19216801.one Open in urlscan Pro
2606:4700:3035::ac43:cd55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://19216801.one/
Effective URL:
https://19216801.one/
Submission: On September 01 via manual (September 1st 2023, 11:50:48 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3035::ac43:cd55, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19216801.one.
TLS certificate: Issued by GTS CA 1P5 on August 11th 2023. Valid for: 3 months.

This is the only time 19216801.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:1693	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700:303... 2606:4700:3035::ac43:cd55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1 11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
104	21

1 2606:4700:3032::6815:1693 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:3035::ac43:cd55 (United States)

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

itweepinbelltor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddien.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	19216801.one 1 redirects 19216801.one	254 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	262 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 603 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10696 csm.eu.criteo.net — Cisco Umbrella Rank: 10389	178 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	58 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 11461	3 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	155 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10282 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 19450 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 11410	52 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104 www.googleadservices.com — Cisco Umbrella Rank: 149	328 B
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 4191	75 KB
3	itweepinbelltor.com itweepinbelltor.com — Cisco Umbrella Rank: 487744	12 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	4 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	itskiddien.club cdn.itskiddien.club — Cisco Umbrella Rank: 44794	31 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11732	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
104	16

	Domain	Requested by
33	19216801.one	1 redirects 19216801.one itweepinbelltor.com
9	static.criteo.net	ads.eu.criteo.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	19216801.one pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	mc.yandex.com	3 redirects 19216801.one
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	mc.yandex.ru	2 redirects 19216801.one
3	itweepinbelltor.com	19216801.one itweepinbelltor.com
3	fonts.googleapis.com	19216801.one googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googleadservices.com	19216801.one
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.itskiddien.club	itweepinbelltor.com cdn.itskiddien.club
2	my.rtmark.net	itweepinbelltor.com cdn.itskiddien.club
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
104	23

This site contains links to these domains. Also see Links.

Domain
192.168.0.1

Subject Issuer	Validity	Valid
19216801.one GTS CA 1P5	`2023-08-11` - `2023-11-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
itweepinbelltor.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
itskiddien.club R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://19216801.one/
Frame ID: 6026D8039183C27C3B70EDD8437AD0B9
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: 47D17F2ADACACEC4F2F4ACB4716883D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1693605044&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243865&bpp=3&bdt=295&idt=369&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=340538881320&frm=20&pv=2&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=389
Frame ID: AF3BCC958125DB31050F72DF638B1FAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1693605044&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243869&bpp=1&bdt=299&idt=393&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pNmVf3k1z5&p=https%3A//19216801.one&dtd=398
Frame ID: 7C69059AB0B881F683EA904E3619DE71
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243870&bpp=1&bdt=300&idt=401&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=StDb18hQPc&p=https%3A//19216801.one&dtd=405
Frame ID: BFD6FB5780E77C1CA95D7640C881B8DC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243871&bpp=1&bdt=301&idt=408&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=WiTLNErTK9&p=https%3A//19216801.one&dtd=412
Frame ID: CB753DF32CC43D775C5C0EF3E8251BBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56652EF281DEC0EA4851B45E9126060C
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPJ41AAEvuwKwkEXAAllslunDzFmtOM9vIS2fA&u=%7Co3tCognicd30UVFXRKgDZkRRA6ni8dwji6NcaHz7%2Bss%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86zGqt-9LwcFUyHYLJPbAPU3thJ0NDvwHGcWB_lpoS8wYo8xAKBofr__Ojj6pECXU5oAnEQtRM0_KHjZR2Xwj2S07Y23LJ1Jrm7wimv7Gcf2c61Xo__IjlrAKl5_TKvlKT3IqS-e3qUnC3Kn9ZsBheSLkgGipLLGT3HSwVEvZQotDceo4sR-du9Xnd3E_iepSB2fA6as7HsYQUvkA531DK14DCLVZ930ii8sAmefMWfA2wPfHNLw1W7eQwJawb8dsY2TUYERlXJF2_47dp9oboSV1DYZbiHwk8JzDhWPXxEMryOrNfQSup9aFaC1E5FUGDT0fXNubAwDy_BfehaP_H7ec2cymdP_-ZOV-EhFwW8nVic5QuAfyrrQGKn5nJZiSEziAHnAtcd_bCu2K_wn4YuTiwurHwmOHTi3k1NK7De1Ut_OTHUlYjuD6yWKCdG_U4NlcjZgtxNH-0N17P8_HN2mf3UllAYEgIuF-Dj7SYILFtI9Ze2UJr7e7e4OzNKgTTzVGoj67yxmMIteo9gxWHamesGfh-UWOfyFMJfN9d01fCJ2nSZNWY8zXjLIzUm64_VROotq0VuKl8YWbElaBAY0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Did1HjyZOz9EpeCiQayy6WYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDgxMjg3MDg4MjQ0OTc0NcgBCakCOB1EGzEXsj6oAwHIAwKqBNsBT9CgCFOptp3NGmPbK9JkTc1T6KDQLPQX8HBlp-CNnxT-UEz3byifi5wa07fWi6DptoLpqcHHEKP_VrxuPJq8BGidKPM9kL3mpgkZ_otMoZDYtLiAOt2dgS6OgHbfSN_YQEbmkMl-3spMT7mjCizFfSO4x8RZ6eoNRKwuYID_uuItiR1zonccHP4UFLFUfaEXeBTUljDgzqqnB-JcxOQvw3ehmbiGdfMjjwgBBvyN_rXF1OElNENrB3HjNiOSx1klbNHPGA5zuUvuG98_O16iSVylpcKUQ6PKtSlogAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jmkgfhT1FAExQYba-ij2usPm7Zw%26client%3Dca-pub-4812870882449745%26adurl%3D
Frame ID: D7F8FCA1890E121A6FD658CD249F6E26
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
Frame ID: DAE7ECCF95DBF5E610B6887F293280DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 881A45A2194E72F96D753D22AED861D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C8CD68806AAEF278A3AC79A1B107C4B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

192.168.0.1

Page URL History Show full URLs

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

104
Requests

96 %
HTTPS

76 %
IPv6

16
Domains

23
Subdomains

21
IPs

5
Countries

1201 kB
Transfer

2983 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1 Admin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10113.WNPH6u7ral7Ku1t42hYKQPxjg2_WZDLzi9hNAUgcI6VTVb-6H9LBWNrP4sYcQbC6.G4eycZD2kyl_lmmDXGdSx9IPRl0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10113._OIJv3-7E_e5ewj7X4wGTqwS9HLiOZqmPD6TH2DQ2Ub_090sHNtFYbR3bVlUQ5ySl1W6SB06h28LUR0gHnfkatPZNEKs54DotdsH_JUkY2A%2C.v4Lj_HBkHM7WbZBZQjCs8slTm34%2C

Request Chain 52

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1101%3Acn%3A1%3Adp%3A0%3Als%3A1054113601580%3Ahid%3A789710110%3Az%3A120%3Ai%3A20230902015044%3Aet%3A1693612244%3Ac%3A1%3Arn%3A712581115%3Arqn%3A1%3Au%3A1693612244351882300%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C18%2C278%2C4%2C210%2C0%2C%2C134%2C28%2C%2C%2C%2C645%3Aco%3A0%3Acpf%3A1%3Ans%3A1693612243057%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693612244%3At%3A192.168.0.1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1101%3Acn%3A1%3Adp%3A0%3Als%3A1054113601580%3Ahid%3A789710110%3Az%3A120%3Ai%3A20230902015044%3Aet%3A1693612244%3Ac%3A1%3Arn%3A712581115%3Arqn%3A1%3Au%3A1693612244351882300%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C18%2C278%2C4%2C210%2C0%2C%2C134%2C28%2C%2C%2C%2C645%3Aco%3A0%3Acpf%3A1%3Ans%3A1693612243057%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693612244%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 54

