=https%3A%2F%2F19216801.one%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444662&bpp=1&bdt=237&idt=111&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1xbzG4FKXT&p=https%3A//19216801.one&dtd=114

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 10:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2059 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e68ce7635abe232c8f07fcf3751d9bc4158e8e1a81a3364068586e6f4502ff6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 9F71 1 KB
898 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:45:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 9F71 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 9F71 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:46:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F71 123 KB
37 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 10:50:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 9F71 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 10:49:21 GMT

GET
H2 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 9F71 26 KB
11 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2059 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 526000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 08:44:05 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2059 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 542548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:08:17 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9F71 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL3yJBBdkYbW7MN_H7_UP3KSrwAXfgO-ZYP6Mw8GmB6qWg7HoDhABIKKR601gleKQgqAHoAG4hc2dA8gBAakCDf09FULUhD6oAwHIA8MEqgTfAU_Q8XU5cCZBjrAknOIBZWtIPD1M8qgMJqsL_PMS7y_eGygXQpYpa7u-QpoGloW38h0a4pIB4IeEqqFYm7LejU-WL6r_JV9K2TpvhxMB6-yxmBkCNJCOP39ZhBffmMxH3SU-fVQn9cgjLYrxI4R6igyVdG__V7UFdwkPKOtSWfpAc_-dXNM1YIkPXoi66-uPNQHxRN61PH5F-Jy9BhsbW_V8NFKwN1Wh8322fj-bCzRhZ9tl2C7oNSKYZ1opUL1SCFY52KhPNSbQ4mwz1AMSW3eodld7W8bKdQZ9leOtdSnABLSMjPWoAZIFBAgEGAGSBQQIBRgEoAZRgAew-rJiqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBRDvzYkC0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ4MTI4NzA4ODI0NDk3NDUYAA&sigh=AR4Pmgyyz1o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 10:50:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EE1 143 B
198 B 36ms
35ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1633949444&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2F19216801.one%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633949444660&bpp=2&bdt=236&idt=103&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4540328693991&frm=20&pv=1&ga_vid=652756272.1633949445&ga_sid=1633949445&ga_hid=202003392&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062931%2C31062949&oid=3&pvsid=2657572123641449&pem=178&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oT1hJg2RrN&p=https%3A//19216801.one&dtd=110

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 10:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2432
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

46ms
46ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 11:50:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9F71 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dacd55dea78dc2c755d55cd54f16abe9fc2c8734a3ac86695b380e76e74e6ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9F71 21 KB
21 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 526000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 08:44:05 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9F71 21 KB
21 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 542548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:08:17 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EE1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

51ms
51ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 11:50:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 10:50:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 10:50:45 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FB7 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 09:08:57 GMT

