19216801.one Open in urlscan Pro
2606:4700:3035::ac43:cd55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://19216801.one/
Effective URL:
https://19216801.one/
Submission: On December 05 via manual (December 5th 2023, 3:08:15 pm UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 161 HTTP transactions. The main IP is 2606:4700:3035::ac43:cd55, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19216801.one.
TLS certificate: Issued by GTS CA 1P5 on October 9th 2023. Valid for: 3 months.

This is the only time 19216801.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:1693	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700:303... 2606:4700:3035::ac43:cd55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
27	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1 9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.203.173.246 18.203.173.246	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7780:4c96:3892:23f5:65e3	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
161	25

1 2606:4700:3032::6815:1693 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:3035::ac43:cd55 (United States)

ASN13335 (CLOUDFLARENET, US)

19216801.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

itweepinbelltor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddien.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.180 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.173.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-173-246.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7780:4c96:3892:23f5:65e3 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	547 KB
33	19216801.one 1 redirects 19216801.one	253 KB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	973 KB
21	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	143 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	71 KB
3	itweepinbelltor.com itweepinbelltor.com — Cisco Umbrella Rank: 240976	12 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 66923	607 B
1	itskiddien.club cdn.itskiddien.club — Cisco Umbrella Rank: 61722	2 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	541 B
161	18

	Domain	Requested by
33	19216801.one	1 redirects 19216801.one itweepinbelltor.com
31	s0.2mdn.net	19216801.one s0.2mdn.net googleads.g.doubleclick.net
27	pagead2.googlesyndication.com	19216801.one pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net 19216801.one tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	mc.yandex.com	3 redirects 19216801.one
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects 19216801.one
3	itweepinbelltor.com	19216801.one itweepinbelltor.com
3	fonts.googleapis.com	19216801.one googleads.g.doubleclick.net
2	ad.doubleclick.net	19216801.one
2	www.googleadservices.com	19216801.one
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	19216801.one
2	fw.adsafeprotected.com	1 redirects 19216801.one
1	www.google.com	tpc.googlesyndication.com
1	portal.o2online.de	19216801.one
1	www.gstatic.com	googleads.g.doubleclick.net
1	cdn.itskiddien.club	itweepinbelltor.com
1	my.rtmark.net	itweepinbelltor.com
161	25

This site contains links to these domains. Also see Links.

Domain
192.168.0.1

Subject Issuer	Validity	Valid
19216801.one GTS CA 1P5	`2023-10-09` - `2024-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
itweepinbelltor.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
itskiddien.club R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
portal.o2online.de E1	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://19216801.one/
Frame ID: 8305A23782D76E7F8D0212F85100BEFB
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 50C7503A376172D594E8904962A1E40E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1701788891&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890770&bpp=2&bdt=230&idt=284&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1098107441744&frm=20&pv=2&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 5CA899D56D92148816BF54BB199D277F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1701788891&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890772&bpp=1&bdt=232&idt=297&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=300
Frame ID: D0AFD689C471DE0428DF354AF56B5152
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890773&bpp=1&bdt=233&idt=301&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302
Frame ID: B3E8D575EF83FF637F1DD9ECF94D54AD
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Frame ID: 37EE5AA19671A892DCE8ACA58D346584
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIjin9wBMAE&v=APEucNW79V_C7i-hplx-4ejVsC8DdjlMAYpG-LV_-6rmaNmrFJuyf0NUMakMFeSvGIV5I5TpfRdi8VANN1QZyTUylXMHyVg_PYq3UOG38-no9jVCcwd2mhLfwgwG17oLNoOW2Yutra_f0QToo58-A3a0Wc-nNl-n9S5w6ylFzE6ySXlUYZiUeL0
Frame ID: A989236D1FD941B986B3E05E3F3B1F5B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7F2D27799A9C6A5F5B1D0FDEA00B8064
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
Frame ID: 86C5C367732C93E9FB98097362DCDBDB
Requests: 23 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 386BD365FDF5BAF88561B3D98A062BB3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: A4BB5FC2EDBFE4DA87D1B3DFE0C03853
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNU0BJyCMRLsYOlsYs_nsO_gWEP1toaBxq9dONB_0VjNOiXxAXPE_E36OMA-owp3QkySHhsCXXHz6Qsa37uh-V64HcGumoi0-1OE2XItXjmFL5cg4kNmQLiIEAU5qWQv1h8vBc_ua-qKF6qv1z99bwISzN8j2JI4h5TjdoyLF_47Rlw8nFA
Frame ID: 0DA9B17E6A860BE4DCFF341704230C46
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CF5C93A55D1ACB2A04FE4F1890A32105
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 19D4812B7ECF8D5617D0E61E258A6E63
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
Frame ID: 995BEC0DA67DD2C3411BFB24C5218F61
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 7084DF277856CD2B6210230399293E6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE4AEDDBEA683A17CDB97BB4593C58A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D73BD94584AE599B92839D4FB0FF4FEA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

192.168.0.1

Page URL History Show full URLs

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<div class=(?:"|')[^"']*elementor
<section class=(?:"|')[^"']*elementor
<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

161
Requests

93 %
HTTPS

56 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

2448 kB
Transfer

5566 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1 Admin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://19216801.one/ HTTP 301
https://19216801.one/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10208.oW4jpaMWUH9Vt56-J6wLd4bHq0CDtDS7OPVE5VD_g866733Clf9r_HkqGwz4bZpl.dqXs3tvaGV0RkuTz_IthSNTKXqo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10208.Vpk5G9kRgn0HdiLYt4sCP0jODgVV1ZFwmC8Sq4qQSxdHj8-H9I7cK3bZfLvHu0e7FiBQRzScoKQFXSFpU6tsIbmTI68NWGDFWOZxK6v1KgNtX2TACXcEYRtO5_b0Cat6PxgPd8M7LOUpBjhFcrY2P1wup7bocwBnpKTBf6gPqCJmy215Tfge-y-wakOetajepKuRsemqOxMeB06QbSvTy280uNp6NngUbAerDE6o0Yk%2C.EfskIemRwzw9khU1KfwCSeonAAA%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10208.jq_1F1iBFDBhNbDwumwIvWmVwkLRaTV-rzdxdjJNi7zHxSZaAcsX0H_5W7BXSt6ZpsIcWFX5EX0umpj8C8-KaqDqTWWD_Wfj1NUi9VNOL6QZU9c9u_PJ6ekx2iOnv9xNo9h9TtQdfEelNyjMtc4anqf8BDv7l9JEUSukkEaQKmasuZOk6O2esq5tJz9eY99TFjbFw3F9hevCvVDlt89R7g%2C%2C.BSOK8LOq_2m6TmmIu5O_tcX2fI0%2C

Request Chain 51

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1166741048376%3Ahid%3A294827818%3Az%3A60%3Ai%3A20231205160810%3Aet%3A1701788891%3Ac%3A1%3Arn%3A470543075%3Arqn%3A1%3Au%3A1701788891589146759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C117%2C1%2C259%2C0%2C%2C162%2C12%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1701788890140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701788891%3At%3A192.168.0.1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1166741048376%3Ahid%3A294827818%3Az%3A60%3Ai%3A20231205160810%3Aet%3A1701788891%3Ac%3A1%3Arn%3A470543075%3Arqn%3A1%3Au%3A1701788891589146759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C117%2C1%2C259%2C0%2C%2C162%2C12%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1701788890140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701788891%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&C=1

Request Chain 59

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW8821ptClcR.3JezwL7owAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&google_hm=2

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKGc86UgTw49PJN4-5aRtJg%26google_cver%3D1

Request Chain 61

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5ODgwNzMxODA5NjEwMzk3NQ%3D%3D

Request Chain 100

https://fw.adsafeprotected.com/rfw/st/1291251/67826872/4.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-4812870882449745&ias_chanId=1&ias_placementId=19226434042&bidurl=https://19216801.one/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2IUXwuhV7SeHKHMgNIXKT&adContainerId=brand_safety_2zxvZaXAKrjU9u8P2YOYqAI&cbFunctionName=goog_wrapCb_2zxvZaXAKrjU9u8P2YOYqAI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2F19216801.one&adsafe_type=y&adsafe_url=https%3A%2F%2F19216801.one%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4812870882449745%26output%3Dhtml%26h%3D250%26slotname%3D6244605269%26adk%3D2225904923%26adf%3D3479050406%26pi%3Dt.ma~as.6244605269%26w%3D300%26lmt%3D1701788891%26format%3D300x250%26url%3Dhttps%253A%252F%252F19216801.one%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788890774%26bpp%3D1%26bdt%3D234%26idt%3D302%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C300x250%26nras%3D1%26correlator%3D1098107441744%26frm%3D20%26pv%3D1%26ga_vid%3D1947165613.1701788891%26ga_sid%3D1701788891%26ga_hid%3D13070579%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D344%26ady%3D2057%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079714%252C44795921%252C44809531%252C44807764%252C44808149%252C44808284%252C44809072%252C95320229%26oid%3D2%26pvsid%3D3695382837250639%26tmod%3D799309503%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D304&adsafe_type=d&adsafe_jsinfo=,id:bb850525-df9d-0ffb-abf4-a52c6940be25,c:vWhoJA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-fzcnr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tXzSLci+11%7C12%7C13%7C14%7C15*.1291251-67826872%7C151%7C152%7C153,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:13,oid:1b4f68bc-9380-11ee-a9c7-8ee5f55274f1,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_2zxvZaXAKrjU9u8P2YOYqAI&cbFunctionName=goog_wrapCb_2zxvZaXAKrjU9u8P2YOYqAI&true_pb=

Request Chain 110

https://googleads.g.doubleclick.net/pagead/adview?ai=Csc0g2zxvZfDBBbzSjuwP8si18AXYl7b3c8OQtcn3EYOR9f0IEAEgopHrTWCV4pCCoAegAc6688AqyAEJqQK4mNzOwSuyPqgDAcgDy4SAgASqBN0BT9BHb6TByd_duLI_VhQKFfXjJHe467Pu4P-fkIiog5gvzQs1xeSFAlwc1lJR4GAwPD6bZUK9SPUW6alrbp9HR5PqAOZisfmWEJN3gWXzUogHxd3HCJSl3vItZoLaMLuo44PmrfYwn9LfGgQkr9v5U6Ky861HpQ0Q5rfGoIdNglfSUdKU5CMESGe9dfdnc8eszGgDPekbKNtcAiD4B85N_zPXvEMZRhYoZGSu46p7qAczVlnG3nJbyJ8yJZMXpTRUtFPvErXTw8jzyGtmK-5HKznAP3ZwmW9-UxbMw0_ABLC377WyBIgFk6Ot1EqSBQQIBBgBkgUECAUYBKAGLoAH9IeLAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENG9MtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYzPPX0sn4ggOaCSVodHRwczovL3d3dy5zaXBnYXRlLmRlL3Zpc3VhbC1yb3V0aW5ngAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQK4E-QD2BMKiBQB0BUBgBcBshccChoIABIUcHViLTQ4MTI4NzA4ODI0NDk3NDUYAA&sigh=f5D8SKLVBa4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNS7vFkLwQcWz3sAq6QrN-M1sSQftR41tWFH3FMJ9NGktD-GUhbC3GXQyFMquuTrqEQrklpiAOK2oI8Pp5jBeFqdzmgGIwDws4GxEYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215449465657787554644%22,%22debug_reporting%22:true,%22destination%22:%22https://sipgate.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211410398542%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224599966503130294849%22}&andc=true

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW882yP1wxHiLnYXgLY9zgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NDcyNzk4NTY3NzI0NDExNw%3D%3D

161 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
19216801.one/
Redirect Chain

http://19216801.one/
https://19216801.one/

45 KB
10 KB

138ms
117ms

Document
text/html

2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

55d22bbb9d3127ddf5761b5e971956bf10b969155e64da5efcf4367ef2eb08f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 830d33f52e456945-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 15:08:10 GMT
link: <https://19216801.one/wp-json/>; rel="https://api.w.org/" <https://19216801.one/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FdeTxUEXBqUT6UMJBrSkS%2BIOSwRBZbv5fiwue%2Fki3L2eycwvyEyNjdMJb2S1EHmOC3smrkr2LjDVdhGheJyyTNQWR4M3p%2BBaqe%2BVmkIh7k3rFK04DAmcrZ4OQEwNKCt%2Bf195nqQsbn8Uww%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-powered-by: WordOps
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 830d33f3ae0b0b3f-AMS
Connection: keep-alive
Content-Type: text/html
Date: Tue, 05 Dec 2023 15:08:10 GMT
Location: https://19216801.one/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toi3ZEAVxYT7JxkcfpNZLhLowY4nUsGXf0cVSFhNRTzARi7q4WGYVZXGBXqxzbn2hua5IIchqY3R2S7CuqCAba4rYEHf3I6KU8UXAmyP4G3gdcKI3WRkYGTVrPogFI%2FuqIh6Em5L6rVEc14%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Powered-By: WordOps
X-Xss-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
19216801.one/wp-includes/css/dist/block-library/ 40 KB
6 KB 21ms
18ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dist/block-library/style.min.css?ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2370087
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 11 Jun 2020 02:23:31 GMT
server: cloudflare
etag: W/"5ee195a3-a055"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FGHCgK5s0uVBllbaY930EtjCrnsIetMWtX3z2LzYGlnh5UthjmxQganjlguHDyZ8d8v6EOXeJiy9kX63dWldekihREmFQJfMAkZoZibQ0LNMuVmj%2FpTgAwN5VwnUKSP8kOctChIIK77XbA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef476945-FRA
expires: Fri, 08 Dec 2023 04:46:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
925 B 77ms
43ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8abc3b73e072a619c447f11a1d49b507566340595a032fc4c683d98b9e2fbf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 15:00:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:08:10 GMT

GET
H2 200 dashicons.min.css
19216801.one/wp-includes/css/ 46 KB
28 KB 21ms
19ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/css/dashicons.min.css?ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651360
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-b9cc"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4jnyu5hM%2BC0AF7vQ34%2B4yGQY8evasIQeUtpT3LVQgSFvmanhszUjHtb3U6gUxAhZshlKqh%2F9B8zM0oOz%2FH2hGBIBHE5WCEuj%2F44huz1x9Z%2F8uzlCZ4UmVOcCKgnRmEU01JFCFT8opWPUIQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef4a6945-FRA
expires: Thu, 28 Dec 2023 02:12:10 GMT