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10113.RNU0ToRHthM-TDpBocCCooVMH3zk-hdvq1rszcOCUHEl4FXo8AXr94B0pCumpoKv.3JT8FrfkHGJrthRT28HdY1WHmzQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10113.urxfJmGon-FczKKvY_A9U-XVLefjaFPKQEaZp9x5dTPtpIGMkiKE3fXtamyQosWraNuByHlQSLYjUMqrna9VuIgW_FCEJwfXDR6Mv_d98iA%2C.rVRT9HHEEW-9X-zsTdiTdIisIyk%2C

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=CTN8x1HjyZIvYEY3Ix_AP2Mm0oAihlMacct72w93YEcCNtwEQASCiketNYJXikIKgB6ABhertiCrIAQGoAwHIA8MEqgTdAU_QAYAqdZH6ZYPm2NWN4MV_nkjkdTu6EIdj7VlK3ctGnnENxTh1bx4LLmpkiHzevt093HxI3a3E0WpTvhE1TAFL93oFjpfEQMKxoJNgQD0afgCbmD79BxiGnY-ht7F6CmyN4C10W6oEZ6O4TFKhEH0dxG-m4ny1O4NXXG37gGYRnDaFuIgR1DS_3ul-c2ZuIWkJunv6hQ3XS0vFsaZZoGHc71JLohm9ZkY5v59VNGCZqwjrV8AaWynIHqye-wiQXO5jPDC0WF1-VcDwcTmzeFAqCPNRjR_xoXkH9dNKwAT-hvGQugSIBbaoopFMkgUECAQYAZIFBAgFGASgBmaAB4WivugEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmqcH0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJPWh0dHBzOi8vd3d3Lm9tZWdhcHJveHkuY29tLz9kZXZpY2U9YyZrZXl3b3JkPXJlc2lkZW50aWFsJTIwaXCACgHICwHYExXQFQGAFwGyFxwKGggAEhRwdWItNDgxMjg3MDg4MjQ0OTc0NRgA&sigh=1gxxSdrYhNI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWeIWytPD4s8XONk0c8xU_xe2MANp2fBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214136160973663749479%22,%22debug_reporting%22:true,%22destination%22:%22https://omegaproxy.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211292865797%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228905183217333955361%22}&andc=true

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
19216801.one/
Redirect Chain

http://19216801.one/
https://19216801.one/

45 KB
10 KB

297ms
278ms

Document
text/html

2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

0678a8b9a94d144ec6b760c0fff9b10cbce864e6434306cead4ed645feb5c1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80016ac89a9d9107-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 23:50:43 GMT
link: <https://19216801.one/wp-json/>; rel="https://api.w.org/" <https://19216801.one/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swNUjwAe3tUd29bLEaGG%2Fwc6dCU7czUWrVrhb1v108rh746SHdfwESrOzswH%2F67b%2B2AuT6BIbsU2lui%2FX9SIroqOl8DCbDAh37%2Fd2t%2BuUNLqSMnlTFbPNrIagAWJa82m4WPcHOMlspztka4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-powered-by: WordOps
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 80016ac758471e14-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 01 Sep 2023 23:50:43 GMT
Location: https://19216801.one/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojfAKZXZACgadNCmKr4397RD58DLidB71s7PInuCvMmVcbkoOxAZT714mrFmhyU5ALc%2B7aChYmFXsCpDCjBMyQ%2BHLr5wePDo7ghRuGBXl9YrF7KSgmTZS%2BUB5b%2FTWNNmDffs%2FztfOwii1C0%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Powered-By: WordOps
X-Xss-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
19216801.one/wp-includes/css/dist/block-library/ 40 KB
6 KB 16ms
14ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dist/block-library/style.min.css?ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1542869
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 11 Jun 2020 02:23:31 GMT
server: cloudflare
etag: W/"5ee195a3-a055"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSG4IXpqGjorzVzJOvTcXDv5Vk06VDmnbblYVv5n3vIKLJfOU%2Bx%2FuD%2Ff1TGGR01CV1ymsfPjVpiuo78ftIM1T%2Fv1BlP7yB57duIwDL3AEgw7Mz7op2uVME4mGFBgaoLyLPHDhtCaBXCvtCI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba39107-FRA
expires: Thu, 14 Sep 2023 03:16:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7f8d7494969108668dc0c3c8abfaa863b9fb7c079ea58fa235f38b331ca747c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 23:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Sep 2023 23:50:43 GMT

GET
H2 200 dashicons.min.css
19216801.one/wp-includes/css/ 46 KB
28 KB 18ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dashicons.min.css?ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1542869
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-b9cc"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2bgn9yxpa6rrBWR6B7xnsKIfPRLnjXsBRf8kgJNGZnuD164ieCUPSnzALrV4q8EWlv38U7Daugwl7Ort4%2F9SDRiqK1Msl9ToXzUN9gssnGuBA9y9Jj0dZZHL5pSV%2FYK014dinMYQFzaEK4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba49107-FRA
expires: Thu, 14 Sep 2023 03:16:14 GMT

GET
H2 200 simple-grey.css
19216801.one/wp-content/themes/simple-grey/css/ 91 KB
18 KB 25ms
22ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1542869
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-16ca4"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdeXlU7mtKqKXVKNQJyDldh%2FRH8m8lUOQfMbwjo2HI%2FaEz4XFeSant5OcPJjbi%2Byax9YjCf6x%2B%2FMpnNDwPnPEpXsmjO3XIds4kU7kVwED5JykRE%2B4yMpl7YVqHepgX6LZueRTnMMYn5JXBA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba59107-FRA
expires: Thu, 14 Sep 2023 03:16:14 GMT

GET
H2 200 default.min.css
19216801.one/wp-content/plugins/tablepress/css/ 6 KB
3 KB 16ms
14ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/tablepress/css/default.min.css?ver=1.10

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1267678
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:38 GMT
server: cloudflare
etag: W/"5de38226-16ef"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zB%2BtEySCAgtR2yZGIQOpEquUY0kQZBsusPF60Za7ZQ2qhp4hGxLe42aKUo5Yyo3%2FIAdtep81hxl%2FZc1mPblWYGWobLY3N11CTOrYeGm3qRrV%2BcHbp4zanZaeTV7inoqk1t7tXhmruYJIwm0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba69107-FRA
expires: Sun, 17 Sep 2023 07:42:45 GMT

GET
H2 200 elementor-icons.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/ 14 KB
3 KB 15ms
13ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 893971
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-38c6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acsqLplrKqKrtDMbVmix%2FmbixVS56iZ3UkCzknmHSt%2FIocmXBDS9lc1d%2B2S%2BXKQBtV5A32RvoJQOkBuz%2FzxRCmtwNQMl%2BVExsJqspwmVU%2F9O5Ifu6Kxv5dWXSaV1NrCujtfvKTwK5lDTLP4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba79107-FRA
expires: Thu, 21 Sep 2023 15:31:12 GMT

GET
H2 200 animations.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 20ms
19ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1343350
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-4824"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDCCCjrp00Yw%2BiOUowA3Fq9dAiU%2B2Ms4wxGPPobYruvdxWrYbjWPPfh7dXgGRlBmSVw5L2PD52P61Yg6cLbMciKlp7RfNJ4Ofnd16kqSSj7JYg%2BVJaSoD%2BQZVieMFv4yURaukU2BjmuCbIc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba89107-FRA
expires: Sat, 16 Sep 2023 10:41:33 GMT

GET
H2 200 frontend.min.css
19216801.one/wp-content/plugins/elementor/assets/css/ 101 KB
15 KB 19ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1340160
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-194d6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0rBoGikxVxwMvz8A99njtYwgoeK%2BS%2F22O1XzLxtH03pjmQkLBy056%2FH7R%2FGwtK194lZw25T2aHflrIWE3WSHwAwpjeQRm8sygU7YyCpjwqS%2B5SCi2ZhPk6aNA%2F7VHpWZzMExZL0joYAtu4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5ba99107-FRA
expires: Sat, 16 Sep 2023 11:34:43 GMT

GET
H2 200 global.css
19216801.one/wp-content/uploads/elementor/css/ 4 KB
918 B 19ms
18ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/global.css?ver=1573318726