GET
H2 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame D28C 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 09:08:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 48ms
23ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211006&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab336489f2945544572d1ac0a282d6ae3a54ad7adaa5c7a7f0560b206791211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 10:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8490
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F71 42 B
174 B 54ms
30ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNis7b4r-9jIWFOofRZHpW8gYiDezUp9GsmfSw0dx2ghYUA2KdVgqVSq4v8etcm_2Gq-ZWibouQyOlwl9tgDcXnPDVDnyXzcoC0smFOzwZZQqUz2i8Fg&sai=AMfl-YRarVRVA5a6DTGavvD8tBDVrGuvC6WaH9Gl-qox3YIWmNCpJywTi15gAYn2VjPSd3kZDpY1c8KF3DeU&sig=Cg0ArKJSzOBqkMlN9xLcEAE&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3451990369&rs=2&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633949444770&rpt=1055&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 11 Oct 2021 10:50:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5536 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 11 Oct 2021 08:23:31 GMT
expires: Tue, 11 Oct 2022 08:23:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FA7 783 B
1 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bacd60b489fdb5c581fb838a770e1051a949f218a9a8810cd490fcfe294f27c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/hp/pU2/VcLv+G5dEI8bBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://19216801.one/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 11 Oct 2021 10:50:46 GMT
date: Mon, 11 Oct 2021 10:50:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/hp/pU2/VcLv+G5dEI8bBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5536 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 09:08:57 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FA7 0
0 72ms
71ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211006&jk=2657572123641449&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 50ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211006&jk=2657572123641449&bg=!8vGl8bXNAAbGFvHlxhY7ACkAdvg8Wh99OPPn3OhW_OgJ_5bDBeUJm5yWVpWkCVGz8H8eLEEi9hAUfQIAAABfUgAAAAtoAQeZAr1a-hAWJ-dVTqmU31NqCJX1XBWgTT5w4CLJYDa2kKl8LsPn-rGe2CBhmuJWqE7I99UckDFrPYIaOJM-4FCBP-w1KfEJ5jJBxHhNoAYqD7e4UDCX1cr4yLLSn6xzd2x7E90BxEj3F2Up6fbNFxGROTdQSW7Jl1WNIbU9omf6_QCX11u_-t8DSRp8glf9oqoMUS-7VZ4nQeS5hCjaOVey3-_XS1fNJAAIJD9hfNNyRyz8f8rFKrdAmw4tWetL2q6DVgXpQmgbBZ8Es-JfWzM1ATZJlRvGOJ4-iLZMGBT46Cct2Nb-nzk8NpOjcWK1l5jUUeQd7QG226yRIyvWgwKS5iwS7ifdKy_hD-Rqpc9ILPvEp5-qUqgrcm9t954FuMq6hCgqpHMa_uJSxCxR7mrguvgKKLjpwVrOgE7ANQ255Ejzl25wGpxn6RHoQiVJsFy_xdY5jIPmcHtB030TkpyHgoie5Ix-xxW3q73naLZZBj3lH-0EZyxZfQoImhmuGF0xYPo1YQBMtB6m7AUwLnHOqu4Bq2A0dCus4A2VwCVKUAE2TU1WgH6tcJnWBc64AqrX8jJNNJWpqkEqKKwDM9-L_IndU3sMcg7PAUwsnkfPeaaIHvQgP-uPkessHizKqY0O-Vxm9h20vaiRyQBC6VWbGQhgmTG8-sHsGChOBQvTsJBrR-WOkfLd-Y8bemYEdCMdGhPDMQYyf44yio8cvVOEF6MM0t_gkLuF-x0ErcsQWWsVjJHjzO252GavWam7WCD9TKG0uGKvJkTX_zhBBLAFxU2J7OG_zsPZyjI_nVGHlEJylWqWGtPDRH69iLUHwiiv07WwofSX6cARQE0w3eeEJJwU1W6wYw4gFYh34BFFSdTilNdTZwu9sTywAAc9mWeQIdm3O747iNPphm7y8zdzl8ZBFg41PnRU6DRYPjKbFQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 10:50:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.19216801.one/	1970-01-20 07:14:05	Name: __gads Value: ID=2e84d42085195760-22c8df71ecca003c:T=1633949444:RT=1633949444:S=ALNI_MaKtwTSHDcuE-T1N8o44nj-eFba8Q
.19216801.one/	1970-01-20 06:38:05	Name: _ym_uid Value: 1633949445809017988
.19216801.one/	1970-01-20 06:38:05	Name: _ym_d Value: 1633949445
.mc.yandex.com/	1970-01-19 21:52:30	Name: sync_cookie_csrf Value: 3978865115fake
.19216801.one/	1970-01-19 21:53:41	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 21:52:30	Name: sync_cookie_csrf Value: 2218751744fake