GET
H2 200 simple-grey.css
19216801.one/wp-content/themes/simple-grey/css/ 91 KB
18 KB 30ms
28ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/css/simple-grey.css?ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2191218
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-16ca4"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOLrlj0NfygG4iochgVfpPoUaLXb4s9OVjLBmwjpzgliSKi7ZfACaC9rjVeP7F9cL5E3%2FSiYLjrjg4Rfp9A7PRuXSHxu8Rj6msGOLp6Hqol2fBl7%2FN5ANjLCGXRBPlOldroEuw8fyEsRI98%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef4b6945-FRA
expires: Sun, 10 Dec 2023 06:27:52 GMT

GET
H2 200 default.min.css
19216801.one/wp-content/plugins/tablepress/css/ 6 KB
3 KB 18ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/tablepress/css/default.min.css?ver=1.10

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2034963
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 01 Dec 2019 09:04:38 GMT
server: cloudflare
etag: W/"5de38226-16ef"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgRyvNWN9P%2FGC6uw0OdXp5K97pMozRDW1e%2Fh0UMb11W%2F0zmUwicFCvFeIF011%2F%2BZG17DOTxC3kpox7TZ8%2BMV8Y1wBIErtOKPWvR12y7CNgIZuTHSGcqNIKJbeO18iLReh0Yz5bb4GK%2F1jR4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef4c6945-FRA
expires: Tue, 12 Dec 2023 01:52:07 GMT

GET
H2 200 elementor-icons.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/ 14 KB
3 KB 24ms
22ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.4.0

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306681
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-38c6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzDmiNQdmwrXLmXOqAkU8wWvyoHe4TY2CCgTDPNa6%2BY8TisabzUoX5hpSY%2F0ivXLvj7RD8wD0RjE2rqNwj6mM7NdynmNdP6VgcgyIZAEUI09yhHSlfXuywTyIuvqwHNTyq3Em%2F94oIrJRyY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef4e6945-FRA
expires: Mon, 01 Jan 2024 01:56:49 GMT

GET
H2 200 animations.min.css
19216801.one/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 25ms
24ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 391629
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-4824"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5AT2jrCFT7GA4L35CGJwgX6ux9LwoM%2BRdxK3UTEpjoMxDxFv7ThiO3HH4prQYZcAb6cI0ymtK1xs93CGIljVpZNg%2BCcTjK2gtRI0J%2F%2BsnvwEcVNTDLH3O8tmE6nwA%2Buv%2BSX0otvoydi94M%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef4f6945-FRA
expires: Sun, 31 Dec 2023 02:21:01 GMT

GET
H2 200 frontend.min.css
19216801.one/wp-content/plugins/elementor/assets/css/ 101 KB
15 KB 26ms
25ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479440
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-194d6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdd64sUhcURZuwOp5JtkT%2BVd0t4IccCAIwmo4QPZ6vpJMjBLpYyEhiX%2BHFPeNfD%2FvdENiX4Zot%2BYFpHvUveETcH5LK%2FokGA0bN5h0y6HMg7qC8fs6hGcVI3nV1MaXprGQLS9Wl%2BYNTfpeCc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef506945-FRA
expires: Sat, 30 Dec 2023 01:57:29 GMT

GET
H2 200 global.css
19216801.one/wp-content/uploads/elementor/css/ 4 KB
908 B 22ms
21ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/global.css?ver=1573318726

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285824
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:58:46 GMT
server: cloudflare
etag: W/"5dc6f046-f0b"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF08WbkIoALnjwANkDj7JtPAdIcaAKwrSOHAwuLTN30pUUiB4WX%2Bhib9i7ZHFRVp6bMDnCfmpAPGgMx%2BEBxDOimWm8Xlk4tKgcb2eom%2FBnWkMGdT6c9AAdJp9tGuynNMWX5OD4rDEuuZxs0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef536945-FRA
expires: Mon, 01 Jan 2024 07:44:26 GMT

GET
H2 200 post-8.css
19216801.one/wp-content/uploads/elementor/css/ 14 KB
2 KB 24ms
23ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/uploads/elementor/css/post-8.css?ver=1596258357

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 375767
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 01 Aug 2020 05:05:57 GMT
server: cloudflare
etag: W/"5f24f835-39d0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjKCEmbXU%2F6%2B58pcU7XXMM8j3r7vU%2F8GrvoVsLaZ4Q12FCLFHtR8DDC4%2FLOdkJgMxcuU%2FF8FQjznN9%2FXeDqL8P3Q7YuIiGiUezsB601obDGadVn1WHgYxARbIqXiipABsIDjSZeaKnByP8Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef546945-FRA
expires: Sun, 31 Dec 2023 06:45:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 60ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:52:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:08:10 GMT

GET
H2 200 jquery.js Show response
19216801.one/wp-includes/js/jquery/ 95 KB
35 KB 30ms
29ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 473571
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
etag: W/"5dc2dd10-17a69"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXuaJsVA1OnTiYOH3UYy287Q7fyyVZvnInUlGJFkm0e9dEF4ttt7Ga4%2FBjfEvTs4QYZAR1nmc6HTIxXg5RxlK2QCvEMbuL%2FdQjOK9fvrlEH%2BmJJn1bky4sSNFEVIDPP0cv7K9AKOHZBXBsk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ef556945-FRA
expires: Sat, 30 Dec 2023 03:35:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
19216801.one/wp-includes/js/jquery/ 10 KB
4 KB 34ms
33ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651360
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 06 Nov 2019 14:47:44 GMT
server: cloudflare
etag: W/"5dc2dd10-2748"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDuwvGIRORIsYMNXTqszzq8Zcl4rrOC89XkyGs92E5UOShqD6o3jEGp52yspumU0zTaskB9jMleDh7xZQBOajeRPNc30yP4xyO3tguenxpE4ZP2w3qEpkzlIP13Kdn%2BthVxUDw15ffFZIG8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f5ff5c6945-FRA
expires: Thu, 28 Dec 2023 02:12:10 GMT

GET
H2 200 micro.tag.min.js Show response
itweepinbelltor.com/pfe/current/ 26 KB
11 KB 43ms
12ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js
Requested by: Host: 19216801.one
URL: https://19216801.one/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 13:38:02 GMT
server: nginx
etag: W/"65649bba-697f"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 122ms
101ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea556e03fa35c2015ad933cccfc2a755c6f82c194274b6ac323519a4b3bd200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51710
x-xss-protection: 0
server: cafe
etag: 10216184432573451772
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:10 GMT

GET
H2 200 internet-speed-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
6 KB 28ms
27ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/internet-speed-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687954
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 5981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:03 GMT
server: cloudflare
etag: "5dc6f507-175d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R1HmvsP5opaBSAkf0%2BhdvZWmjC9RX8FkV2oxQeDz2RlEJGIpbAVFoxpFCMJTzcpW6Y7tB7twSPQF%2FId0XNlhep8DrAebdhenIP06bW25MbAg6mweaDA8gQBcw9FTXN13%2B2d0f%2FudkxgUEs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f5ff5d6945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isp-throttling-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 27ms
26ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/isp-throttling-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2408131
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 2352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:05 GMT
server: cloudflare
etag: "5dc6f509-930"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrFi0Hd1v59Pq0CG8tjvA%2BXQmvFPR8p9u1agoOoxIkb%2BJGEMMaxKpCyt6kHtMqUDuNRBBz5GkKYGHb7Z%2FSvhI8O6p7r9htBd%2FwIwhOLrpaQu6YCsRYpTrzvgOpaxrSMb4fhB1l%2BABZPELSc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f5ff5e6945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Speed-Test-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Speed-Test-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3068273
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 6473
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:35 GMT
server: cloudflare
etag: "5dc9821f-1949"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydDMFnWKh4Eaxo%2B3qYIuI6kNrGsv0Tv6mXC60eqN2F4aPnxbwSac88mcctXjrpDhoVOlw4bb1Px3Qn2Tk97WR37BIRotof%2FbdmInZHfNCNpZuacMdSm3yMV%2FrNqCvyG1tE8gE%2BH4esby%2FVo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f61f8e6945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wifi-1.jpg
19216801.one/wp-content/uploads/2019/11/ 4 KB
4 KB 17ms
17ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/wifi-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651170
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 4179
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:07 GMT
server: cloudflare
etag: "5dc6f50b-1053"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExwdVw%2Fpdwfh6P%2BJnz%2FAGGJACschnGB7bJsr%2Bj054%2BuvFD115oCbK73boTIutrGvfXpVvwIEjXQetV9Yq%2F%2FV5N82nG4zQRPI2b6NG7gcqcm%2FYOUbDO7WJ8TaTdvyelMvdQNF4JPNMKURjRE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f61f8f6945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 privacy-1.jpg
19216801.one/wp-content/uploads/2019/11/ 2 KB
3 KB 32ms
32ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/privacy-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467143
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 2505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 17:19:06 GMT
server: cloudflare
etag: "5dc6f50a-9c9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyLtLHPkfwkXXjoq7aZ8z2AIfVlfWlGPBVOJGv5IHj6bMHtJXKhw7gU81%2BlWJMfCYzx2hVVdEfjdfYb2GK%2FKM2%2FggI5olY4c2j2Bjgn6PFUsgIW%2Br7r4UN6bGDAb1Xu9XRTXPYK0OsaZS4k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f63c831c90-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Movie-Streaming-1.jpg
19216801.one/wp-content/uploads/2019/11/ 6 KB
7 KB 60ms
59ms Image
image/jpeg 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19216801.one/wp-content/uploads/2019/11/Movie-Streaming-1.jpg

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 394016
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
content-length: 6441
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 11 Nov 2019 15:45:37 GMT
server: cloudflare
etag: "5dc98221-1929"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kqdJ6IdRrG6GAiq9QeTASiXkOYNhDhkdjdrGDPE9GGydmtZGrAZiAayIGQWJQj%2BtK11Z6%2FcQtFzHulCWm%2FbheG2JX1HxS2ENPQn4aU65I2G%2BL5MvsLcjhzaf%2Fp12nN0OB6VJwpk46XkUoo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 830d33f67cf41c90-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navigation.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 1 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/navigation.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467038
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-4a7"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNYBokEJ3lenijJ72a%2FbxyYPhC%2FpwbYRpJDUxVCX8MKZaZsgM03Pu%2FGEddiy9bqrqz2P9AtBaSAfw7ljWuZC82MP3bk1Hyp704qzdQBj5sPPxHKW4sWQc4M%2BGEi3%2BMiYrW0G7CwdigADuL8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f63c861c90-AMS
expires: Sat, 30 Dec 2023 05:24:12 GMT

GET
H3 200 skip-link-focus-fix.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 650 B
866 B 24ms
23ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/skip-link-focus-fix.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446521
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-28a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDuBtIAJTthd9hlC%2FqZX4e70jnYDsrN3TPQaYZv84RgkzTu5iRbi1Lu8HcRsfO7QjWYuirfxZY1RHg5gELq%2BbtLiAx4LGuerXRfefDEQdNb7PtM5va4HjXHgTKlwWXEpw%2B764%2F1AYl1U724%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cdc1c90-AMS
expires: Sat, 30 Dec 2023 11:06:09 GMT

GET
H3 200 oembed-adjust.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 455 B
829 B 23ms
21ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/oembed-adjust.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466058
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-1c7"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6o%2F%2BRoRSnDx0PTQXSbCKO4EAFeeHIE6oHvw9hG1FGLuFaFIzL8Bzs28WXsZadGWFQU8MGecu1ABiKA9l%2FoJAeLPBmMUrvjiTo0DjhVY09xPHfX1iVIgeT2PqaC2KidEweoykjucEc4n3lk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ce01c90-AMS
expires: Sat, 30 Dec 2023 05:40:32 GMT

GET
H3 200 accessibility.js Show response
19216801.one/wp-content/themes/simple-grey/js/ 569 B
842 B 36ms
35ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/js/accessibility.js?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2198113
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-239"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6Y9ulOH6YwK72V3QBCwyr%2FjbVrPYnn%2FfSbqfEm%2F0qWQlWVCUxXZDtEgCyc5rIYSOxaoMOe7ieezBzlZaqmfn986PMmdm0RJpVrZvY4ivZ7Fq7fLhjTSAWZffj6QlJltmr9%2FFTRkRj3HYtM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ce31c90-AMS
expires: Sun, 10 Dec 2023 04:32:57 GMT

GET
H3 200 wp-embed.min.js Show response
19216801.one/wp-includes/js/ 1 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-embed.min.js?ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2188299
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 17 May 2023 02:23:40 GMT
server: cloudflare
etag: W/"64643aac-5a3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jatFeQRVApadqUVTay0Bj2Lx%2FthGzJpbugfPBM5i5hwe7jxRrpTIrBpC3skQURMCH5QphzLIgfIoHTE5CMc40Bj0kEPRkgcXDps0Ry6tVzNvsEfq3ZRY%2BnhW8qM%2BoiJb5LrHwNulPwB1E4I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ce61c90-AMS
expires: Sun, 10 Dec 2023 07:16:31 GMT

GET
H3 200 frontend-modules.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 46 KB
14 KB 37ms
35ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638581
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-b82f"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GdV5XY4GEvkYarZmSp9%2BIPG44cNuQTyaVba4lRe7opcV6LCOcfXieJsSXSnO3pvADuYwAsIjd7XSa0M78LokDxrkPBwrfGxkBeJ%2BhJHe2n3QczCDFJFXW0XODdSaWLzUtsnSjvi6NWSI3U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ce81c90-AMS
expires: Thu, 28 Dec 2023 05:45:09 GMT

GET
H3 200 position.min.js Show response
19216801.one/wp-includes/js/jquery/ui/ 6 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638580
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-1926"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLWnWe37UpSywFSMHKeQJ7DQ%2Fhqw8cb99IPmN%2FxOVaeKEcHNOvpTODVfqz9goieWUqhxHOXjqgrHeIJFw%2BR4PBr8aGHHa1vpQr2HNUjUrImpUonzJP5VPvWclpqatq1TmfRKXaZy1Qpr4m8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ceb1c90-AMS
expires: Thu, 28 Dec 2023 05:45:10 GMT

GET
H3 200 dialog.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558240
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-29b9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c63YgjRFGT%2FOsu20rYmYbMgtliNBB9aY8nx4voPMbsIewXO3ijf%2FdBomFv6xOEgGmsAGl6pi4hqpx4G%2BYPEEAMOhllan0h9aReyJDiCOgIDLAB6jFFJX6n%2BFfD30DVxXD43kstyvI3nR048%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cec1c90-AMS
expires: Fri, 29 Dec 2023 04:04:10 GMT