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1882266
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:58:46 GMT
server: cloudflare
etag: W/"5dc6f046-f0b"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvaCxrRl8Q6oUBPIaPkdFFd0c0RqP4Il0tWAODj%2Bd5gF9V3%2FDnTdM%2BcLISSp1x395wHtq8mwr2aZOM%2BRJoLEw%2BlRFDW6vRr7uMO5aP9JUgRRTDCdhNS6w%2BYkhX2kg0jDK7cZaseDakoSbdU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5baa9107-FRA
expires: Sun, 10 Sep 2023 04:59:37 GMT

GET
H2 200 post-8.css
19216801.one/wp-content/uploads/elementor/css/ 14 KB
1 KB 17ms
15ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/post-8.css?ver=1596258357

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1882266
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 01 Aug 2020 05:05:57 GMT
server: cloudflare
etag: W/"5f24f835-39d0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkyvynYg9yAi7LLulQgoPmjuwH87qOja2P1%2BBHanUfBOi5gmzwBlOrqQZZ32YvepOaZHALOWVBiTBA4sjvTTwwvrFsN14U4j%2Bsc%2FAjVTVS9UhTt4VsaLoRops%2B%2B0NGBVMdg1Da952z77Vp4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5bab9107-FRA
expires: Sun, 10 Sep 2023 04:59:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 22:18:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Sep 2023 23:50:43 GMT

GET
H2 200 jquery.js Show response
19216801.one/wp-includes/js/jquery/ 95 KB
34 KB 20ms
19ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888088
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
etag: W/"5dc2dd10-17a69"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4NvEaP7J4PGoPF3VSwIM6jf7QttaiZxFk4eIKGXQEF%2FBq9tmaSzDy8ZztMYMWcXhJqTEaefFu1VBaZFEREQmzmQOmm7AteKxk24ZLvdmL%2F9oOI9sRGNxD5tiJflOoc%2BEuEymqBuJ8dzpi0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca5bac9107-FRA
expires: Thu, 21 Sep 2023 17:09:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
19216801.one/wp-includes/js/jquery/ 10 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1267678
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
etag: W/"5dc2dd10-2748"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhzmaJjy3qjo5uEx2uEAWce%2FTgxy9%2BltywdSam%2FaVX8VH2mmHQn2NkQnzPepstbkUNL4%2Fw%2FTF4MxGdC8h%2Bwbx%2B3Xz1crT%2Br4rasO7ENtFZQsOcJjoy2NS3fuQczWlz1J3qMzO0Dv%2BsXlb%2BE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016aca6bae9107-FRA
expires: Sun, 17 Sep 2023 07:42:45 GMT

GET
H2 200 micro.tag.min.js Show response
itweepinbelltor.com/pfe/current/ 26 KB
11 KB 67ms
12ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js
Requested by: Host: 19216801.one
URL: https://19216801.one/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 13:37:17 GMT
server: nginx
etag: W/"64f1e90d-68a0"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 125ms
90ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2880aba61fe6ecd4fd6d89ced30f8b75282a935ea6512ec7ce72b08878f6efb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50939
x-xss-protection: 0
server: cafe
etag: 15199387189978705581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:50:43 GMT

GET
H3 200 internet-speed-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
6 KB 17ms
13ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/internet-speed-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 5981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:03 GMT
server: cloudflare
etag: "5dc6f507-175d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdxURjWtwa7W1QnfmTAhfMlrAbq1lmPs5etmeBluWmOQEFyLrS0YX%2BLThTI48xMjK%2B0d2B%2BNX3YI9DqM3xcHIkGMyhNrxtMRQ0YLPCgY8IrMNOwIK3sHnB0DPwI5M7iNElA9ygn%2Fy9QgaZw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb323633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 isp-throttling-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 44ms
41ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/isp-throttling-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 2352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:05 GMT
server: cloudflare
etag: "5dc6f509-930"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lki76inyoy1EoiK7mMgWreWO0AmByoW1O617fMESdG%2FQcKbt%2FaX1jtI9LvA4dsS%2FEK4LX%2B7Yo%2BqhpAwf30o6RZXAya8FRLDhlsQLSQ9FpoX9DSK2aFGnxjkbdxbi55UFeM6J%2FQuut7LxbCE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb333633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Speed-Test-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 45ms
41ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Speed-Test-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 6473
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:35 GMT
server: cloudflare
etag: "5dc9821f-1949"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=docXeoDi6%2FPrb8aNNFCw4KS2HcRx1fxTytYqW0AwEv%2B%2Bq%2FgakBtNJRLeX02kZeo1BOlqFKsKCiAbm8J%2FEtWPKIlvBSKWLVjpImQbKn6tZJtHH8rdPoffuCSWfgo6AACV9a%2BkGcv1uTqJh2c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb343633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wifi-1.jpg
19216801.one/wp-content/uploads/2019/11/ 4 KB
5 KB 45ms
42ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/wifi-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 4179
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:07 GMT
server: cloudflare
etag: "5dc6f50b-1053"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l859BgLYU91LEI%2BYnJxTsb9kA2isGkm4hqvRNwiYaoUx3FzQIzj%2B3i2r8lRMASN9J9S4N3s6P%2FEH4vMTeiy1WQ8XekJLZvhIIbgLqDZIDrOTB1pHNr86eLB9kJrBbFjoihMZsMLSDH5TTQU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb353633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 privacy-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 46ms
42ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/privacy-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 2505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:06 GMT
server: cloudflare
etag: "5dc6f50a-9c9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTJ1cLEbwmHph0cH8tzBVN2iqMJYqgcjl5SJB5fjphoFNdq1GTVSK6O3m662r2zG91I5d40CkFAlYxbn6%2BoFj5DaTuTt3bHJeWwteLrpNLLoT8Nw0%2BXDj9Omg8li8vU52UI1U4qg2Wzru3g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb363633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Movie-Streaming-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 46ms
43ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Movie-Streaming-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18383611
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 6441
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:37 GMT
server: cloudflare
etag: "5dc98221-1929"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i6r9o5Vf10KBlg0515aw%2FDWLy4raD8atIiPjKFFALFcTu4b%2Fi1vDMF1np01QZCc6%2F0GpkO3k2zUKVKtASoMCcNCMShn2WejpjdZidD9b%2FqsE9c2w2sqCQwa0Q%2BtbEW95EndeTJxiB4P7dg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 80016acacb383633-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navigation.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 1 KB
1023 B 17ms
17ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238939
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-4a7"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DISGzSPO27lnQoSjjgMNdapmmtwA11HORvzsjx6BWk%2B3S0DxvJorhADpEFUgj8pYS2tGP2YrtkmvLGIWAfl%2FL%2FI6g2WhDCydqdA2%2FQBWuVSBYUjD3sxrQ2FMp2WLf1QnRcwTrjrRKNdvEY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acaab173633-FRA
expires: Fri, 29 Sep 2023 05:28:24 GMT

GET
H3 200 skip-link-focus-fix.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 650 B
867 B 16ms
16ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238939
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-28a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr86IJxTTxmExP7NCfmN9jCtTKXd6jzCA7fkhGSZ9LoGLBEfJrj%2B4IQl9SgKKt3y%2BnsioFB%2BQdRhRICLOAE5fX24hKDy04JuFY0x7hxTYV4WMI2tiGoFxERP1wQgRhV8TbN3KDcOHzxK45E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acaab1a3633-FRA
expires: Fri, 29 Sep 2023 05:28:24 GMT

GET
H3 200 oembed-adjust.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 455 B
837 B 14ms
14ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751654
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-1c7"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp5wG%2B0CEpCIV%2BeXAQ5as4SC%2BOXq9146SMvAN%2B3CSAKk7iUrLoKWPBQAxcujbudvA%2BTWYiaVPcmkH%2BAYE10QzfJzN6bsB6I31LvDeKJEDrt75IRE8A3TpkkqMq44I8xOdwHPv%2BUNseDC3U8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acabb283633-FRA
expires: Sat, 23 Sep 2023 07:03:09 GMT