.yandex.com/	1970-01-20 06:38:05	Name: yandexuid Value: 6869135611633949445
.yandex.com/	1970-01-20 06:38:05	Name: yuidss Value: 6869135611633949445
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 458721101633949445
.yandex.com/	1970-01-23 13:28:29	Name: i Value: R38ZuAp8crxn+L7o/KU1PCO2ukIb3MQS4SUQ1/VTbLEP7KJUtaubvWbateSAhWXjzKbx3xd4Av/9mSh1E9TbdY+tiDc=
.yandex.com/	1970-01-20 06:38:05	Name: ymex Value: 1665485445.yrts.1633949445#1665485445.yrtsi.1633949445
.doubleclick.net/	1970-01-20 07:14:05	Name: IDE Value: AHWqTUkJAilyf0SVbYc4tyEjfeWMinFcj2etQe9U-HaLSCh04enCjcN6FDTEFROYdOQ
.doubleclick.net/	1970-01-19 21:52:30	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:52:33	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9423.iacuKnliMmjKqfcWy9p4QydxdxX70Wax36IL3jknYbtTBbW1963EmQEbgLx4iVVnm3nkfnDX1obskuGVbZiAAA%2C%2C.TIp4mLC2XDiWBRh68oOmAZExhpM%2C Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19216801.one
adservice.google.com
adservice.google.de
aphycolourses.info
chauffers.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hereabithec.xyz
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
13.225.87.52
142.250.181.226
2606:4700:3032::6815:1693
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a02:6b8::1:119
44.195.137.121
44.198.9.0
02b495af3c0e04d03b5736f07a8c4a64f3cb2657ed7094db04970b7b55b8b1e3
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
17ccc4693d5b9ad1667e418b00bc4150db6745557a2b2b06e2c83c14cae858fd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
40219331bb08dcb46fb5f18befd12f51f9096303c25fce9665ddaba207bcb84b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ab336489f2945544572d1ac0a282d6ae3a54ad7adaa5c7a7f0560b206791211
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
514bc637b1224c2308266cae29b22f57e8e2fff043c3fee5aa8c2b7647648d9f
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
5284347f74e083ea66734e8760bc7c81b62732fcd4e35572fbec199c848cb5e4
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a3e94f73377432c94e57a168e9920dff0c278c7ad4fde6196c0b4e501be892
58f5ba20dc6f553e8fdb68bd140487c8c42ec16071c310acbe52e13d6807dabc
5dacd55dea78dc2c755d55cd54f16abe9fc2c8734a3ac86695b380e76e74e6ff
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
7123a5e0a51919df0153fff22a116d79c0be26cf84e6adc292784b1bfec9a16d
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
7bacd60b489fdb5c581fb838a770e1051a949f218a9a8810cd490fcfe294f27c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8edc3ff6c488e38c65ae8917deb57ea157cac33592cb5b81c8690eac61d82ff1
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
9bf980bac2c9589913da19ec43dd255548771e2ff6599b9f0a5df8d56b85f2e7
a2f3c118bd591281d5d16ba63d77ab8c6ab5fb10cf4d24a8f8f6522df6174318
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
ac244053a1b6574a990d3bfa0536eb9c64e1c9736fb7384b4c367de64891d43b
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
bd523cd14a60804c7ba09eba659a9ca26e900417b0576da36521bdb318390b3f
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
c14b6ecea28d110fbf307fa31e248c1eca0e7b6e5895b462ba1782906ea54307
c18552b95b71e872a75b7ff7db3b56912d6e976379cb98578d37222c81f70748
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e68ce7635abe232c8f07fcf3751d9bc4158e8e1a81a3364068586e6f4502ff6e
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fedfae42879de0b817d53fb3138dfe2465cafafb4b3f7f039fe0b54b4a36e8ee

19216801.one Open in urlscan Pro 2606:4700:3032::6815:1693 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

73 %IPv6

14 Domains

17 Subdomains

16 IPs

3 Countries

1133 kBTransfer

2917 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

19216801.one Open in urlscan Pro
2606:4700:3032::6815:1693 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

16
IPs

3
Countries

1133 kB
Transfer

2917 kB
Size

14
Cookies

103 HTTP transactions
3 data transactions