GET
H3 200 waypoints.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 28ms
26ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 646663
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:28 GMT
server: cloudflare
etag: W/"5dc6efbc-2fa6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33sgb9EyvIUF%2FBC%2F3BhAJ3hZxhmQOsTKgA%2F1e6m7sRGXmv0oMrBjtRI8hMEnpJWKTlLB85hecF0MBMaXCMQIUhv8rJVk%2FfipGWQMgDHi%2Fuu5B8t02Xm6I49Ejwz6swc99bJrTt8aa%2B5eQqg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67ced1c90-AMS
expires: Thu, 28 Dec 2023 03:30:27 GMT

GET
H3 200 swiper.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
33 KB 40ms
39ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386489
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-1ea8a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J404V4BfyLG0JpIbVVqJf5TvEwqwSQqQs8pMN1BeAEnl1JL024Mb36XAjK8ESLLhJq0rau%2BQ22kiO2CDxT9MyTli8IrVt7eekvubSWjKdP3%2BgnsjokL0PCVjqevKSWWJcX4J3VUTajjaLHk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cf01c90-AMS
expires: Sun, 31 Dec 2023 03:46:41 GMT

GET
H3 200 frontend.min.js Show response
19216801.one/wp-content/plugins/elementor/assets/js/ 92 KB
25 KB 53ms
52ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.5

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551535
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 09 Nov 2019 16:56:29 GMT
server: cloudflare
etag: W/"5dc6efbd-16f43"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDrJfJNejC94T%2B9BkoFyItGSWMg30I9OB6gOT0e6wi0FSDqVzxIXRmlivngQ2vO0Hli1P77KhmgDZfHtQBtLhanf9iHCQKjyUrMlaDfjuoTtM3OAvkEKxgGzs%2FdCYhNa9WLZZYH4jDaNbUQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cf11c90-AMS
expires: Fri, 29 Dec 2023 05:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
19216801.one/wp-includes/js/ 14 KB
5 KB 62ms
61ms Script
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-includes/js/wp-emoji-release.min.js?ver=5.3.16

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551492
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 19:24:19 GMT
server: cloudflare
etag: W/"607892e3-3619"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfxJhEL3788D9QcMfihTruxUKzJ7QP95J0A73OlqkjUJv%2F%2B3SwnfaKt8S%2Fh%2B6UzGPzR8gd7kdL0SV753fpRewwf05B5ktD3r0jJEA1yrnS%2B8dNfaBLERvyvXe3XOcV9pVNLICdoiEdycqz8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cf51c90-AMS
expires: Fri, 29 Dec 2023 05:56:38 GMT

GET
H3 200 style.css
19216801.one/wp-content/themes/simple-grey/ 661 B
969 B 63ms
62ms Stylesheet
text/css 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/wp-content/themes/simple-grey/style.css?ver=1.6.1

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651118
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 09 Sep 2019 16:59:56 GMT
server: cloudflare
etag: W/"5d76850c-295"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHV0zT5KbjuYiwrukeg5p0s2YIT9lt2jLsRc0qWZB0ecuC2EG1J23Fs4CKUU6IeRXV66g4%2BMSeVXuSYDHzQs4OL2RjUF5u2SIrG1HYRlzKJbNRsoqUtXcTklisyT3ubIgnf0NMqJb941RcU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f67cf61c90-AMS
expires: Thu, 28 Dec 2023 02:16:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 170ms
150ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47d11000ced885efbf67cdf08f16b2a8de93837fa36e72e3547f8b6bd04f8a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51707
x-xss-protection: 0
server: cafe
etag: 18224599675092813166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:10 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 231ms
114ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 04 Dec 2023 12:19:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "656dc3da-1139b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70555
expires: Tue, 05 Dec 2023 16:08:10 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:50:21 GMT
x-content-type-options: nosniff
age: 22669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:50:21 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic&ver=5.3.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://19216801.one
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:12:48 GMT
x-content-type-options: nosniff
age: 6922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 13:12:48 GMT

GET
H3 200 sw-check-permissions.js
19216801.one/ 0
856 B 20ms
20ms Other
application/javascript 2606:4700:3035::ac43:cd55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19216801.one/sw-check-permissions.js

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:cd55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650997
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 20:29:36 GMT
server: cloudflare
etag: W/"63c9a830-244"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6kUNn3upbCJPZecAbsozTsX0eOBHcBBIdIccNYpzQHDrytn4uGlUO8LKBNm8CgevRnlZazJeMCeOU0257dmIh7YnsiQt%2FvRAm7Hozd89EMw5Th%2BcI0J1uJLNv%2BY1MNl0Q8B4Pes%2FFsZ%2F3c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 830d33f6cd531c90-AMS
expires: Thu, 28 Dec 2023 02:18:12 GMT

POST
H2 200 zone
itweepinbelltor.com/ 0
255 B 14ms
12ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/zone?&pub=0&zone_id=5659798&is_mobile=false&domain=19216801.one&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 54486057afaac2a5c23155f1399a8a14
date: Tue, 05 Dec 2023 15:08:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://19216801.one
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 47ms
12ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5659798&checkDuplicate=true&ymid=&var=

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0f1d7b2ef567d0e451f0de6e5f7fa7b0effa13e773f2400027f9566d01a16ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
itweepinbelltor.com/ 824 B
1 KB 36ms
12ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itweepinbelltor.com/zone?&pub=0&zone_id=5659798&is_mobile=false&domain=19216801.one&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8ed3257d9cb0d691c5133c008b5668e92ca9280ba29dee03188e05a8d8a66b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: a80e504948a4bee36de7209fc8b6c1db
date: Tue, 05 Dec 2023 15:08:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 824

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ 968 B
2 KB 72ms
14ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=6231437

Requested by

Host: itweepinbelltor.com
URL: https://itweepinbelltor.com/pfe/current/micro.tag.min.js?z=5659798&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d681300c99180612df7ed8fa53902393696c6a8febc76a7e6b8cc7781bbea20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 968
x-trace-id: e9bc85300fac7123a008bef7d362463a
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4812870882449745&plah=19216801.one

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c39d296b12fb08093447076315442ce1f8211b585d80b324cfd271079eb5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137566
x-xss-protection: 0
server: cafe
etag: 17045131356044484171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:10 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 50C7 9 KB
4 KB 27ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:04:00 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10208.oW4jpaMWUH9Vt56-J6wLd4bHq0CDtDS7OPVE5VD_g866733Clf9r_HkqGwz4bZpl.dqXs3tvaGV0RkuTz_IthSNTKXqo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10208.Vpk5G9kRgn0HdiLYt4sCP0jODgVV1ZFwmC8Sq4qQSxdHj8-H9I7cK3bZfLvHu0e7FiBQRzScoKQFXSFpU6tsIbmTI68NWGDFWOZxK6v1KgNtX2TACXcEYRtO5_b0Cat6PxgPd8M7LO...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10208.jq_1F1iBFDBhNbDwumwIvWmVwkLRaTV-rzdxdjJNi7zHxSZaAcsX0H_5W7BXSt6ZpsIcWFX5EX0umpj8C8-KaqDqTWWD_Wfj1NUi9VNOL6QZU...

43 B
581 B

71ms
71ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10208.jq_1F1iBFDBhNbDwumwIvWmVwkLRaTV-rzdxdjJNi7zHxSZaAcsX0H_5W7BXSt6ZpsIcWFX5EX0umpj8C8-KaqDqTWWD_Wfj1NUi9VNOL6QZU9c9u_PJ6ekx2iOnv9xNo9h9TtQdfEelNyjMtc4anqf8BDv7l9JEUSukkEaQKmasuZOk6O2esq5tJz9eY99TFjbFw3F9hevCvVDlt89R7g%2C%2C.BSOK8LOq_2m6TmmIu5O_tcX2fI0%2C

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10208.jq_1F1iBFDBhNbDwumwIvWmVwkLRaTV-rzdxdjJNi7zHxSZaAcsX0H_5W7BXSt6ZpsIcWFX5EX0umpj8C8-KaqDqTWWD_Wfj1NUi9VNOL6QZU9c9u_PJ6ekx2iOnv9xNo9h9TtQdfEelNyjMtc4anqf8BDv7l9JEUSukkEaQKmasuZOk6O2esq5tJz9eY99TFjbFw3F9hevCvVDlt89R7g%2C%2C.BSOK8LOq_2m6TmmIu5O_tcX2fI0%2C
date: Tue, 05 Dec 2023 15:08:11 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
472 B 58ms
58ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 04 Dec 2023 12:19:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "656dc3da-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 05 Dec 2023 16:08:10 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CA8 0
179 B 192ms
191ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&adk=1812271804&adf=3025194257&lmt=1701788891&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F19216801.one%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890770&bpp=2&bdt=230&idt=284&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1098107441744&frm=20&pv=2&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4812870882449745&plah=19216801.one

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Tue, 05 Dec 2023 15:08:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0AF 119 KB
40 KB 838ms
837ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1701788891&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890772&bpp=1&bdt=232&idt=297&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f4753a69cb1b48c7363d12e776e94aebc6a294e8f7dc50966764b9c2253a833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40746
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Tue, 05 Dec 2023 15:08:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3E8 110 KB
45 KB 922ms
922ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890773&bpp=1&bdt=233&idt=301&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59e3967f720601141769a70da6124c3653489e0d7d85b72cbe4c39281d0fa322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45858
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Tue, 05 Dec 2023 15:08:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37EE 22 KB
10 KB 487ms
486ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63479f1131ad66bea4e2d8f496c8c08d5f7dd99085eff6d7b28230daf79bb614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Tue, 05 Dec 2023 15:08:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/55749736/
Redirect Chain

https://mc.yandex.com/watch/55749736?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-...

439 B
558 B

65ms
64ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1166741048376%3Ahid%3A294827818%3Az%3A60%3Ai%3A20231205160810%3Aet%3A1701788891%3Ac%3A1%3Arn%3A470543075%3Arqn%3A1%3Au%3A1701788891589146759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C117%2C1%2C259%2C0%2C%2C162%2C12%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1701788890140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701788891%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

72ecfff079f37d8c9d84970d65e9033effcf4e3322776dd13a8697f0562706fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 05-Dec-2023 15:08:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 05-Dec-2023 15:08:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 05-Dec-2023 15:08:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/55749736/1?wmode=7&page-url=https%3A%2F%2F19216801.one%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A506%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1166741048376%3Ahid%3A294827818%3Az%3A60%3Ai%3A20231205160810%3Aet%3A1701788891%3Ac%3A1%3Arn%3A470543075%3Arqn%3A1%3Au%3A1701788891589146759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C117%2C1%2C259%2C0%2C%2C162%2C12%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1701788890140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701788891%3At%3A192.168.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://19216801.one
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 05-Dec-2023 15:08:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37EE 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJlR-aYjZ9jqodLTycBJbx-Bfg7mvktMfpRZTFMmbtWWo5RbvS_WsBsawsZLI1ARf7SnhOTa61re2h-wu4WIIx_SZLOKzHMPk47KqyKIW7yIr25UA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 37EE 89 KB
31 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 37EE 3 KB
1 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 37EE 20 KB
9 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37EE 202 KB
64 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A989 624 B
246 B 48ms
48ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIjin9wBMAE&v=APEucNW79V_C7i-hplx-4ejVsC8DdjlMAYpG-LV_-6rmaNmrFJuyf0NUMakMFeSvGIV5I5TpfRdi8VANN1QZyTUylXMHyVg_PYq3UOG38-no9jVCcwd2mhLfwgwG17oLNoOW2Yutra_f0QToo58-A3a0Wc-nNl-n9S5w6ylFzE6ySXlUYZiUeL0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Tue, 05 Dec 2023 15:08:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A989
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&C=1

43 B
770 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIjin9wBMAE&v=APEucNW79V_C7i-hplx-4ejVsC8DdjlMAYpG-LV_-6rmaNmrFJuyf0NUMakMFeSvGIV5I5TpfRdi8VANN1QZyTUylXMHyVg_PYq3UOG38-no9jVCcwd2mhLfwgwG17oLNoOW2Yutra_f0QToo58-A3a0Wc-nNl-n9S5w6ylFzE6ySXlUYZiUeL0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khonp%2B4Ji16uwh3vNc6QzqJQmeJM5qACStQ1h%2FGdIPKyErNSkZ090ACpzIF6vCyGXc%2BVjL683KW5udPOSqcVB6djgB92qce7oH3IVCEW6yU%2Bpds%2BuIdFRP0cuQ9EDX0XN7EEl4gibcQzag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d33fd4b863a91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrAdy3aSHC5ZJBYk%2BjAfVMDqqKinZJ6Q09ES5mS%2FkV2SgN8n6gi4OeWE9kWscdY0FTEZ%2FG%2BJVKagvaACUBBQnttZFxZc8cftcNgukqB4YHRoLpZXzidEwbJVSo4E%2Bj%2ByAGtyhf4m61vERQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&C=1
cache-control: no-cache
cf-ray: 830d33fd09189143-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A989
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW8821ptClcR.3JezwL7owAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&google_hm=2

43 B
733 B

27ms
26ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIjin9wBMAE&v=APEucNW79V_C7i-hplx-4ejVsC8DdjlMAYpG-LV_-6rmaNmrFJuyf0NUMakMFeSvGIV5I5TpfRdi8VANN1QZyTUylXMHyVg_PYq3UOG38-no9jVCcwd2mhLfwgwG17oLNoOW2Yutra_f0QToo58-A3a0Wc-nNl-n9S5w6ylFzE6ySXlUYZiUeL0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HM0eCDVmo4f5EF4OGnII%2BOHHMskLrDFeUshMuYw0XlWqvMdS7LWGSMzwCSVYq2l%2B5bzeG6a9pqwrJnTJtxXUtur8XncLtOlHkfr9HNyXBA8kQ7avI5igJvkLgcj%2FPlspFYhdJGfjsASZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d33fd5bb23a91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A989
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKGc86UgTw49PJN4-5aRtJg%26google_cver%3D1

43 B
892 B

14ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKGc86UgTw49PJN4-5aRtJg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIjin9wBMAE&v=APEucNW79V_C7i-hplx-4ejVsC8DdjlMAYpG-LV_-6rmaNmrFJuyf0NUMakMFeSvGIV5I5TpfRdi8VANN1QZyTUylXMHyVg_PYq3UOG38-no9jVCcwd2mhLfwgwG17oLNoOW2Yutra_f0QToo58-A3a0Wc-nNl-n9S5w6ylFzE6ySXlUYZiUeL0