GET
H3 200 accessibility.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 569 B
837 B 24ms
21ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238939
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-239"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4XjfChcEZLplHVOwrcAk%2FBfpMoPD0OgxF7CKuZ11BsYRgYpGtbXUn%2Bs%2B5NswEeAFULj7nVnKoia7olqjsqpIesVSfgjBRAuBOAxnPtzY4Un1aCVukzvKaliE0jFNWh8i8TtOngS8BS4WF0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2a3633-FRA
expires: Fri, 29 Sep 2023 05:28:24 GMT

GET
H3 200 wp-embed.min.js Show response
19216801.one/wp-includes/js/ 1 KB
1 KB 25ms
21ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-embed.min.js?ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1543652
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 17 May 2023 02:23:40 GMT
server: cloudflare
etag: W/"64643aac-5a3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooWzk7%2FwrBLmnYqUvhWeqwsApiAQlJkMvsYXQf7pmsqqkTrdirDMynoIj4xfDtKysWNPDOBGgt51pkpb2hlJjs78%2F0OLHlCyiU5q6HsvyqkU%2Fk8UrWmRqyM%2FKSCyoan5XbQNBFr%2BJizi9ew%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2b3633-FRA
expires: Thu, 14 Sep 2023 03:03:11 GMT

GET
H3 200 frontend-modules.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 46 KB
14 KB 25ms
22ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238824
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-b82f"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4kdv2FPk%2BIjPrU9lE8Gz8lvQRpsBKoh54sXrxV50XODgV7VHZq2mA6ni8pKVyVpcvIK28JHz8XdHHJMo4jPruKtwAbqY1Lz7%2B6qTHJLXIJuKhzT3LwO%2FJiPPfZB7N%2BI40GGLjtPmja7T%2Fk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2c3633-FRA
expires: Fri, 29 Sep 2023 05:30:19 GMT

GET
H3 200 position.min.js Show response
19216801.one/wp-includes/js/jquery/ui/ 6 KB
3 KB 33ms
29ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238824
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-1926"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKwCw0CmX1rkVWTe2d%2FjKKy6Y2%2B%2BgNXmwg4rpqrY2URxQm%2BlQhV%2BwywtiVTvnJ5tgpUCdW%2BDVJdfmPEkVSdDoE97aPJGOLDSBdB8FuGIz%2BfeBt8641MuecFElpBls3S30zZwyq0udpl9ues%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2d3633-FRA
expires: Fri, 29 Sep 2023 05:30:19 GMT

GET
H3 200 dialog.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 18ms
15ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238824
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-29b9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSr22YdrXTwsVJYgg3LGBR9VC4m9AAMa6SNc75rLrBKAPoXyB34Pnmg0rWoFVrKAEqezHckDN0hfZ%2FY9%2BhWGrbCkTk%2Fx3blO4yYj2OCj7%2FiWdL9pBd1En%2Bmicsufb1rmv8qUJli05m9q8hM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2e3633-FRA
expires: Fri, 29 Sep 2023 05:30:19 GMT

GET
H3 200 waypoints.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 34ms
31ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753751
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-2fa6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuhvYeKrzChBbIiUZlfVzCmqpn%2Bk5oJxfGpKgtLOD7IoJXE4cXu8YHiDCpownSR49Z5Kk8gQ5th8aAy6hgp5BDd0z4IdJTSEN8J9XKHVpGutzPMw%2FxbxYgNXqSuFH2%2FAeB3YAzFNR0kRhbI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb2f3633-FRA
expires: Sat, 23 Sep 2023 06:28:12 GMT

GET
H3 200 swiper.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
33 KB 34ms
31ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238824
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-1ea8a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZXHzgVacplKqfgmwCaMm1k5D3UfE7XjqYT68oSffcdnz04Pv09wSGR8xfon0zFVYtbgHXi%2FmvjAMMq3Zumqahoac3CEK2tvSQDFlwBxMbmTM%2Bs9RN%2B81p%2FCQC7vLfEAIhQTN8nxAdTHRbg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb303633-FRA
expires: Fri, 29 Sep 2023 05:30:19 GMT

GET
H3 200 frontend.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 92 KB
25 KB 38ms
35ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753750
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-16f43"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnUwRtHJZ4NfubTwbU9WrxwKSVeFgqVZpES3LK62Hkswbg6vuuYeadlloUlp3DIPrMrhabTy89uRtzZ2QZriOZ9aG6V%2FKRwgj4aYtKMtruFkGeoUagr1ONNzhYme6ZLKNbRJVPQzvVJ5EMg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb313633-FRA
expires: Sat, 23 Sep 2023 06:28:12 GMT

GET
H3 200 wp-emoji-release.min.js Show response
19216801.one/wp-includes/js/ 14 KB
5 KB 46ms
43ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-emoji-release.min.js?ver=5.3.15

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1543652
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-3619"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SRh%2FY%2BG%2F1KvIOt0S1RwLaq6%2FX6lLaaKCvtDXpkeiMvVVMpO%2FpTm%2BfTdn59%2F5va1RhTmq%2F3DI1f4I5f5DR%2BA6YM9l%2FqQIgyqRxefs347iwCdr0AAcnfjtCwDHChNFfshduBQrXdNoI%2FtywU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb393633-FRA
expires: Thu, 14 Sep 2023 03:03:11 GMT

GET
H3 200 style.css
19216801.one/wp-content/themes/simple-grey/ 661 B
974 B 47ms
43ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/style.css?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238939
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-295"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6eB%2FOwJxBkbjqG9d2QAeI6LRDsI0EseD4LXuCOLhmQW9zqabdOIBnFYt4uqvrY1XApakayjXrCyeo2I8bLZ2znZ%2BMwv7%2BpS6Iy66zEegwbbXLzqYLQGDxJrgfXqb3GwDzUr3gEyDlcu6Vo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acacb3a3633-FRA
expires: Fri, 29 Sep 2023 05:28:24 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 283ms
122ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

89b9bd95542140f302b4316f6f4484d053b412f8cb8abf9a5d4a70c30cca1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Sep 2023 06:56:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f160ef-12763"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75619
expires: Sat, 02 Sep 2023 00:50:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 53264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 09:02:59 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 20:49:41 GMT
x-content-type-options: nosniff
age: 10862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 20:49:41 GMT

GET
H3 200 sw-check-permissions.js
19216801.one/ 0
860 B 13ms
12ms Other
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/sw-check-permissions.js

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751309
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 20:29:36 GMT
server: cloudflare
etag: W/"63c9a830-244"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ncl2xrlhfpjSWIDI%2BLt47ZLceKEztnU86hpDpD%2FQd%2F%2B05Q1w6pz6s8S61%2FgX%2FoKIKt7S0uKWI39hWrS0GAfPj2wAp9cLXTWOZN7ok1Z1njWrLqRKNdwpkxOCvoxn3QGPChLLk1CMBKVwkI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 80016acb7b9c3633-FRA
expires: Sat, 23 Sep 2023 07:08:54 GMT

POST
H2 200 zone
itweepinbelltor.com/ 0
249 B 13ms
13ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/zone?&pub=0&zone_id=5659798&is_mobile=false&domain=19216801.one&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id: 8cf57e6a6c9aab6747916032d30c770f
date: Fri, 01 Sep 2023 23:50:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://19216801.one
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 58ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5659798&checkDuplicate=true&ymid=&var=

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c503a3f9c457ff72fba8037797c06cf003f4a4e7f41b0f7331d2c98aa1cf5612

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
itweepinbelltor.com/ 823 B
1 KB 38ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/zone?&pub=0&zone_id=5659798&is_mobile=false&domain=19216801.one&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e26964515c67f1184518f279325e889e1f59de3685050c32903bd13c5ffb16e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id: 6951276fde852cc03443664d5dc9c1b0
date: Fri, 01 Sep 2023 23:50:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 823

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ 78 KB
30 KB 70ms
28ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=6231437

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3efe78b9786ffb1d6057f7081aa961bcc2dc7146cb9f4930b17e38e834204745

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 0c6a7fbce91182d1b100ae9e79dd5a23
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 384 KB
130 KB 240ms
240ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4812870882449745&plah=19216801.one

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44330cfff2bc5bbbd58f358382389adb40f53c39ef37af5f248b1016c6c709fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133329
x-xss-protection: 0
server: cafe
etag: 15205329229720256442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:50:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 47D1 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 17:21:02 GMT
etag: 9878862242593084568
expires: Fri, 15 Sep 2023 17:21:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 13ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=6231437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c503a3f9c457ff72fba8037797c06cf003f4a4e7f41b0f7331d2c98aa1cf5612

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 / Show response
cdn.itskiddien.club/5/6231437/ 45 B
913 B 14ms
14ms XHR
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itskiddien.club/5/6231437/?abt_opts=1&js_build=iclick-v1.595.1-auto&userId=b98872a70f514345a637889e1fb573c8
Requested by: Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=6231437
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7dd867aa4592648c889329119b4662122e225027fb3fd075f2e7c5ce20656518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id: 224f82d59b365b411d76973e92125981
pragma: no-cache, no-cache
date: Fri, 01 Sep 2023 23:50:43 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://19216801.one
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 45
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10113.WNPH6u7ral7Ku1t42hYKQPxjg2_WZDLzi9hNAUgcI6VTVb-6H9LBWNrP4sYcQbC6.G4eycZD2kyl_lmmDXGdSx9IPRl0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10113._OIJv3-7E_e5ewj7X4wGTqwS9HLiOZqmPD6TH2DQ2Ub_090sHNtFYbR3bVlUQ5ySl1W6SB06h28LUR0gHnfkatPZNEKs54DotdsH_JUkY2A%2C.v4Lj_HBkHM7WbZBZQjCs8slTm34%2C

43 B
67 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10113._OIJv3-7E_e5ewj7X4wGTqwS9HLiOZqmPD6TH2DQ2Ub_090sHNtFYbR3bVlUQ5ySl1W6SB06h28LUR0gHnfkatPZNEKs54DotdsH_JUkY2A%2C.v4Lj_HBkHM7WbZBZQjCs8slTm34%2C

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10113._OIJv3-7E_e5ewj7X4wGTqwS9HLiOZqmPD6TH2DQ2Ub_090sHNtFYbR3bVlUQ5ySl1W6SB06h28LUR0gHnfkatPZNEKs54DotdsH_JUkY2A%2C.v4Lj_HBkHM7WbZBZQjCs8slTm34%2C
date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
162 B 72ms
62ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Sep 2023 06:56:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f160ef-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 02 Sep 2023 00:50:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
328 B 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=19216801.one&callback=_gfp_s_&client=ca-pub-4812870882449745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4812870882449745&plah=19216801.one

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e624cc2969e757386842a2a9a945634ab621fa2d445be6b9aa76b36bd6c26083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF3B 0
188 B 83ms
82ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1693605044&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243865&bpp=3&bdt=295&idt=369&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=340538881320&frm=20&pv=2&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=389

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:44 GMT
expires: Fri, 01 Sep 2023 23:50:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C69 112 KB
39 KB 836ms
836ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1693605044&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243869&bpp=1&bdt=299&idt=393&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pNmVf3k1z5&p=https%3A//19216801.one&dtd=398

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

860ae1a2ffd05d0c84976cb7d7ae4bfd3444f21fa171c89720aabd5a85156662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Fri, 01 Sep 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFD6 34 KB
14 KB 908ms
907ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243870&bpp=1&bdt=300&idt=401&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=StDb18hQPc&p=https%3A//19216801.one&dtd=405

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63bee1e0482219857250652aa99ebc0bb5970ea0a4051c30c2a3f0a281e616c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14018
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Fri, 01 Sep 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/55749736/
Redirect Chain

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-...

447 B
530 B

69ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1101%3Acn%3A1%3Adp%3A0%3Als%3A1054113601580%3Ahid%3A789710110%3Az%3A120%3Ai%3A20230902015044%3Aet%3A1693612244%3Ac%3A1%3Arn%3A712581115%3Arqn%3A1%3Au%3A1693612244351882300%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C18%2C278%2C4%2C210%2C0%2C%2C134%2C28%2C%2C%2C%2C645%3Aco%3A0%3Acpf%3A1%3Ans%3A1693612243057%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693612244%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7c7e8c0fd733ff6d8576f787bd44d4b0c1de83dc79314813a46a5b942d29431c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 01-Sep-2023 23:50:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Fri, 01-Sep-2023 23:50:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01-Sep-2023 23:50:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9gn99c48ikk4wv%3Afp%3A612%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1101%3Acn%3A1%3Adp%3A0%3Als%3A1054113601580%3Ahid%3A789710110%3Az%3A120%3Ai%3A20230902015044%3Aet%3A1693612244%3Ac%3A1%3Arn%3A712581115%3Arqn%3A1%3Au%3A1693612244351882300%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C18%2C278%2C4%2C210%2C0%2C%2C134%2C28%2C%2C%2C%2C645%3Aco%3A0%3Acpf%3A1%3Ans%3A1693612243057%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693612244%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 01-Sep-2023 23:50:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB75 430 B
230 B 1091ms
1090ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243871&bpp=1&bdt=301&idt=408&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=WiTLNErTK9&p=https%3A//19216801.one&dtd=412

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03cc1c903c88fed0fab07495896761c58acb5a39b7270ae26ddca30f2364bf99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Fri, 01 Sep 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10113.RNU0ToRHthM-TDpBocCCooVMH3zk-hdvq1rszcOCUHEl4FXo8AXr94B0pCumpoKv.3JT8FrfkHGJrthRT28HdY1WHmzQ%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10113.urxfJmGon-FczKKvY_A9U-XVLefjaFPKQEaZp9x5dTPtpIGMkiKE3fXtamyQosWraNuByHlQSLYjUMqrna9VuIgW_FCEJwfXDR6Mv_d98iA%2C.rVRT9HHEEW-9X-zsT...

43 B
106 B

69ms
69ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10113.urxfJmGon-FczKKvY_A9U-XVLefjaFPKQEaZp9x5dTPtpIGMkiKE3fXtamyQosWraNuByHlQSLYjUMqrna9VuIgW_FCEJwfXDR6Mv_d98iA%2C.rVRT9HHEEW-9X-zsTdiTdIisIyk%2C

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10113.urxfJmGon-FczKKvY_A9U-XVLefjaFPKQEaZp9x5dTPtpIGMkiKE3fXtamyQosWraNuByHlQSLYjUMqrna9VuIgW_FCEJwfXDR6Mv_d98iA%2C.rVRT9HHEEW-9X-zsTdiTdIisIyk%2C
date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 7C69 9 KB
4 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1693605044&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243869&bpp=1&bdt=299&idt=393&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pNmVf3k1z5&p=https%3A//19216801.one&dtd=398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 03:15:26 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 7C69 11 KB
5 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 00:42:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7C69 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 22:09:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Sep 2023 23:50:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 7C69 2 KB
945 B 8ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:54:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 7C69 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:54:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 7C69 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:07:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 7C69 20 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:54:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C69 181 KB
57 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:50:45 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 7C69 36 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 21:27:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 02:09:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5665 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1693605044&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243869&bpp=1&bdt=299&idt=393&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pNmVf3k1z5&p=https%3A//19216801.one&dtd=398
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame BFD6 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243870&bpp=1&bdt=300&idt=401&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=StDb18hQPc&p=https%3A//19216801.one&dtd=405

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:07:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame BFD6 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 13:54:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFD6 181 KB
56 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:50:45 GMT

GET
DATA 200
OK truncated
/ Frame 7C69 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6acf21892800314b6b30776dfecfa4701e3d8449fe9325e0737d0a4988463762