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
an-x-request-uuid: e3c150db-3afc-4f51-9197-b31dc1d5d461
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
an-x-request-uuid: 33fe2596-b68e-4e79-bc4a-8b0155aad859
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKGc86UgTw49PJN4-5aRtJg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A989
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5ODgwNzMxODA5NjEwMzk3NQ%3D%3D

170 B
243 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5ODgwNzMxODA5NjEwMzk3NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
an-x-request-uuid: 3ddb812a-4cd0-4cd3-918f-1de8b8569dde
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5ODgwNzMxODA5NjEwMzk3NQ%3D%3D
x-proxy-origin: 138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37EE 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4514395568521&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37EE 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4514395568521&version=m202309260101&ct=76&x=1&cor=13304470652921039000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 37EE 113 KB
42 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COGiEAyYWAFGyMRIYZouEIgHrGeascfI3dktims2p8knEwh4XUlk3_kg2y3Xoo3q7hWgmHwjYFTPHRL_yL71P1RjQZWlUtvjfazJ_mZ0lFuxugtAzuHrixeMVePK29WgrAc9NP5qA7dqWVRUT43bRQ7N-BLpE_GOS5vfVRMef2uzIBVrU&dbm_d=AKAmf-BKqLdbIwfiexZodGFbCkaLHcozu2FqGHWA3SKhSie40xk_vSw_f5CSoo3tmPuxUnJeSUhw2jfc8VGyq6mlyAsQJLbzi6McFRD9UuBXkHDlxl6RbdAyr0ekmzZNTkG5PQCLLMB6W5muwENVjw8p6nXQL5lGkJXArtGVNfBZpWtMWWYD4R8bvawpx7UdQnxhJowYEidoJkQNWVvD-NcyVgmbnDjyHKz3T288r319L9WgCdmZAT1h8tXyixhgLYYAsqZ1-09I7BrRXobKtz2ZlCnGS_pcEufAPVZ9iNwkCidLiZXbBTQfnlmydY-35Bu0BnPz1LTlwl8fM4R-Z8pWe6BwDE4RCS2rKt0T7fVLBCeNMfqEw_TrFbEZax9uBukxfvC9_62CwT7pBP5uDKFKhQv-5cREbH95Nq1zLUYajGpWehZ0vzVW7OizLjBLsA_XipiPRusfR9WtHFNu9SPsZZZ-KG3_nYN1MQJFfBeYZyY1QqrpZ-unF7fEW4BsPDO5g1HBXvKL2AJD5GciLur3Wy5-cDT8D978KSZmWqrTPTxDq0bOdofOFn5zGYG17OWNZU874URwsiM0KydB5t1AFOGQLMSwwmQLbjeER5Rp8gNh3tnsyA1OLNxhh_MGn3ouIuqOBKX2HJndPc58H-uJgd-i4lzmTMol3Hs_5fPsVuJRPznz26rjnhyqpZqZD7gZbBeSXORFMa1q9fQDH_3RARg7i5d1kjls1ZpKWe_FKrJxCi1phWqXel8XCpjcGMh_1EOVctB1dOijGpYtkMK9zfaCEtSJAwDhTtMyZ735kR_49LCXibL7RrN18OyhYVyyGIMdbvFyp3j_-1Z-pNlPlsDsc-iy-RekBUlS6ZEjbzU3BV_Whq0kc-w_4IG7yUAhfgNbivno-032qQHUITHph0KJgoREaTdJdFzHnFWZIg1i1Cwskbtsagg4MPRj29JvD44gN9RDJp2BcxtCjgol3pkkem7I4iGw8_6SsYuuciZ-p5nEVdumPi45noQ5896G4G17F3K8UxV6tELipRN_I4Q17PJJEoaXWEV8Z7GkeaSKKNY5bLCynF0umb07N0n_-K7JOB1iUJ6vr1ZNKXKfWvPYnXo8jAjS_jNYRAcu40km4FvpYtLzUTCWveELImOVPtUHLTgQLONeedfIsPvNhuF2IFVAVdo9nkvGJ67y6zAcA3A3ajPzS6lWmopEtoAe77zFxh5TxSM9V7tc73rcLAO_IgMcO6XtzhCqFL1Rjm8kHgXpmpJ_Y3dU53HxmtJnU2Fhv8DzHl9kap-0gO5uQJfI6s3F79hB1V0D2HxEMRNbj3kQj9Yq09hYDRuFjl9Np1UuJtzIx7ubjv5L3F4cCl42Icfnm-udTGasGBvRj0Sn0QbHAREQFK1KhbB13ruP2hZtOpydIAT-GWOLFrsujNJ2Fd7H1C28MIt5XAO6IUG6fYo4u5oBHAt3a-PHnJXbHyWITnMFVMWMDMo5Hdjfs3Chul2QaUNv3qfh_k5hZIfXP64ot75SAPqxlcTfb1Fr7Q7fGZygy2bHOo-BN_jrVXo4ooQQ_8Nx0_Sm9ZWnPpfGfeCcHGFfEtb08akeXzlFNUYNuqLGP1r0w6yEbKCc4h6TZgwOLqAOUmNFaljU3Zb7bDEqQQ0cYdn9BUPVO7nR8M8BQF0AZ6LZF-jFXW4-eOcwfrAR9NClQA-bp-73iZQZgZklHVWTqGr0cfzE8uKf4Z_pHEMtUcn5LdKiaVMUkPlpQ0PsnlUlVUf9MtYZZb4MvUHv9A1cqdQiIARNIeDd8wFokp-osj9OUCr8u61z0J3XtpPLQstUTLu6PbxLLab-9hUny63Vbl-FQt1my40-uBN9cJoK96SH4UQYKhws2IyVe_1iSEKC_Ni-x51HJnKkyutCWBi7oKYfyoijiNuxIvE-Ya7OkU4LGqbxShDYoTAekWmdLoe1bFtUIWPQh2s6lm_kaZ7JhEPSDc1ULLSyCpbYeUNo0yV2Wy3iOGC_TCcVRXqbt62ZGksH3GBYj5wp8M_DKU2e2Gt4sWvU-AJVs5vLGw9vKdcw4cFmkbRKS-zahUggV1d4xTZ3HIiMvHovsNVMB_EuzGSL-26wzQzcC8lSVOr_31pvuXcZXt1KeC1pK9mfNXrWNUZnS1mRsQAbrOlHLO1TRvVI-fho3TC_LyX3K9ACazpCm3vepg7vvcpMEO4h2gpCeSaKb9GFgDVogodEknkFJ0o0-EfckvSo6mQ5ezQyGIdhW1R9bEvi4UtJvCZzO3yC8wkcSP_m8SyXxo_fA_QgfMciBEteaD3R12r4ytaLE8hEPZHmrMDIIx0Cjy1z6x6rvHFm1LB7jEfkT5r-d7MVWbj9CoIFyke5t64FPoDbyp_KtmAh0icL7oH7VxiHJYE1w4r9vxr-vdlSMhSlVmuFgOIAoKgHpeCwep0e7jpBd6LC0U6znlb4XkaOAeU8LLUBjGCFcoEBOxZyyC1cKNJ3-Bp9F4nKJfu1CVpjKTK0WlfC-1DNChH56m2q1aGG29DEnDNHB78X3bzYwR4b6Y3QWr90m5B3sfNk0P2XyzdM9W195LNqYMFQS2jiyg66cCn1TIAYsT323igWFSodgeLpyOok0NRzm_dluXfyVPso9tAZ_SfRaxKpJYeRguqLEZlqd2Rx1Wn4ESxBBwCkvrtzQTQtYTAAyp6lfgQlROCysQpyqLRVdOVkkmEnlm2KqJzeqcdJar_QK62t6k1qFk6KzfvXvDvx-Q0eJ68sofeT7F-pGQeh9Tm3TPmv68b6m-UjpNXcU05Gzav4EXM4KZIMHFwzb49k2tPeliQg17Pb9N9fRHBdp2k1v8nKyUPsmYc3IpwxfPLG8LDhAN9S3d0xlyqiL76EFayIAe6vjIzohKw_-KxSe6PT89yJuGPx7JkNa8HnpakIIp7lLXOtTwij_9fAPhALww4btgYSRVJdE2SjXkL-eKuEFdmMfzwb4mrCArvWF1WErt1PzW8tUFZ7FsSo2BkOwUqgnnzwv02c0GXTduBlqjpnNmsIf_VxEw34b_-RmD1XIxPiDh5eHswBdxnS8FtjD2v9kvKuW1Eiy0oYorx1WmKtP14WBacmspY9drVSU1DWJZKYeXZRtGc7moQ5jZ1XwRMVNjHV7HEOUVr6KTuZ9t_YMM85cy-YDM4_L1E-FKeOfuJcXriL6J3uAs5bwqYLfbb22T3E_sNrhQlywbXuCE001dnYjgDoRWY-YRS0yce6VmuFOblk55e-IC5gLVHTELkGXLscQhu4BEZtnfOQ2dcGftE_2tXLar_sakd6Jj-cMYu8RFw6U5FCu0RN3dzlYd15-Na1G5-X8N2CnzfgVuqKB3OTuICtkIDn6KegWya98Jw4pq7QAvcnyzNv0znXb1xHqnSKOoD_HLibnJBmV9tuk2c0EgE1_WL4uqxW8IFds-iStzlmcT_aED1LeB4_XtNsWEvF5WdYkNAGBRDOisf82U20C_z7dEjYE5oW0PJqaaRt4RrASMFnQxyWeaVGYIJrge-3sHkTTvVtjj5Fm5rAnYy96IFCiTLUvYWb3gOuqdJaeY1ihcBzh0kuDRvYWQq6x92jHTnCRUFG_w5LZ8qlf3EoRyDUZxVQGKDsdKcLGCtIi43Jos_cb34L-9kmRnF6R1Qp9x58dVeI6Z8S7eLsIBujm3vbSuV7k_1cVmqZUD0gt3t_0XLVk_tZBm5heb5_GxyikY-L53OMVMym6E6a6I5y4wNbAQT-IYApIRp7f2exneOtQuSClfRBmfHnn0vhPZ7_0v08__JQpfcjNh2u_ZE91vmtyQ&cid=CAQSTgDICaaNGm4wop0edwlRC5_09mgeg53hk8n4QQiCSnebGAqnSHSbi8XfxrpsRS1XRYPobFHjf0Tlx3Rcfu_0Cu1Um1IPbFHSJBZNOnZLFhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F19216801.one%2F&ds=l&xdt=1&iif=1&cor=13304470652921039000&adk=1964084971&idt=97&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