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D7F8 153 KB
52 KB 137ms
69ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPJ41AAEvuwKwkEXAAllslunDzFmtOM9vIS2fA&u=%7Co3tCognicd30UVFXRKgDZkRRA6ni8dwji6NcaHz7%2Bss%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86zGqt-9LwcFUyHYLJPbAPU3thJ0NDvwHGcWB_lpoS8wYo8xAKBofr__Ojj6pECXU5oAnEQtRM0_KHjZR2Xwj2S07Y23LJ1Jrm7wimv7Gcf2c61Xo__IjlrAKl5_TKvlKT3IqS-e3qUnC3Kn9ZsBheSLkgGipLLGT3HSwVEvZQotDceo4sR-du9Xnd3E_iepSB2fA6as7HsYQUvkA531DK14DCLVZ930ii8sAmefMWfA2wPfHNLw1W7eQwJawb8dsY2TUYERlXJF2_47dp9oboSV1DYZbiHwk8JzDhWPXxEMryOrNfQSup9aFaC1E5FUGDT0fXNubAwDy_BfehaP_H7ec2cymdP_-ZOV-EhFwW8nVic5QuAfyrrQGKn5nJZiSEziAHnAtcd_bCu2K_wn4YuTiwurHwmOHTi3k1NK7De1Ut_OTHUlYjuD6yWKCdG_U4NlcjZgtxNH-0N17P8_HN2mf3UllAYEgIuF-Dj7SYILFtI9Ze2UJr7e7e4OzNKgTTzVGoj67yxmMIteo9gxWHamesGfh-UWOfyFMJfN9d01fCJ2nSZNWY8zXjLIzUm64_VROotq0VuKl8YWbElaBAY0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Did1HjyZOz9EpeCiQayy6WYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDgxMjg3MDg4MjQ0OTc0NcgBCakCOB1EGzEXsj6oAwHIAwKqBNsBT9CgCFOptp3NGmPbK9JkTc1T6KDQLPQX8HBlp-CNnxT-UEz3byifi5wa07fWi6DptoLpqcHHEKP_VrxuPJq8BGidKPM9kL3mpgkZ_otMoZDYtLiAOt2dgS6OgHbfSN_YQEbmkMl-3spMT7mjCizFfSO4x8RZ6eoNRKwuYID_uuItiR1zonccHP4UFLFUfaEXeBTUljDgzqqnB-JcxOQvw3ehmbiGdfMjjwgBBvyN_rXF1OElNENrB3HjNiOSx1klbNHPGA5zuUvuG98_O16iSVylpcKUQ6PKtSlogAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jmkgfhT1FAExQYba-ij2usPm7Zw%26client%3Dca-pub-4812870882449745%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

10e0bf6b7ceb144d587b8a0b5eb406652b8df8045bb66f9076e1d4e92204801e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZGs3sZiu3HShiIVGhcBwILQktskX8uY9sgEh7EaIMZfZiesc_7plU7KMo5CjCg3X1PaUfThC2tjPf4N_NuUOWcU5dwLHQtL93hnt7F3pFzxIHHmlNBFiw33n-Y2MTtj7us60Sp-u3E8rBIhweoNvEx_9zUZQttLjrxhFqgBWeG5-XUmfWY4Yt9z6TkTGXFDw6gJVx2vu8mM5m-zVrlHeBuTgaHPPICHPDuQquPbuojL0KjKkmMPOL2f0IQ4FFvDLS0U6kQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48817963
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7C69 33 KB
33 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 586004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:04:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5665
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Fri, 01 Sep 2023 23:50:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BFD6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d95bf2667aab23884fbae7bd955f65b067650cd7105c3ac91724e544df170598

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BFD6 0
23 B 52ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGljA1HjyZOz9EpeCiQayy6WYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDgxMjg3MDg4MjQ0OTc0NcgBCakCOB1EGzEXsj6oAwHIAwKqBNgBT9CgCFOptp3NGmPbK9JkTc1T6KDQLPQX8HBlp-CNnxT-UEz3byifi5wa07fWi6DptoLpqcHHEKP_VrxuPJq8BGidKPM9kL3mpgkZ_otMoZDYtLiAOt2dgS6OgHbfSN_YQEbmkMl-3spMT7mjCizFfSO4x8RZ6eoNRKwuYID_uuItiR1zonccHP4UFLFUfaEXeBTUljDgzqqnB-JcxOQvw3ehmbiGdfMjjwgBBvyN_rXF1KMnFdHsiO3wib-GZIkYyinGDATFs2X2mWv3BvhQ9kKJvUc-x7B1gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ4MTI4NzA4ODI0NDk3NDUYAA&sigh=AycWPdu1kYA&uach_m=[UACH]&cid=CAQSGwBpAlJW9taQkTu1CXPXRsxNxhojMJDngE3bHhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243870&bpp=1&bdt=300&idt=401&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=StDb18hQPc&p=https%3A//19216801.one&dtd=405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Sep 2023 23:50:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Sep 2023 23:50:45 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame BFD6 0
126 B 74ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EN2BMKwC-gGdg2ICAgAAAF-mngxP8Pl-ENN48mQKAvfRptEeai29AAASAAAKCkFRVUJEd0VCRHc&wp=ZPJ41AAEvuwKwkEXAAllslunDzFmtOM9vIS2fA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 126255
server: Kestrel
content-length: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7C69
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTN8x1HjyZIvYEY3Ix_AP2Mm0oAihlMacct72w93YEcCNtwEQASCiketNYJXikIKgB6ABhertiCrIAQGoAwHIA8MEqgTdAU_QAYAqdZH6ZYPm2NWN4MV_nkjkdTu6EIdj7VlK3ctGnnENxTh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214136160973663749479%22,%22debug_reporting%22:true,%22destination%22:%22https://omegaproxy.com%22,%22event_report_window%2...

0
0

59ms
41ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214136160973663749479%22,%22debug_reporting%22:true,%22destination%22:%22https://omegaproxy.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211292865797%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228905183217333955361%22}&andc=true