499bcb2273a9ba8fe7bcfce3a8f267cd9b57c6f45a1cf5219389302a3a533120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42946
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1291251/67826872/ Frame 37EE 255 KB
77 KB 109ms
35ms Script
application/javascript 18.203.173.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1291251/67826872/skeleton.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-4812870882449745&ias_chanId=1&ias_placementId=19226434042&bidurl=https://19216801.one/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2IUXwuhV7SeHKHMgNIXKT
Requested by: Host: 19216801.one
URL: https://19216801.one/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.173.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-173-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 82c7caa7395e107279eb68bf8d362fe363f8801524df9951565d125c5a60b187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 37EE 172 KB
61 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 11:58:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 37EE 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COGiEAyYWAFGyMRIYZouEIgHrGeascfI3dktims2p8knEwh4XUlk3_kg2y3Xoo3q7hWgmHwjYFTPHRL_yL71P1RjQZWlUtvjfazJ_mZ0lFuxugtAzuHrixeMVePK29WgrAc9NP5qA7dqWVRUT43bRQ7N-BLpE_GOS5vfVRMef2uzIBVrU&dbm_d=AKAmf-BKqLdbIwfiexZodGFbCkaLHcozu2FqGHWA3SKhSie40xk_vSw_f5CSoo3tmPuxUnJeSUhw2jfc8VGyq6mlyAsQJLbzi6McFRD9UuBXkHDlxl6RbdAyr0ekmzZNTkG5PQCLLMB6W5muwENVjw8p6nXQL5lGkJXArtGVNfBZpWtMWWYD4R8bvawpx7UdQnxhJowYEidoJkQNWVvD-NcyVgmbnDjyHKz3T288r319L9WgCdmZAT1h8tXyixhgLYYAsqZ1-09I7BrRXobKtz2ZlCnGS_pcEufAPVZ9iNwkCidLiZXbBTQfnlmydY-35Bu0BnPz1LTlwl8fM4R-Z8pWe6BwDE4RCS2rKt0T7fVLBCeNMfqEw_TrFbEZax9uBukxfvC9_62CwT7pBP5uDKFKhQv-5cREbH95Nq1zLUYajGpWehZ0vzVW7OizLjBLsA_XipiPRusfR9WtHFNu9SPsZZZ-KG3_nYN1MQJFfBeYZyY1QqrpZ-unF7fEW4BsPDO5g1HBXvKL2AJD5GciLur3Wy5-cDT8D978KSZmWqrTPTxDq0bOdofOFn5zGYG17OWNZU874URwsiM0KydB5t1AFOGQLMSwwmQLbjeER5Rp8gNh3tnsyA1OLNxhh_MGn3ouIuqOBKX2HJndPc58H-uJgd-i4lzmTMol3Hs_5fPsVuJRPznz26rjnhyqpZqZD7gZbBeSXORFMa1q9fQDH_3RARg7i5d1kjls1ZpKWe_FKrJxCi1phWqXel8XCpjcGMh_1EOVctB1dOijGpYtkMK9zfaCEtSJAwDhTtMyZ735kR_49LCXibL7RrN18OyhYVyyGIMdbvFyp3j_-1Z-pNlPlsDsc-iy-RekBUlS6ZEjbzU3BV_Whq0kc-w_4IG7yUAhfgNbivno-032qQHUITHph0KJgoREaTdJdFzHnFWZIg1i1Cwskbtsagg4MPRj29JvD44gN9RDJp2BcxtCjgol3pkkem7I4iGw8_6SsYuuciZ-p5nEVdumPi45noQ5896G4G17F3K8UxV6tELipRN_I4Q17PJJEoaXWEV8Z7GkeaSKKNY5bLCynF0umb07N0n_-K7JOB1iUJ6vr1ZNKXKfWvPYnXo8jAjS_jNYRAcu40km4FvpYtLzUTCWveELImOVPtUHLTgQLONeedfIsPvNhuF2IFVAVdo9nkvGJ67y6zAcA3A3ajPzS6lWmopEtoAe77zFxh5TxSM9V7tc73rcLAO_IgMcO6XtzhCqFL1Rjm8kHgXpmpJ_Y3dU53HxmtJnU2Fhv8DzHl9kap-0gO5uQJfI6s3F79hB1V0D2HxEMRNbj3kQj9Yq09hYDRuFjl9Np1UuJtzIx7ubjv5L3F4cCl42Icfnm-udTGasGBvRj0Sn0QbHAREQFK1KhbB13ruP2hZtOpydIAT-GWOLFrsujNJ2Fd7H1C28MIt5XAO6IUG6fYo4u5oBHAt3a-PHnJXbHyWITnMFVMWMDMo5Hdjfs3Chul2QaUNv3qfh_k5hZIfXP64ot75SAPqxlcTfb1Fr7Q7fGZygy2bHOo-BN_jrVXo4ooQQ_8Nx0_Sm9ZWnPpfGfeCcHGFfEtb08akeXzlFNUYNuqLGP1r0w6yEbKCc4h6TZgwOLqAOUmNFaljU3Zb7bDEqQQ0cYdn9BUPVO7nR8M8BQF0AZ6LZF-jFXW4-eOcwfrAR9NClQA-bp-73iZQZgZklHVWTqGr0cfzE8uKf4Z_pHEMtUcn5LdKiaVMUkPlpQ0PsnlUlVUf9MtYZZb4MvUHv9A1cqdQiIARNIeDd8wFokp-osj9OUCr8u61z0J3XtpPLQstUTLu6PbxLLab-9hUny63Vbl-FQt1my40-uBN9cJoK96SH4UQYKhws2IyVe_1iSEKC_Ni-x51HJnKkyutCWBi7oKYfyoijiNuxIvE-Ya7OkU4LGqbxShDYoTAekWmdLoe1bFtUIWPQh2s6lm_kaZ7JhEPSDc1ULLSyCpbYeUNo0yV2Wy3iOGC_TCcVRXqbt62ZGksH3GBYj5wp8M_DKU2e2Gt4sWvU-AJVs5vLGw9vKdcw4cFmkbRKS-zahUggV1d4xTZ3HIiMvHovsNVMB_EuzGSL-26wzQzcC8lSVOr_31pvuXcZXt1KeC1pK9mfNXrWNUZnS1mRsQAbrOlHLO1TRvVI-fho3TC_LyX3K9ACazpCm3vepg7vvcpMEO4h2gpCeSaKb9GFgDVogodEknkFJ0o0-EfckvSo6mQ5ezQyGIdhW1R9bEvi4UtJvCZzO3yC8wkcSP_m8SyXxo_fA_QgfMciBEteaD3R12r4ytaLE8hEPZHmrMDIIx0Cjy1z6x6rvHFm1LB7jEfkT5r-d7MVWbj9CoIFyke5t64FPoDbyp_KtmAh0icL7oH7VxiHJYE1w4r9vxr-vdlSMhSlVmuFgOIAoKgHpeCwep0e7jpBd6LC0U6znlb4XkaOAeU8LLUBjGCFcoEBOxZyyC1cKNJ3-Bp9F4nKJfu1CVpjKTK0WlfC-1DNChH56m2q1aGG29DEnDNHB78X3bzYwR4b6Y3QWr90m5B3sfNk0P2XyzdM9W195LNqYMFQS2jiyg66cCn1TIAYsT323igWFSodgeLpyOok0NRzm_dluXfyVPso9tAZ_SfRaxKpJYeRguqLEZlqd2Rx1Wn4ESxBBwCkvrtzQTQtYTAAyp6lfgQlROCysQpyqLRVdOVkkmEnlm2KqJzeqcdJar_QK62t6k1qFk6KzfvXvDvx-Q0eJ68sofeT7F-pGQeh9Tm3TPmv68b6m-UjpNXcU05Gzav4EXM4KZIMHFwzb49k2tPeliQg17Pb9N9fRHBdp2k1v8nKyUPsmYc3IpwxfPLG8LDhAN9S3d0xlyqiL76EFayIAe6vjIzohKw_-KxSe6PT89yJuGPx7JkNa8HnpakIIp7lLXOtTwij_9fAPhALww4btgYSRVJdE2SjXkL-eKuEFdmMfzwb4mrCArvWF1WErt1PzW8tUFZ7FsSo2BkOwUqgnnzwv02c0GXTduBlqjpnNmsIf_VxEw34b_-RmD1XIxPiDh5eHswBdxnS8FtjD2v9kvKuW1Eiy0oYorx1WmKtP14WBacmspY9drVSU1DWJZKYeXZRtGc7moQ5jZ1XwRMVNjHV7HEOUVr6KTuZ9t_YMM85cy-YDM4_L1E-FKeOfuJcXriL6J3uAs5bwqYLfbb22T3E_sNrhQlywbXuCE001dnYjgDoRWY-YRS0yce6VmuFOblk55e-IC5gLVHTELkGXLscQhu4BEZtnfOQ2dcGftE_2tXLar_sakd6Jj-cMYu8RFw6U5FCu0RN3dzlYd15-Na1G5-X8N2CnzfgVuqKB3OTuICtkIDn6KegWya98Jw4pq7QAvcnyzNv0znXb1xHqnSKOoD_HLibnJBmV9tuk2c0EgE1_WL4uqxW8IFds-iStzlmcT_aED1LeB4_XtNsWEvF5WdYkNAGBRDOisf82U20C_z7dEjYE5oW0PJqaaRt4RrASMFnQxyWeaVGYIJrge-3sHkTTvVtjj5Fm5rAnYy96IFCiTLUvYWb3gOuqdJaeY1ihcBzh0kuDRvYWQq6x92jHTnCRUFG_w5LZ8qlf3EoRyDUZxVQGKDsdKcLGCtIi43Jos_cb34L-9kmRnF6R1Qp9x58dVeI6Z8S7eLsIBujm3vbSuV7k_1cVmqZUD0gt3t_0XLVk_tZBm5heb5_GxyikY-L53OMVMym6E6a6I5y4wNbAQT-IYApIRp7f2exneOtQuSClfRBmfHnn0vhPZ7_0v08__JQpfcjNh2u_ZE91vmtyQ&cid=CAQSTgDICaaNGm4wop0edwlRC5_09mgeg53hk8n4QQiCSnebGAqnSHSbi8XfxrpsRS1XRYPobFHjf0Tlx3Rcfu_0Cu1Um1IPbFHSJBZNOnZLFhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F19216801.one%2F&ds=l&xdt=1&iif=1&cor=13304470652921039000&adk=1964084971&idt=97&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:12:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 37EE 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11937
x-xss-protection: 0
server: cafe
etag: 9249472389583843189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:08:43 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 37EE 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 37EE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d74453b8203e490d5712ab998ba1e4539ad3df87472783d3e7fbeb76957384

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F2D 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 14 KB
4 KB 51ms
15ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89256d12149c427229478bd706a25f6a6c487489f2fee7790ca3350ff15b20e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3863
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:11 GMT
expires: Wed, 04 Dec 2024 15:08:11 GMT
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 37EE 0
0 126ms
85ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYCUnfiuLu47TtDxxOSORMldbVVwcBKIaWiGh9Z2qgpwSJGJweGGkxeA0UrH__uY2qMNpq0MQ_YMmzcCDIGRBQxHrkTEShdDsBpw0SipV5Jy6aAIQ9HqEXgQAV2cF8HpLVOyVpGbF4E2DITPP7pm1-dkkV3orG9EO_p2YZjX5hDYXM2y3Ag6Lnp6tSATwuoa4NlD10pVXuFD_Pz6cL1_g4vlo1LF5G-6844e4UjwCAiHgmx7gdrtneQBjyynQgCIniigcFGtL9x2lz9_mrVAUSVFMnogTRZLHxwPZ4-dmI9OfC07X-iu10v3mAcPZ-KKzAziJKugPcix7pfm3tLkfbYb0C8r7gh2xSV9G0UnF2yei0shNix33O1Cc-pNGax-HTHjR43nmQj2mNEk-xCbvr7fZOR6y0dDkQj_rUT4avRKL6pvt52yQKL7ivl0PZDC3kgKYZzTGFKoZZ-kQPES1uJtxunjCOghCYwqpPpF2-3Yck_mNcHYbCSVLWX9YHuUgrbjnQNwiU0VLxaDns--nz8Ex_bojTBWoB3-abQhz3gZJ4V1JwWVOsb7CDGj2WZ4cGjFK2Cr3Xhff2JkLuwQcpz9veCXbBW_RRsUn8TCwXlFtVLutbYeOjISG5yz1sNUhGdpwIpQ0JRa14gbrhhxPyEHme7qB9d42kxdImKjcCj4ZcD0rT2S0vhnnldZW-xgzl4aK251iXt6ubCURCaY8OJEiA55g2YfixQ-jKOmDOKMm7TJNOz-m-wU9ThuCQXDYUyA8ncAx-WYcdh82uYXP7-oS5GC6R4ZKNEI3GpbnKZpeSsO5NKxqz1pDlqWCuVejv0-t3j0yp1SyqRiGKNzLcXDUXTz_llgSsMopyGRHXyLq3tR1pIszKFUW9NLlZDDg5_oiXq24KB1KtUFJEWiuDEvwWXnoh3ILVyXfarS3DZQCdoo-gVRNP_3ZBMvw0VQ2t7zcrdmcEZCQyFNzim9SpcMCy_EyVNEh4Bb8h3xJRzlNiymBOM9cjFLXV7VbyEYh630gh7X16TJNU6QZar09YBqyOK6SUn8WKPi_aX50499LWU17Hw68ODQbbbzA26cZDllkRuPIEO-r2ZcCzyriGQJvXJRr3kUbtvi7Bx1O774MWE3lJD3Okv2rZUx6Y1SW6gYObaSip6JXfqYBRZ1J0-J8k_-MCun_7IkDOVDXIe_oaViRJEOZnof2KjK91G2w68yUl1SBJrXsdWHbGqVThfCjqCh_Sf2l9K70NLHGrgYUDrw2w8yW9lLLYyfLCc7GqsN73j5UBgyL2_7BMOb98dAqctlhHcUt8uGH0GkyFc62qaBzBQmcSRbSm_Twq69s0s5lc48QzxqyRLxJI_45yebYR&sai=AMfl-YTaXBJVu5An1PLy8RR0QtBUKWh89FgHKXrKtOZJVeAFsNFsVrUk-nL0gRxIn3QfFaUrq4tB7_0mmBe7iAN6kcgRWGI1LH6ARJ2eM-ehj0hpDiJi0WYcdgkT4qGqYv53VC-c86XB0mt9z0OIsx7gWsHAUcSWBWRDdpE0BpY1_D_qicHd4Cwy5JhFvrrs5ChnHnC87OhFr_gZFYAYUF9wzhjhaN1dPvqOxcwO3ieB2LyEXAEw_LrOl0M2T7Vssq--F4NLYx1tLNHrmWya00g27xG-roOIEFwItLijHA&sig=Cg0ArKJSzOAUolRn5sXOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=54&cbvp=1&cstd=49&cisv=r20231130.70272&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F2D 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:32 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbaec7fa8ba99605d0b49338344dda248bc8adf0c2204242f42005e8fcc7252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:53:19 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 4 KB
996 B 10ms
9ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da1113b4a73813c466c98e190da4cc3c7a9e45c5d9e5f98b6079dc5981f40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 967
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 21:55:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 86C5 118 KB
40 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:54:48 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 86C5 57 KB
23 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:08:11 GMT

GET
H3 200 blackBG.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/blackBG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e68d083466d05a1181adfce4426c7b94d2f98b4fbd264f4e233037eccc1b336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:41:19 GMT
x-content-type-options: nosniff
age: 448012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1935
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 10:41:19 GMT

GET
H3 200 whiteBG.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 8 KB
8 KB 21ms
20ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/whiteBG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb37c7265805ccc8f837b766eedfd986e267a2e8989b3af7846fc7c4e98f114a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:46:02 GMT
x-content-type-options: nosniff
age: 12129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 11:46:02 GMT

GET
H3 200 DysonLogo_White.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/DysonLogo_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

810acd31b7ecd2d4620ecd26aab627950bc81a1773505ab199d0f605f4195a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:29:15 GMT
x-content-type-options: nosniff
age: 286736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4344
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 07:29:15 GMT

GET
H3 200 DysonLogo_Black.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/DysonLogo_Black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d768634a29c575842036df911561eaffe49035fac81e0c47a1fe09df13511c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 06:04:21 GMT
x-content-type-options: nosniff
age: 291830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4198
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 06:04:21 GMT

GET
H3 200 starRating.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/starRating.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d3ed1ff23eefc1603b609c5f8175919a332e3067f587556ed59f0c535a0e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:40 GMT
x-content-type-options: nosniff
age: 148771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6183
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 21:48:40 GMT

GET
H3 200 black_arrow.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 570 B
605 B 13ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/black_arrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cac16cf52dd483289d5ee5398fc828417e0cc977d4b7f3c46d7bef862b14c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:08:36 GMT
x-content-type-options: nosniff
age: 32375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 570
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 06:08:36 GMT

GET
H3 200 white_arrow.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 733 B
765 B 12ms
11ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/white_arrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3695bc33a57e5e902c842e4a4a06ad2b9790056d47795deaa24e1875148cb887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:09:59 GMT
x-content-type-options: nosniff
age: 273492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 11:09:59 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 8 KB
3 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 05:23:44 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 25 KB
11 KB 12ms
11ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25977
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 07:55:14 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 3 KB
1 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54f050738d440ff6190df4a9b39173cabdd1d3f09d31410ed9ef4966f913985e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1141
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 21:38:07 GMT

GET
H3 200 utmParser.js Show response
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 2 KB
501 B 11ms
10ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/utmParser.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29c378c2d12029d2022a158ed3ea4c7fd631faffef3da186c77d1d215cd8967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:45:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2D 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUJmz2zxvZaXAKrjU9u8P2YOYqAIAAAAAOAHgBAI&bg=!8vGl8b7NAAY3kmNgF5I7ADQBe5WfOLSFaSsVTIPYi2xCwIeD1Wl9tPk5tjuzcCNyfwFd8XJGz6fgelVmiRxuvYh7vIb9AgAAAC1SAAAAAmgBBwoAePKRa_byu5AL6934FqtYnhScKdiOiCc05lFDaKkH3sSEBkyGASRswTmEeiONd5YO0BRk8KuKmJDo68jybpFQbzTpVHW60yq9FA8ffXLooyW5WwSXc8o2tK7MCdhvz1bdiHsCA63MTPjxbs1davNXMVPmuSuuLS7vp5kC3J2oVsc0kjUkT6-eEKZa4V1QVVX2XHE746Qqpar2jl5P4lLy9uqGx7N_UaywxkttFxuyWLDB2-n-DytCZLhV68NvsPTcVcfgNOzEshVGaO85555LKuAAgM9SWo4OdI2EcBXSv1xM28ZEhQH4ZqauQ9oLYHw_rbZim-AGW1uuX-ss1IICB-uGh1HTlt2lYjszW51j0fQPK1-ZfwdUc0cI06sgZkeyASwKulANwZn6zw7V6aRVVxn-BO-6nWAcSm1fNp7qyDX-AE-hdq_Q8Xae7OmorlOPmBbhSzDI0aCX4F_WDMbRxRNHFzj0UVzmAG4npcyg7_28vLg5Rlf6FHXkrjhuqqtbNXesW-WatFl_EAeUH9vCKySaexDJFTpZMNVC5NQ1U8fEwMEHtion4hsZG4g2sxkOgctyguFeSwP9OAFcLbA0StajCKNJ5Sifwr7ds4cwQdMZ2StrcJCNi56QPyo_ghdXjlTnlFLZItp9ZECbfbTvF-ypKSaSIXbRbOjDJOJj3GWCnnJG1_qlWT2pY3DPLACnuR2mRuAS91fAGBFxsEYBUfSHh5kHZbDmaSh9BNVumFOjHM1gjqBKqs92gVWlcLctS678HEdwqX_W2WoTnODbVRS67WrvTA6nbt2X2OF0Ql3UmN9XndnEibwfJFPGXM2cMA_aRupTp6EKs1fd3QdfqQ7rPYZCM8MSxhGh-SPU-uugM41SkocfZ2dp8qgZpouAE_OWcbEGDQaGG8rGWsdBiPXgCxDVsQGST-Iy7qH-9l31KOPITLbO08HFIffkd_C1GmphjNsbDKLhRXklGbm80YuIhE3zsWMQi4e9L4O-EUtXpfJSntFFnwVhypjBtStX3g39kWR8vpLWgEhMYRokQe5xOkt78pmPZ74vEdxz1EMaS3YOamm01fXl2_VGSPzB27dmBV9W0S8v8yyZCakNFC-nVtADGwkS3SBP1IhhMxgMsEvh59UnJg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86C5 8 KB
6 KB 86ms
50ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b80ff1dfd07a83cbababe03f87fd45d5b765d0e591e42fa79f080dbfa8b3e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5891
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D0AF 4 KB
751 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=280&slotname=9992429224&adk=3451990369&adf=2653041513&pi=t.ma~as.9992429224&w=1200&fwrn=4&fwrnh=100&lmt=1701788891&rafmt=1&format=1200x280&url=https%3A%2F%2F19216801.one%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890772&bpp=1&bdt=232&idt=297&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:57:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:08:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame D0AF 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame D0AF 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:59:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame D0AF 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame D0AF 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0AF 202 KB
64 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:11 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame D0AF 37 KB
16 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 37EE 0
0 45ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYCUnfiuLu47TtDxxOSORMldbVVwcBKIaWiGh9Z2qgpwSJGJweGGkxeA0UrH__uY2qMNpq0MQ_YMmzcCDIGRBQxHrkTEShdDsBpw0SipV5Jy6aAIQ9HqEXgQAV2cF8HpLVOyVpGbF4E2DITPP7pm1-dkkV3orG9EO_p2YZjX5hDYXM2y3Ag6Lnp6tSATwuoa4NlD10pVXuFD_Pz6cL1_g4vlo1LF5G-6844e4UjwCAiHgmx7gdrtneQBjyynQgCIniigcFGtL9x2lz9_mrVAUSVFMnogTRZLHxwPZ4-dmI9OfC07X-iu10v3mAcPZ-KKzAziJKugPcix7pfm3tLkfbYb0C8r7gh2xSV9G0UnF2yei0shNix33O1Cc-pNGax-HTHjR43nmQj2mNEk-xCbvr7fZOR6y0dDkQj_rUT4avRKL6pvt52yQKL7ivl0PZDC3kgKYZzTGFKoZZ-kQPES1uJtxunjCOghCYwqpPpF2-3Yck_mNcHYbCSVLWX9YHuUgrbjnQNwiU0VLxaDns--nz8Ex_bojTBWoB3-abQhz3gZJ4V1JwWVOsb7CDGj2WZ4cGjFK2Cr3Xhff2JkLuwQcpz9veCXbBW_RRsUn8TCwXlFtVLutbYeOjISG5yz1sNUhGdpwIpQ0JRa14gbrhhxPyEHme7qB9d42kxdImKjcCj4ZcD0rT2S0vhnnldZW-xgzl4aK251iXt6ubCURCaY8OJEiA55g2YfixQ-jKOmDOKMm7TJNOz-m-wU9ThuCQXDYUyA8ncAx-WYcdh82uYXP7-oS5GC6R4ZKNEI3GpbnKZpeSsO5NKxqz1pDlqWCuVejv0-t3j0yp1SyqRiGKNzLcXDUXTz_llgSsMopyGRHXyLq3tR1pIszKFUW9NLlZDDg5_oiXq24KB1KtUFJEWiuDEvwWXnoh3ILVyXfarS3DZQCdoo-gVRNP_3ZBMvw0VQ2t7zcrdmcEZCQyFNzim9SpcMCy_EyVNEh4Bb8h3xJRzlNiymBOM9cjFLXV7VbyEYh630gh7X16TJNU6QZar09YBqyOK6SUn8WKPi_aX50499LWU17Hw68ODQbbbzA26cZDllkRuPIEO-r2ZcCzyriGQJvXJRr3kUbtvi7Bx1O774MWE3lJD3Okv2rZUx6Y1SW6gYObaSip6JXfqYBRZ1J0-J8k_-MCun_7IkDOVDXIe_oaViRJEOZnof2KjK91G2w68yUl1SBJrXsdWHbGqVThfCjqCh_Sf2l9K70NLHGrgYUDrw2w8yW9lLLYyfLCc7GqsN73j5UBgyL2_7BMOb98dAqctlhHcUt8uGH0GkyFc62qaBzBQmcSRbSm_Twq69s0s5lc48QzxqyRLxJI_45yebYR&sai=AMfl-YTaXBJVu5An1PLy8RR0QtBUKWh89FgHKXrKtOZJVeAFsNFsVrUk-nL0gRxIn3QfFaUrq4tB7_0mmBe7iAN6kcgRWGI1LH6ARJ2eM-ehj0hpDiJi0WYcdgkT4qGqYv53VC-c86XB0mt9z0OIsx7gWsHAUcSWBWRDdpE0BpY1_D_qicHd4Cwy5JhFvrrs5ChnHnC87OhFr_gZFYAYUF9wzhjhaN1dPvqOxcwO3ieB2LyEXAEw_LrOl0M2T7Vssq--F4NLYx1tLNHrmWya00g27xG-roOIEFwItLijHA&sig=Cg0ArKJSzOAUolRn5sXOEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=167&vt=11&dtpt=113&dett=3&cstd=49&cisv=r20231130.70272&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 37EE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1291251/67826872/4.js?ias_dspID=3&ias_campId=1010179150&ias_pubId=pub-4812870882449745&ias_chanId=1&ias_placementId=19226434042&bidurl=https://19216801.one/&ia...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_2zxvZaXAKrjU9u8P2YOYqAI&cbFunctionName=goog_wrapCb_2zxvZaXAKrjU9u8P2YOYqAI&true_pb=

1 KB
1 KB

8ms
6ms

Script
application/javascript

2600:9000:223f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_2zxvZaXAKrjU9u8P2YOYqAI&cbFunctionName=goog_wrapCb_2zxvZaXAKrjU9u8P2YOYqAI&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Server: 2600:9000:223f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id: 4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 69248
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 04 Dec 2023 19:54:03 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: teBT5yfD-5YF7wr7vEt9ngq_BXEMgDauuPjl_JC7m7BlLJL6ZcD0tg==

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:11 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_2zxvZaXAKrjU9u8P2YOYqAI&cbFunctionName=goog_wrapCb_2zxvZaXAKrjU9u8P2YOYqAI&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 386B 91 KB
23 KB 36ms
7ms Script
application/javascript 2600:9000:223f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6533941
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: jZnKb_CW8H0NQf0KvxKj-Ow2pA7pMnS_5MNGPXNLM8VcqjMVdZ7urw==

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9836914301011446030/ Frame D0AF 17 KB
17 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9836914301011446030/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afffda6f465547f880cceac7c119e79a1afb576482e0f0c853da1a4cdfe9ad50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:05:57 GMT
x-content-type-options: nosniff
age: 403334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17688
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 17:38:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 23:05:57 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/120532732203472322/ Frame D0AF 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/120532732203472322/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e115d723b30a101fceb5266dd5450c1c4d03e5a796b2476386133044edd5594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:29:28 GMT
x-content-type-options: nosniff
age: 56323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1711
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 23:29:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 37EE 43 B
215 B 534ms
177ms Image
image/gif 2600:1f13:800:7780:4c96:3892:23f5:65e3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=bb850525-df9d-0ffb-abf4-a52c6940be25&tv=%7Bc:vWhoJW,pingTime:-3,time:34,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:34,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXzSLci+11%7C12%7C13%7C14%7C15*.1291251-67826872%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:0,renddet:na,siq:13%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4c96:3892:23f5:65e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 37EE 43 B
216 B 532ms
175ms Image
image/gif 2600:1f13:800:7780:4c96:3892:23f5:65e3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=bb850525-df9d-0ffb-abf4-a52c6940be25&tv=%7Bc:vWhoJX,pingTime:-6,time:35,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXzSLci+11%7C12%7C13%7C14%7C15*.1291251-67826872%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:0,renddet:na,siq:13%7D&tpiLookup=ao:19216801.one*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4c96:3892:23f5:65e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 37EE 43 B
215 B 531ms
178ms Image
image/gif 2600:1f13:800:7780:4c96:3892:23f5:65e3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=bb850525-df9d-0ffb-abf4-a52c6940be25&tv=%7Bc:vWhoK1,pingTime:-2,time:39,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:848,beZ:848,mfA:850,cmA:851,inA:851,inZ:853,prA:853,prZ:856,si:860,poA:860,poZ:873,cmZ:873,mfZ:873,loA:882,loZ:884,ltA:886,ltZ:886%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXzSLci+11%7C12%7C13%7C14%7C15*.1291251-67826872%7C151%7C152%7C153,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:13,sinceFw:26,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4c96:3892:23f5:65e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame D0AF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24426cdedd8d56226cbe0d700e0858a5c8872552d74ff469a7dffff25b2b71f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0AF 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:05:47 GMT
x-content-type-options: nosniff
age: 82944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:05:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0AF 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:12:30 GMT
x-content-type-options: nosniff
age: 57341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:12:30 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D0AF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Csc0g2zxvZfDBBbzSjuwP8si18AXYl7b3c8OQtcn3EYOR9f0IEAEgopHrTWCV4pCCoAegAc6688AqyAEJqQK4mNzOwSuyPqgDAcgDy4SAgASqBN0BT9BHb6TByd_duLI_VhQKFfXjJHe467P...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215449465657787554644%22,%22debug_reporting%22:true,%22destination%22:%22https://sipgate.de%22,%22event_report_window%22:%2...

0
0

57ms
41ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215449465657787554644%22,%22debug_reporting%22:true,%22destination%22:%22https://sipgate.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211410398542%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224599966503130294849%22}&andc=true

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15449465657787554644","debug_reporting":true,"destination":"https://sipgate.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11410398542"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"4599966503130294849"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:08:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15449465657787554644","debug_reporting":true,"destination":"https://sipgate.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11410398542"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"4599966503130294849"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame A4BB 50 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:56:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3E8 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVVaacTcPqoEi1WZPiM8ZGEC2s0MYnU37fw0WxnTOzKfWuKE02Q_p0O1LkvlrKztCGNetcHi35FCU3Z4gHIOw4hHB8Kvf2adlaraUUw2ggUyq8FIg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890773&bpp=1&bdt=233&idt=301&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86C5 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 15:08:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0DA9 624 B
245 B 49ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNU0BJyCMRLsYOlsYs_nsO_gWEP1toaBxq9dONB_0VjNOiXxAXPE_E36OMA-owp3QkySHhsCXXHz6Qsa37uh-V64HcGumoi0-1OE2XItXjmFL5cg4kNmQLiIEAU5qWQv1h8vBc_ua-qKF6qv1z99bwISzN8j2JI4h5TjdoyLF_47Rlw8nFA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=5047153215&adk=2767054040&adf=483093038&pi=t.ma~as.5047153215&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890773&bpp=1&bdt=233&idt=301&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:12 GMT
expires: Tue, 05 Dec 2023 15:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B3E8 172 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 11:58:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame B3E8 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:11:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame B3E8 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:31:30 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B3E8 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B3E8 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B3E8 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3E8 202 KB
64 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:08:12 GMT

GET
H3 200 395899-01.png--wid=2000-fmt=png-alpha_1700002876160_395899-01.png
s0.2mdn.net/dynamic/2/11066624/dyson-h.assetsadobe2.com/is/image/content/dam/dyson/images/products/primary/ Frame 86C5 395 KB
395 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11066624/dyson-h.assetsadobe2.com/is/image/content/dam/dyson/images/products/primary/395899-01.png--wid=2000-fmt=png-alpha_1700002876160_395899-01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a19cddf03a65a38be6d6c352c793f72724eb750821325313ea3c93610cef34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:22:22 GMT
x-content-type-options: nosniff
age: 67550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404790
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 23:01:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:22:22 GMT

GET
H3 200 60001657_20221026100545403_dys_gene_de_icon_moneyback_euro.png
s0.2mdn.net/ads/richmedia/studio/60001657/ Frame 86C5 18 KB
18 KB 13ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60001657/60001657_20221026100545403_dys_gene_de_icon_moneyback_euro.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23695b7a3c6321be4eba15114165127101c524aed6d75ad8c15d0b3bdfaffb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:48 GMT
x-content-type-options: nosniff
age: 22404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18602
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 17:05:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 08:54:48 GMT