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14136160973663749479","debug_reporting":true,"destination":"https://omegaproxy.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11292865797"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"8905183217333955361"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Sep 2023 23:50:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Sep 2023 23:50:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14136160973663749479","debug_reporting":true,"destination":"https://omegaproxy.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11292865797"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"8905183217333955361"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js Show response
pagead2.googlesyndication.com/bg/ Frame DAE7 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 16:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 16:23:10 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D7F8 2 KB
1 KB 41ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPJ41AAEvuwKwkEXAAllslunDzFmtOM9vIS2fA&u=%7Co3tCognicd30UVFXRKgDZkRRA6ni8dwji6NcaHz7%2Bss%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86zGqt-9LwcFUyHYLJPbAPU3thJ0NDvwHGcWB_lpoS8wYo8xAKBofr__Ojj6pECXU5oAnEQtRM0_KHjZR2Xwj2S07Y23LJ1Jrm7wimv7Gcf2c61Xo__IjlrAKl5_TKvlKT3IqS-e3qUnC3Kn9ZsBheSLkgGipLLGT3HSwVEvZQotDceo4sR-du9Xnd3E_iepSB2fA6as7HsYQUvkA531DK14DCLVZ930ii8sAmefMWfA2wPfHNLw1W7eQwJawb8dsY2TUYERlXJF2_47dp9oboSV1DYZbiHwk8JzDhWPXxEMryOrNfQSup9aFaC1E5FUGDT0fXNubAwDy_BfehaP_H7ec2cymdP_-ZOV-EhFwW8nVic5QuAfyrrQGKn5nJZiSEziAHnAtcd_bCu2K_wn4YuTiwurHwmOHTi3k1NK7De1Ut_OTHUlYjuD6yWKCdG_U4NlcjZgtxNH-0N17P8_HN2mf3UllAYEgIuF-Dj7SYILFtI9Ze2UJr7e7e4OzNKgTTzVGoj67yxmMIteo9gxWHamesGfh-UWOfyFMJfN9d01fCJ2nSZNWY8zXjLIzUm64_VROotq0VuKl8YWbElaBAY0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Did1HjyZOz9EpeCiQayy6WYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDgxMjg3MDg4MjQ0OTc0NcgBCakCOB1EGzEXsj6oAwHIAwKqBNsBT9CgCFOptp3NGmPbK9JkTc1T6KDQLPQX8HBlp-CNnxT-UEz3byifi5wa07fWi6DptoLpqcHHEKP_VrxuPJq8BGidKPM9kL3mpgkZ_otMoZDYtLiAOt2dgS6OgHbfSN_YQEbmkMl-3spMT7mjCizFfSO4x8RZ6eoNRKwuYID_uuItiR1zonccHP4UFLFUfaEXeBTUljDgzqqnB-JcxOQvw3ehmbiGdfMjjwgBBvyN_rXF1OElNENrB3HjNiOSx1klbNHPGA5zuUvuG98_O16iSVylpcKUQ6PKtSlogAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jmkgfhT1FAExQYba-ij2usPm7Zw%26client%3Dca-pub-4812870882449745%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D7F8 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D7F8 308 B
637 B 38ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D7F8 293 B
621 B 40ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame D7F8 43 B
348 B 62ms
17ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qrkQEb_jr2DiokA7CNSPaws6vgPAjpDJfFJYEv7zf1GWZoPBDkiEPLayHbzF9WjLbObgwsRFMt6UuF1ezxDGrjkFbW-TNPJuXUGow-9y4rH7eInxztnJsJHmYXIOdt5GJzG-lEs_23HH9Rbs-GSfwAo3kLm6FmKldVzX9dwMxQHkFK80pHQgzaHVFfYfby2GNQ33dhtRcsyZAJtg5SaPTqnDV7Amhs5ZMCI9P9muRUNHGbtsxBEa5n4lumO7oXoPkxlvli68xlSUXo16qNVVCnnUe-0pPN4hsxY44ZP7c8I8wNXGacR08saxpdRHbN-dT4MCA_6Wz-qIMljaQQA90Fa9WKVLEdokxfvKt8ZJlLDJuZVCuaw6XKx5vqxK0CL4nqqJ_kKzoOnRmWCtSabglf68UGgUzB3AIkJ7aE7PfZWmbC5gdhaIk7ZPH4bRXIy-EseWcw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1714804
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
41ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Sep 2023 23:50:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D7F8 12 KB
5 KB 34ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3805891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbxNu710OQixNLrMQavLUcp8u7nP7TdokWwGlGoTVLimXdafp5q3kby9yv2fj9QLp4j5dIWS%2FMW48acydKRmQae8DvGL1nDePAOhvXPQfKDKz9tXlIXOAO91JHRL6S38WB4QTQQux75DjzZ2sZDIaAOG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80016ad628549b76-FRA
expires: Wed, 21 Aug 2024 23:50:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D7F8 12 KB
6 KB 32ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame D7F8 46 KB
46 KB 63ms
37ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame D7F8 38 KB
38 KB 50ms
24ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D7F8 3 KB
3 KB 106ms
37ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=596&s=V4fJFzBLbnklcvR7f1ADvJDS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

459088e27f5b21c4db740ba708ec600a26fccb6c917361bbfeb82c4d1b66961b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3377
expires: Sun, 04 Aug 2024 09:57:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D7F8 29 KB
30 KB 97ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4918258%2F91f17cbfe7544312b508814235232386_img_vertical_03.jpg&v=3&w=1200&s=fNjqJje5DHc8KQ33cmI91kwh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

083ff53000b7c5fe060f08f025a43951b92803be1c5a92c26692ef5cc15f1aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 30074
expires: Sat, 17 Aug 2024 14:35:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D7F8 13 KB
14 KB 107ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1678222803%2F22268209-Y54GI87l.jpg&v=3&w=400&s=5uT_Aiy_fLZ1A4waGw9ZcHfJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9a1204b7de4ff4ccd326a07cd1e3f0a3f925584eedcd24cd8047c50f2aeb847f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13752
expires: Tue, 05 Sep 2023 09:28:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D7F8 13 KB
13 KB 92ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1686085205%2F23101320-aamwZCsH.jpg&v=3&w=400&s=Z3vkOzk8so2uatvDzAC9k57a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