GET
H3 200 DysonBlack.png
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 4 KB
4 KB 13ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/DysonBlack.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1544a9b774fef3903b864a233a251f4d6ba30ea9cab697779c9fbef14d5b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/index.html?e=69&leftOffset=0&topOffset=0&c=M46rX4m71Z&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:37 GMT
x-content-type-options: nosniff
age: 22415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3706
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:54:37 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CF5C 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DysonFutura-Book.woff2
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 31 KB
31 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/DysonFutura-Book.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852cafe3bc46d907eb9f6e99e59f57414d3e1ead6a0b7d068d24c1d476313411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adStyle.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:20:55 GMT
x-content-type-options: nosniff
age: 78437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31984
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 17:20:55 GMT

GET
H3 200 DysonFutura-Medium.woff2
s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/ Frame 86C5 30 KB
31 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/DysonFutura-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adStyle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01b53b891f4bb2098d700fc629056d47d3628ecfe3e5707bd6ac327aa9c77bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2333874925758054400/300x250-Dyson_AO_BF_Remarketing/adStyle.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:41:17 GMT
x-content-type-options: nosniff
age: 88015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 10:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 14:41:17 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 19D4 39 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:32 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 995B 47 KB
12 KB 18ms
17ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:12 GMT
expires: Wed, 04 Dec 2024 15:08:12 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B3E8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65b54322160ddd621feeb9deb1034fea5ef02812cfa290a99da33c6902fd266c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B3E8 0
0 133ms
83ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstrLFU5Bdtv87G7PT7xuE-2Z5uas_uWGP64Dm62wz5ZmdWQCJh__5TFcRQnf7mGyGaY9ljgCJFNQbWllNawb308KMNtpWfbUnTUehXlr25HinVygDOlsie4yFTJxApbTvdaAYIltinSRxEygrGGJv2ooQ6DgyxL526O5iUQfXu4lMY7dB1KE0UGSLbZq1Da1ILlGR7XCMabDZrf1gPg8Ubgw4nEZmhjtc3BV44PNRzuBnkkNoEjsmihe2hk_KjvQUtfPFfqh1AFfPedjdxCW5p51K_Tz5vW0pzDTCe291BzewJK5leq7q2Xlt64cSL6yEmi25D86Piu9hw3_TF66wKkTesgVJH7uHx-mt3fu8SdvHUswBk85dnvQXxS7LVa-tlnSsthdP3h_MOEaayDvR3R1B_wWc8xGx2Hlt1alO1MbqL9tIQ6Y_IuPuBjbkp9wd_MO0gVR6qIlRMqujZtZCadbXDhj-QhgZexv33ekOaQ8JR5pKTdqT5GbhcQcbwslk3_PScd-oxDwg_bpCjnpt5S91sAxYn3_x3aSLiXeAUIe2yFAEJ_5KN6MtWdg-rYjO8TyNXbG1nMPyCGbabAq88d10B9H2d1JmVajNtUZv3LnbNDiiTWrt9--O-1nRf9GOpsb_1a5-ULC6HeONlkx7bRnVYSTM3-zOJWA-Pe78xs_VqY34AV6WMDO6t0FnTIZ820-iC7dMu8Kb-EgXGoz07gwF5XXNp23VICbzU7Wj-0UCN4MJQh4ySjzbDFGZKukGOw-pQeDDtx5A6ngMdhGeGFenISLuP5RbAm2yEFEVpO31lniFZjixI0lGtcjOz3Lelpgga2ndUdHu5s41nJ_M6eB7ApRl0vJklm0yq6kb5aR3K-Y1sVyu9Z3VCnffUY651Hsits-IwkE4La0Zv-7FzoEXDYfXj47d9c0yJ-LcXAzddok7Ka1qDNyW6ntrentA-AmCQGVqSeL9nKKMvnkewno413kPGrOFDeZtFIqVIypfI55D9liTTEBu1k0oZjeuFZNI6VW5oAAhDBadUNwrX-iE_M4eDMMty57BL2jQka9hR_aODIbY_9oROQ8gpoDHbSU8wgANZ-IYjwKBbAGoZ49DgpDqrt2qLkPiiZh4WXy6xGiS0vrls0n4EZ-gRmYnXjisQpZDetj7iBC2f25KtK-iIyavifdqQsV3o6Pr3xlfdjZ8_tZ-ljt-i3kfdTFWZXae1MnkRRCtrLmIrs2YdqaoNKuIso0OS-ocNn7BDm5c0-Y5g6c-hR_rpWTPw9EeCq_sltIAk65BmVqmqv1A4fSZO7320TOcns7W6qqQJPXAiLBXhQlIHlgEPnN5BlQK4IcEexroiMjIrceTGnMiaDoKccAlRnhL3CxNhB0sLRfOp0lgKm6f4&sai=AMfl-YQ4x2Xo8Dortp1QItnldG1No-zoQF9tI6JZzp6BLArSc4MLsv4fBd_rKcEBjWH4X_kfTefPPBUMwK3ecv_OlPbgwBxsmuV-OmOum2jaYZlk_dxyKSXcavM-Uy4W2ZaC0ub2KUrSS8BjOldxC1HcFzMlzpDbeVa2M8PuX3sfUSper5lPNbztk8spF0mF_AJcCRIosPTUUXVNJiOX1F-sKnOiwQpJzg6S7GSvy_JHfT_hc4g6S8USCZvCKaC8tclIz7QdMM7KjMtvBAb-m3tD8nSsFDf0b8U4CAlXnPNqZkxum6TH7cZz6IKALBcdJJNKro45eT61KmRQfdWmPQHD4UHFt5aOHf_SUfVTV6ZdNr0Fu6tKmeg1PUsed8jeh4cyFrEux0uZeNytDGjFAb8yB7UzVpqsgMazXA8YEHeTihkaTHuHyknOMcRfRF3LBkoRHO-jFGSVgdCWnt8vokotdm4zwR5osm7FNFUWKCFOb00_4RXte0YMQPjXna1TON_MeEIv1g&sig=Cg0ArKJSzPBy0qN3MQi7EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=61&cbvp=1&cstd=57&cisv=r20231130.72598&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0DA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1

43 B
732 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNU0BJyCMRLsYOlsYs_nsO_gWEP1toaBxq9dONB_0VjNOiXxAXPE_E36OMA-owp3QkySHhsCXXHz6Qsa37uh-V64HcGumoi0-1OE2XItXjmFL5cg4kNmQLiIEAU5qWQv1h8vBc_ua-qKF6qv1z99bwISzN8j2JI4h5TjdoyLF_47Rlw8nFA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcuNl3dGgx1PIz2AzUhGF96gEWyLLwl0fdTiL%2BGVdekUsw5l0%2BxDLSLucLhonaaoZr4nQaAmrmiTa22wSIXqrLgbmeWIcnwd8%2FYfHm2YV%2FkgurOhJKiZ2r1RJCoSZ1pB190U1U9onRZF%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d33ff9eaf3a91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0DA9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW882yP1wxHiLnYXgLY9zgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1

43 B
736 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNU0BJyCMRLsYOlsYs_nsO_gWEP1toaBxq9dONB_0VjNOiXxAXPE_E36OMA-owp3QkySHhsCXXHz6Qsa37uh-V64HcGumoi0-1OE2XItXjmFL5cg4kNmQLiIEAU5qWQv1h8vBc_ua-qKF6qv1z99bwISzN8j2JI4h5TjdoyLF_47Rlw8nFA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK3%2FU0WKJHLY%2FkUhIyLkdEQUAZSlRdHpneKcC26GkJ6v%2Bl9WWIXlk7az9RKHT3dTtWGEvVwXV2e5LyIo6%2BV9%2FaUc2utCyEHpcN6RC1fyO8IjnBvWeJWc9iahuuqvFhHjldVIIcS8qKCV0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d33ffdf0b3a91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnMOGTuEnymzFwAR5c5S3o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0DA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1

43 B
841 B

13ms
13ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNU0BJyCMRLsYOlsYs_nsO_gWEP1toaBxq9dONB_0VjNOiXxAXPE_E36OMA-owp3QkySHhsCXXHz6Qsa37uh-V64HcGumoi0-1OE2XItXjmFL5cg4kNmQLiIEAU5qWQv1h8vBc_ua-qKF6qv1z99bwISzN8j2JI4h5TjdoyLF_47Rlw8nFA

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
an-x-request-uuid: 381aa0bb-d4ad-4ece-8e16-4ef4b2fc7ae5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKGc86UgTw49PJN4-5aRtJg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DA9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NDcyNzk4NTY3NzI0NDExNw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NDcyNzk4NTY3NzI0NDExNw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
an-x-request-uuid: fef9a41a-6cf1-45bd-a4ab-2af265764853
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NDcyNzk4NTY3NzI0NDExNw%3D%3D
x-proxy-origin: 138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 68ms
40ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 15:08:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 995B 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:54:48 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 995B 63 KB
25 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:08:12 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CF5C 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:32 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B3E8 0
0 45ms
45ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstrLFU5Bdtv87G7PT7xuE-2Z5uas_uWGP64Dm62wz5ZmdWQCJh__5TFcRQnf7mGyGaY9ljgCJFNQbWllNawb308KMNtpWfbUnTUehXlr25HinVygDOlsie4yFTJxApbTvdaAYIltinSRxEygrGGJv2ooQ6DgyxL526O5iUQfXu4lMY7dB1KE0UGSLbZq1Da1ILlGR7XCMabDZrf1gPg8Ubgw4nEZmhjtc3BV44PNRzuBnkkNoEjsmihe2hk_KjvQUtfPFfqh1AFfPedjdxCW5p51K_Tz5vW0pzDTCe291BzewJK5leq7q2Xlt64cSL6yEmi25D86Piu9hw3_TF66wKkTesgVJH7uHx-mt3fu8SdvHUswBk85dnvQXxS7LVa-tlnSsthdP3h_MOEaayDvR3R1B_wWc8xGx2Hlt1alO1MbqL9tIQ6Y_IuPuBjbkp9wd_MO0gVR6qIlRMqujZtZCadbXDhj-QhgZexv33ekOaQ8JR5pKTdqT5GbhcQcbwslk3_PScd-oxDwg_bpCjnpt5S91sAxYn3_x3aSLiXeAUIe2yFAEJ_5KN6MtWdg-rYjO8TyNXbG1nMPyCGbabAq88d10B9H2d1JmVajNtUZv3LnbNDiiTWrt9--O-1nRf9GOpsb_1a5-ULC6HeONlkx7bRnVYSTM3-zOJWA-Pe78xs_VqY34AV6WMDO6t0FnTIZ820-iC7dMu8Kb-EgXGoz07gwF5XXNp23VICbzU7Wj-0UCN4MJQh4ySjzbDFGZKukGOw-pQeDDtx5A6ngMdhGeGFenISLuP5RbAm2yEFEVpO31lniFZjixI0lGtcjOz3Lelpgga2ndUdHu5s41nJ_M6eB7ApRl0vJklm0yq6kb5aR3K-Y1sVyu9Z3VCnffUY651Hsits-IwkE4La0Zv-7FzoEXDYfXj47d9c0yJ-LcXAzddok7Ka1qDNyW6ntrentA-AmCQGVqSeL9nKKMvnkewno413kPGrOFDeZtFIqVIypfI55D9liTTEBu1k0oZjeuFZNI6VW5oAAhDBadUNwrX-iE_M4eDMMty57BL2jQka9hR_aODIbY_9oROQ8gpoDHbSU8wgANZ-IYjwKBbAGoZ49DgpDqrt2qLkPiiZh4WXy6xGiS0vrls0n4EZ-gRmYnXjisQpZDetj7iBC2f25KtK-iIyavifdqQsV3o6Pr3xlfdjZ8_tZ-ljt-i3kfdTFWZXae1MnkRRCtrLmIrs2YdqaoNKuIso0OS-ocNn7BDm5c0-Y5g6c-hR_rpWTPw9EeCq_sltIAk65BmVqmqv1A4fSZO7320TOcns7W6qqQJPXAiLBXhQlIHlgEPnN5BlQK4IcEexroiMjIrceTGnMiaDoKccAlRnhL3CxNhB0sLRfOp0lgKm6f4&sai=AMfl-YQ4x2Xo8Dortp1QItnldG1No-zoQF9tI6JZzp6BLArSc4MLsv4fBd_rKcEBjWH4X_kfTefPPBUMwK3ecv_OlPbgwBxsmuV-OmOum2jaYZlk_dxyKSXcavM-Uy4W2ZaC0ub2KUrSS8BjOldxC1HcFzMlzpDbeVa2M8PuX3sfUSper5lPNbztk8spF0mF_AJcCRIosPTUUXVNJiOX1F-sKnOiwQpJzg6S7GSvy_JHfT_hc4g6S8USCZvCKaC8tclIz7QdMM7KjMtvBAb-m3tD8nSsFDf0b8U4CAlXnPNqZkxum6TH7cZz6IKALBcdJJNKro45eT61KmRQfdWmPQHD4UHFt5aOHf_SUfVTV6ZdNr0Fu6tKmeg1PUsed8jeh4cyFrEux0uZeNytDGjFAb8yB7UzVpqsgMazXA8YEHeTihkaTHuHyknOMcRfRF3LBkoRHO-jFGSVgdCWnt8vokotdm4zwR5osm7FNFUWKCFOb00_4RXte0YMQPjXna1TON_MeEIv1g&sig=Cg0ArKJSzPBy0qN3MQi7EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=142&vt=11&dtpt=81&dett=3&cstd=57&cisv=r20231130.72598&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 995B 47 KB
47 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:03:36 GMT
x-content-type-options: nosniff
age: 276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:18:36 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 995B 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:59:04 GMT
x-content-type-options: nosniff
age: 548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:14:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 995B 8 KB
6 KB 49ms
49ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48874156b08b23611e0a99ee618e3547d6021f78ba6734784af7a4a2145f0b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5936
x-xss-protection: 0

GET
H3 200 60005582_20231018073939815_APP_iPhone-15_AirPods-Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 995B 39 KB
40 KB 9ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018073939815_APP_iPhone-15_AirPods-Pro.png