055e8976250253356a2ef54aa0c5455941f3274d7c7f3ac53bfa7e24f52458f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13150
expires: Fri, 08 Sep 2023 08:19:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D7F8 21 KB
22 KB 109ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23125750-tZwbVT7S.jpg&v=3&w=400&s=QaFNPvSVWJ63KaiyYwPFPnEj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34222d6cef30e00c1a8a8fd4786a2f46df0e394b011cdb568c1da4746e089f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22006
expires: Fri, 08 Sep 2023 06:53:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D7F8 0
128 B 87ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZGs3sZiu3HShiIVGhcBwILQktskX8uY9sgEh7EaIMZfZiesc_7plU7KMo5CjCg3X1PaUfThC2tjPf4N_NuUOWcU5dwLHQtL93hnt7F3pFzxIHHmlNBFiw33n-Y2MTtj7us60Sp-u3E8rBIhweoNvEx_9zUZQttLjrxhFqgBWeG5-XUmfWY4Yt9z6TkTGXFDw6gJVx2vu8mM5m-zVrlHeBuTgaHPPICHPDuQquPbuojL0KjKkmMPOL2f0IQ4FFvDLS0U6kQ&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Sep 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D7F8 2 KB
1 KB 15ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D7F8 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Aug 2024 23:50:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 70ms
55ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fb61566c22bf07dbbb950a2203aeb48239a597862f6d6ceca0b3b964140dd4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11729
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 23:50:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 881A 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 22:56:10 GMT
expires: Sat, 31 Aug 2024 22:56:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C8C 829 B
995 B 18ms
17ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42de893adbf0006bc091e985ebea117e076ff97d0b323dbdb12607dd1f40b29a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uSfZI8IvYvxHvppsP7Y4Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-uSfZI8IvYvxHvppsP7Y4Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 23:50:45 GMT
expires: Fri, 01 Sep 2023 23:50:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js Show response
pagead2.googlesyndication.com/bg/ Frame 881A 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 16:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 16:23:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C8C 0
0 40ms
40ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=2583074208241125&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 881A 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lsAF3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:50:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=2583074208241125&bg=!pKelp-jNAAYHwnCgJ8I7ADQBe5WfOBt_OzJUvwKYVZNb9p0pN55C6RxI-B_ZUWxrVEU8Lc79PlV6xLR4laqL7EySpF8tAgAAAEVSAAAACGgBB5kCxbMhYB2yzhDitYS3jDJuUwY5vZDg9BSAwmjzdpFPHjywRErxib1MmaWzA-Gj8dmvXkJAhBcf7v7PYgyiONh7Jy3rRtveqgCZcoNxLHawDLC-YbcxYJjl1kfi_BYU2TgCwehhLh_IN12Tpq2tGOJreIn8sCp8I2uJiWGd75xB82rZZwjG4v-oHOPJQkQ5XbjvFdxoeeojLhJbtp77pLd2hjuifmAQz9QYFhSrTJAu7MscLXoiaEcv44-nu2-lSG6Wo2NhjfReVZlckAmaEoILmvEaeVtTFomM-MviBQ_YY18J2-WlKe25JQ7BahPGftFDPu4BxAungw0-o7f39zfon88CdL1o7MLi05uwBhLlf28_PoObKbJGMnWG6dXgq9ft8M1Ne7HzPHVZQU0aCrVC-gvmg3By-LK4b1z2gvoxqPw-Y_yQvUMM9-ZSJZe5Ep91FiVQAY_vK5Iiw8Ngug-QVqHkyhbfzo4lZYA06BpnmV3sC3qvLsdsVmU94l3uExUTnSA_i3U1HMW9NTEzEllJhUZjagJ9K50wLnP17yMJvK1ZMFLbwXqgVc0xvkXAxk6kqA4xvaMrdkewpwJziTcbIAoqW7hFBNLQmBbvlLnwY48tnA7l6BR2-tMDWDv5LBeZz9duqEryA3n2tCum5GK3sx6FJvkntBece2eFBLQTlehDGUqJs7qeU-zAgrtBAxguV8RhQcnQ6Adj_a_AE3FBb9KA1c5FA9JcMf0bibZiAORgEwMnh528YJdqxmhlEOCvw0dYIcKSv6lbLBEQ801wd4fLlWiXvfYk39Pu2AzUEgaG0rxRruCRDrN90Z94j7zXEn7U4KU12pl3wulR6TYafiLgJLMe_DnoAhcz106A5xY6tBpR4VTOJQ0fg0za7OXmuilv-HK9ta0PHxN4zMMuoUFrkRnWXFeD7BUeBXC3d1IfB-S6KbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C69 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWi0h6WN7gp4yLidyFWWaW5LBCUbRmaD4cTcalUZSd1MKcutU1k1wRf_wXMWD-5f0pKnQLd7GmenrDEg6dty8Whr21YEkzHL3owVqUvY7XopFjXcTH-09mlZWAnETOce4-n0XGsCbG4Q3F&sai=AMfl-YSquAQgROu7GtTmS2wFzz9xcy4t934wfqKAkAijol3R3Ot5m_cr_dhqIIqwQF5wu3TDBfFA7iAFCTL2&sig=Cg0ArKJSzCPB3QXWFFXpEAE&cid=CAQSGwBpAlJWeIWytPD4s8XONk0c8xU_xe2MANp2fBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3451990369&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693612244268&rpt=1083&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D7F8 0
127 B 16ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Sep 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-20 23:12:28	Name: ID Value: b98872a70f514345a637889e1fb573c8
cdn.itskiddien.club/	1970-01-20 23:12:28	Name: oaidts Value: 1693612243
cdn.itskiddien.club/	1970-01-20 23:12:28	Name: OAID Value: b98872a70f514345a637889e1fb573c8
cdn.itskiddien.club/	1970-01-20 14:36:57	Name: syncedCookie Value: true
.19216801.one/	1970-01-20 23:12:28	Name: _ym_uid Value: 1693612244351882300
.19216801.one/	1970-01-20 23:12:28	Name: _ym_d Value: 1693612244
.19216801.one/	1970-01-20 14:28:04	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 14:26:52	Name: sync_cookie_csrf Value: 2647377078fake
.mc.yandex.ru/	1970-01-20 14:26:52	Name: sync_cookie_csrf Value: 871192613fake
.19216801.one/	1970-01-20 23:48:28	Name: __gads Value: ID=41240e5e6fbc08d1-229aed8364de0005:T=1693612244:RT=1693612244:S=ALNI_MZ-_cDfB4k1m8zAaAUHpL22JrHD2Q
.19216801.one/	1970-01-20 23:48:28	Name: __gpi Value: UID=00000c6d7d04ac82:T=1693612244:RT=1693612244:S=ALNI_MatUOVr_v3mIK1T-BSF-vaidbP8sg
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 256596701693612244
.yandex.com/	1970-01-21 00:02:52	Name: i Value: vn62XbIcGV2LaTMiT3i94rkWaPm4ZkFba8ISNJI766Y+AmTeRevZIr/smyIoFgnugv1Xod1BagC/MvHybMh3o4lARaQ=
.yandex.com/	1970-01-21 00:02:52	Name: yandexuid Value: 7718508011693612244
.yandex.com/	1970-01-20 23:12:28	Name: yuidss Value: 7718508011693612244
.yandex.com/	1970-01-20 23:12:28	Name: ymex Value: 1725148244.yrts.1693612244#1725148244.yrtsi.1693612244
.yandex.com/	1970-01-20 23:12:28	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 14:26:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:48:28	Name: IDE Value: AHWqTUlD-nhOXNbAue9TifdwiKe0S9XUHry3Ijz520y-FyPngCwdlnmYDoILUiPT4Gg
.googleadservices.com/	1970-01-20 16:36:28	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1693605044&format=300x250&url=https%3A%2F%2F19216801.one%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693612243870&bpp=1&bdt=300&idt=401&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=340538881320&frm=20&pv=1&ga_vid=1670197586.1693612244&ga_sid=1693612244&ga_hid=910200750&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077370%2C44800658%2C20222282&oid=2&pvsid=2583074208241125&tmod=910157427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=StDb18hQPc&p=https%3A//19216801.one&dtd=405 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19216801.one
ads.eu.criteo.com
cat.fr3.eu.criteo.com
cdn.itskiddien.club
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
itweepinbelltor.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
139.45.195.8
139.45.197.236
139.45.197.250
178.250.7.9
216.58.212.130
2606:4700:3032::6815:1693
2606:4700:3035::ac43:cd55
2606:4700::6811:180e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:812::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::4
2a02:2638:d::c
2a02:6b8::1:119
03cc1c903c88fed0fab07495896761c58acb5a39b7270ae26ddca30f2364bf99
055e8976250253356a2ef54aa0c5455941f3274d7c7f3ac53bfa7e24f52458f6
0678a8b9a94d144ec6b760c0fff9b10cbce864e6434306cead4ed645feb5c1f7
083ff53000b7c5fe060f08f025a43951b92803be1c5a92c26692ef5cc15f1aa6
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0fb61566c22bf07dbbb950a2203aeb48239a597862f6d6ceca0b3b964140dd4e
10e0bf6b7ceb144d587b8a0b5eb406652b8df8045bb66f9076e1d4e92204801e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
2880aba61fe6ecd4fd6d89ced30f8b75282a935ea6512ec7ce72b08878f6efb5
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
34222d6cef30e00c1a8a8fd4786a2f46df0e394b011cdb568c1da4746e089f45
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
3efe78b9786ffb1d6057f7081aa961bcc2dc7146cb9f4930b17e38e834204745
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
42de893adbf0006bc091e985ebea117e076ff97d0b323dbdb12607dd1f40b29a
44330cfff2bc5bbbd58f358382389adb40f53c39ef37af5f248b1016c6c709fe
459088e27f5b21c4db740ba708ec600a26fccb6c917361bbfeb82c4d1b66961b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bee1e0482219857250652aa99ebc0bb5970ea0a4051c30c2a3f0a281e616c3
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
6acf21892800314b6b30776dfecfa4701e3d8449fe9325e0737d0a4988463762
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c7e8c0fd733ff6d8576f787bd44d4b0c1de83dc79314813a46a5b942d29431c
7dd867aa4592648c889329119b4662122e225027fb3fd075f2e7c5ce20656518
860ae1a2ffd05d0c84976cb7d7ae4bfd3444f21fa171c89720aabd5a85156662
89b9bd95542140f302b4316f6f4484d053b412f8cb8abf9a5d4a70c30cca1916
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93aa90bc54c821708337ef559092efe522bc95c001099d697618db267a0b0049
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
9a1204b7de4ff4ccd326a07cd1e3f0a3f925584eedcd24cd8047c50f2aeb847f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7f8d7494969108668dc0c3c8abfaa863b9fb7c079ea58fa235f38b331ca747c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
af56f9a97ba9853d88e0dc672d67e32e3ff2f829df312625ef64a878f8632cf2
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
c503a3f9c457ff72fba8037797c06cf003f4a4e7f41b0f7331d2c98aa1cf5612
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
d95bf2667aab23884fbae7bd955f65b067650cd7105c3ac91724e544df170598
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e26964515c67f1184518f279325e889e1f59de3685050c32903bd13c5ffb16e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e624cc2969e757386842a2a9a945634ab621fa2d445be6b9aa76b36bd6c26083
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

19216801.one Open in urlscan Pro 2606:4700:3035::ac43:cd55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

96 %HTTPS

76 %IPv6

16 Domains

23 Subdomains

21 IPs

5 Countries

1201 kBTransfer

2983 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

19216801.one Open in urlscan Pro
2606:4700:3035::ac43:cd55 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

96 %
HTTPS

76 %
IPv6

16
Domains

23
Subdomains

21
IPs

5
Countries

1201 kB
Transfer

2983 kB
Size

20
Cookies

104 HTTP transactions
2 data transactions