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f07df9a25306b4fcdc6a68e80929073f04e3bb244e144cab4a18fcf56f5c62f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:18:21 GMT
x-content-type-options: nosniff
age: 6591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40446
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:39:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 13:18:21 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 995B 28 KB
28 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:04:00 GMT
x-content-type-options: nosniff
age: 252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 15:04:00 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 995B 43 B
607 B 54ms
17ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893502_145340772_PO1601A20231201&ref=30943227_4307561_379893502_145340772_PO1601A20231201
Requested by: Host: 19216801.one
URL: https://19216801.one/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:08:12 GMT
Via: 1.1 varnish-live-1-0
CF-Cache-Status: HIT
Age: 472811
X-Cache: MISS
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
Last-Modified: Thu, 09 Nov 2023 15:03:02 GMT
Server: cloudflare
Etag: "2b-609b98009f580"
Vary: Accept-Encoding
Content-Type: image/gif
X-Varnish: 14729568
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830d3400789230cf-FRA
Expires: Wed, 04 Dec 2024 15:08:12 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 995B 26 KB
26 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=PrmKmd68wj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:58:34 GMT
x-content-type-options: nosniff
age: 578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 15:13:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5C 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXZN_2zxvZeTpBe2k3gO5xrDIAgAAAAA4AeAEAg&bg=!oKOlo-zNAAY3kmNgF5I7ADQBe5WfOBae2bnzBEHpJ6gj4b0V6XlBBNBTQNtKAjtfb4_NFxZp4SJ41jqPY9Yvxxk-24UAAgAAAEVSAAAAAWgBBwoApplpP0d2tB41x5cYGSDj7P3PDIqrdBSd5ZT97DgCP9GvNdJZJsl8YVpBHwLLSrC0sM4Neg6uMSBQh1-RAhgFv7Y8bvcDNNuVSxI5JBqSyxhnreSRtyVdPvPBQ9lSciFUq_Xh0uBNaNeFOZXVI050lXcVeRtQz8klo_08EMfw1AcSKf3siJNKq9emMc1MpeWppcD1XswHHwq2JgViF32DpTtO_DcU-VmZAta12OSBfiVqGTYpQxJMC8xgNRnoQ6wQSpR6LK9HFnB-TY9pR_fQH-ACqSCvVRs5e4gRPqdL34YFpQjy3IQmBREao3Qa3ttROW_5Oprdb07UIpWUDD7rfp1Gx8f9XEu8t3CPwwaQ9DlWdqomidgKH4B-nY3__Sfr73LpcLRedtBgA3gmx4uHgWKIP9fvd5OGsAtGPE6CjoP4DLv0A3kpWhZY8p7P58E9Czcv0ZqKmkcYScIRd_E0G-w3zNv_iG7Twz88uVMGLqOeySlXoGU_4qpDgrox7lbvdDCjGMVn-IjrGlnaZS-8yuRxyEKACVOzzIKSesD1HyQS1EBQFxrM-VJoKiJPO6t8Cpr4PzAW_mriyUO9BpK25jPLl-d0qArAS882AZXy9OQ105O8BUaOTy2Lpv8FpzXkgnZcb6NB6G5Nz02lEZFs1xorpb437aJSe4M-VjFyhgDQT73zZOEys3uVNhkQSuwjrdIdRbBLPuPLa-f2-mcHiHW1vwbIy0-X9c2wXilthPwdO0F6hQz1OpUI4p0jdgzQopQ6TzeTvXfNGmabZPYQf2ERgPnCVKFMeqknm_gtg9hCuNi-vcU2TJcpVigMmyE-NCvkLNblWqa4rJiyoB9JMRjhCPvG0Jg8b1tEnxquMXS1lAoSlXwWRXIPvU4IBCDORurvkrujlFJgs7tc7nZpb2F-BEWwU8pCfaPpNZh1OUPybRbGmQpx70i-aMqt8ys3AZd2Reyg5yWWtfQ5SbUMVpHOfaySm9ZFuhX3cgukeU_Nd48czfmJM1u2wd3wjJM2ZFywLJ3AK0cOgWYAMHF4u3QnTU81rdoe3z3uUymRliG_UwLiMTCviUzVR26fG-djHDcGsYq7qYTjeZfZLiC0XEKpXchl3q5--ocuKfajrX10BP-hfmueO5KC8WKElQtDs3ugq2xhiVDRpcexxNUnhc6CQnWR0KA0uIjnxtmO_PM

Requested by

Host: 19216801.one
URL: https://19216801.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 995B 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 15:08:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 37EE 43 B
215 B 225ms
179ms Image
image/gif 2600:1f13:800:7780:4c96:3892:23f5:65e3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=bb850525-df9d-0ffb-abf4-a52c6940be25&tv=%7Bc:vWhoOZ,pingTime:-10,time:347,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701788892272%7C%7Cc65181413dc4c66b416434d47fba528b%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C582e8f06b8abffb90d8d4e3029022677%7C%7C5f3e7446c15506152f111a28c516ed30%7C%7C6573624ff028e9c06baa35cd007f60e1%7C%7C94fe29894ebff97c4c52ef5400110728%7C%7C3de1ff7c96de6ddabd04ddcbcf12668d%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4812870882449745&output=html&h=250&slotname=6244605269&adk=2225904923&adf=3479050406&pi=t.ma~as.6244605269&w=300&lmt=1701788891&format=300x250&url=https%3A%2F%2F19216801.one%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788890774&bpp=1&bdt=234&idt=302&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x250&nras=1&correlator=1098107441744&frm=20&pv=1&ga_vid=1947165613.1701788891&ga_sid=1701788891&ga_hid=13070579&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C44795921%2C44809531%2C44807764%2C44808149%2C44808284%2C44809072%2C95320229&oid=2&pvsid=3695382837250639&tmod=799309503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4c96:3892:23f5:65e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7084 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d99da2c7cab505c6625f6979f67c7aa71a2569ac793f0018fc4c58526d54dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12165
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 37EE 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7780:4c96:3892:23f5:65e3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291251&asId=bb850525-df9d-0ffb-abf4-a52c6940be25&tv=%7Bc:vWhoT5,time:601,type:e,im:%7Bpci:%7Btdr:565%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B596~0%5D,as:%5B596~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:227,fm:tXzSLci+11%7C12%7C13%7C14%7C15*.1291251-67826872%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:92%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:4c96:3892:23f5:65e3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:12 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 15:08:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE4A 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:00:29 GMT
expires: Tue, 03 Dec 2024 22:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D73B 829 B
1 KB 39ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

650c50d6ea587e9c07849cf280b303600b485c7964d112403c4f2827a8301bf7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VQ4N_fXWr7qPMkXwnHmaBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://19216801.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VQ4N_fXWr7qPMkXwnHmaBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:08:12 GMT
expires: Tue, 05 Dec 2023 15:08:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BE4A 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D73B 0
0 42ms
42ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=3695382837250639&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE4A 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bDX9_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:08:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D0AF 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6jhH6FBs2qjSO-_DfSLBVTNqp4Ou3N_CrucIglF1nu2vqlHSRxMPHFKE1Caq9woCF78nIGk1Bq9_kaK6AzfkzoFXZyX614u3f1fMmVsarEMLtcK_BpbajmIHCQGo7IgVnfEm1jLdPM0ZeTZFUfjnunUieyCcQ6zzQsyebE8s&sai=AMfl-YT0lq9RYK7QMWbYU74TV9-H34c4dlLheVGXbwz09jRUSMRx9hhZVmEt6gnmPztd1tQdT43mCZ5Wfi-uEcT3WMfWxZ2CniwWFVJBZ5WFoxtdQVwPI5AFX8WWZ0qHHRTLjL8qak2QemRjwEpEcvWDLd24DkQWbH1nzz1j&sig=Cg0ArKJSzBH2jn-_z_I_EAE&cid=CAQSTwDICaaNS7vFkLwQcWz3sAq6QrN-M1sSQftR41tWFH3FMJ9NGktD-GUhbC3GXQyFMquuTrqEQrklpiAOK2oI8Pp5jBeFqdzmgGIwDws4GxEYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3451990369&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701788891073&rpt=919&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=3695382837250639&bg=!zM-lz4DNAAY3kmNgF5I7ADQBe5WfOAOMDgxlnc0DXM06asQktE3cMHYQvgtVeyQa-Fq7wP1G0xqhDagCHAzvRzFCPWLaAgAAADxSAAAAAmgBBwoAL-CgXXL1MCBT5b8N7OEZLJ9TEBO7VSjBMl3zJ1jJ76MfwV8tGz7GGLjzRAe5gQPvmQKwhrmKchdjJcPrc_jeCdIKwGWuz9YZUlsrJrVBInkfSY55rp54RVY7R5C7XH1wGOgWn_qsHFCg6UURfulF9zKRXXPrMF987hyFFPGQ0-m_GKRQfNq9xde4koiEQhsogxQzGxMSXPTX_zxuPBAU-ukvoqn2oHRsyHI8jV3XviZ9gwAlrP-rNJBHJtp6cXRg8CZz9Ovv5jamJ6_a3AiD5qx5Rr98wyxwYQ-xYZAOA9vmTULgT5aGYzI2upU8xWEdXIsveHWaVNwNGKUqxTming4gwt2yA0C5rCzyRqHNkslAPxnKNR7rGbPjvfZSdgpibzzMKFgrJvWA6-LB5mB6-tZkKLTyGTDaHsmGEF5057wJyuDrNJj_8xrezWYIJvMxcTXIU_DboqoNWC2BOQ_XsMTSpdPO7bAqSbtp-z0A5tvvxV0TitKBqMay4LgAMVhjT8zwVMwyYqY9xUQztyqRBShHREbMyyXJv0v7Xnyv5mY11gpwsQRKiP9ysxvywBDMuShkBLm0n--Sr79wXzQl-_SESM1mEjGaScTmHR4fncjtDs5VHDd4z8dxr1v-GT8z9fBLOE8LCrlv_jKJ5YmImzzRadGmmHVus2dykRog8FYPgsBPMBUfUF-vgt33tns3_F26y9gK-6285ucnWTJopTaENIxx955rBhHfHkS4KMJlyJ7707YEnuXbo0WnoI_duJQkJ0hJuH5Eq2s4rEtPPstba4yoayoNvQd-jhDnwkhX32FoAB7IxAkb1uiFFYx-uncF1-qq87DpT2GSsDPXk_1MF2L39wRdMIOts0RocwFcfoLG0C87naODb1mQl0QzN4RH7xCwCwA04exA-4pioNKBpSiVizFtaZHwEtxKL7c1YWW_6eGD6BIQTUScXmheCCqztfvnWs-jShbBo0VgCuORxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19216801.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37EE 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4514395568521&version=m202309260101&ct=76&x=1&cor=13304470652921039000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:08:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 01:28:44	Name: ID Value: 5a5d09bb8a9a4fd79238163e64592a8a
cdn.itskiddien.club/	1970-01-21 01:28:44	Name: OAID Value: 32501b5faec447ba97794f0d34f50dce
cdn.itskiddien.club/	1970-01-21 01:28:44	Name: oaidts Value: 1701788890
.19216801.one/	1970-01-21 01:28:44	Name: _ym_uid Value: 1701788891589146759
.19216801.one/	1970-01-21 01:28:44	Name: _ym_d Value: 1701788891
.mc.yandex.com/	1970-01-20 16:43:09	Name: sync_cookie_csrf Value: 1571574602fake
.yandex.com/	1970-01-21 02:19:08	Name: i Value: TuJfx/n4n/nN3aYOWOwQdGXr2EQtowNkJSPutTf3lfmJ4MiIi0OmEnfLguYdzIjwfGMqtllRMQwZMLemiLOuWwq6y/0=
.yandex.com/	1970-01-21 01:28:44	Name: yandexuid Value: 5225898871701788890
.19216801.one/	1970-01-20 16:44:20	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 16:43:09	Name: sync_cookie_csrf Value: 2317057216fake
.mc.yandex.com/	1970-01-20 16:44:35	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:19:08	Name: yandexuid Value: 5225898871701788890
.yandex.ru/	1970-01-21 02:19:08	Name: yuidss Value: 5225898871701788890
.yandex.ru/	1970-01-21 02:19:08	Name: i Value: TuJfx/n4n/nN3aYOWOwQdGXr2EQtowNkJSPutTf3lfmJ4MiIi0OmEnfLguYdzIjwfGMqtllRMQwZMLemiLOuWwq6y/0=
.yandex.ru/	1970-01-21 02:19:08	Name: yp Value: 1701875291.yu.2934116801701788890
.yandex.ru/	1970-01-21 01:28:44	Name: ymex Value: 1704380891.oyu.2934116801701788890
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 817431751701788891
.yandex.com/	1970-01-21 01:28:44	Name: yuidss Value: 5225898871701788890
.yandex.com/	1970-01-21 01:28:44	Name: ymex Value: 1733324891.yrts.1701788891
.yandex.com/	1970-01-21 01:28:44	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-21 02:04:44	Name: IDE Value: AHWqTUmoLwZJt3TviK3YtobLVa3vEq2HiBi1nAg_8AwBZera_tBAaxKGKJaAyIie
.adnxs.com/	1970-01-20 18:52:44	Name: uuid2 Value: 1854727985677244117
.casalemedia.com/	1970-01-21 01:28:44	Name: CMID Value: ZW882yP1wxHiLnYXgLY9zgAA
.casalemedia.com/	1970-01-20 18:52:44	Name: CMPS Value: 2186
.casalemedia.com/	1970-01-20 18:52:44	Name: CMPRO Value: 2186
.doubleclick.net/	1970-01-20 21:02:20	Name: APC Value: AfxxVi46b7TS3ze_ji_m6OQygh1suhx2JyT-3sAxOTn4qXuLIeaVBA
.19216801.one/	1970-01-21 02:04:44	Name: __gads Value: ID=2525dbc50855c792:T=1701788891:RT=1701788891:S=ALNI_Mb_HG2wUIVyRdYiIsHqKVnH8HFoiw
.19216801.one/	1970-01-21 02:04:44	Name: __gpi Value: UID=00000d0b24f2018c:T=1701788891:RT=1701788891:S=ALNI_MbNaeH7sS3IVkAyVbSXiHak3RbG7w
.adnxs.com/	1970-01-20 18:52:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVTtCZ5:!]tb)8i_iqf!oN/@E'zz<Z0QHyihQ_iEC.I^LYw33c.Yj(:rq^F8A[8TQ9pTD._PlZ[C[-kX-Haf/f
.googleadservices.com/	1970-01-20 18:52:44	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19216801.one
ad.doubleclick.net
cdn.itskiddien.club
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
itweepinbelltor.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
pagead2.googlesyndication.com
portal.o2online.de
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
139.45.195.8
139.45.197.236
139.45.197.250
141.101.90.98
142.250.181.230
142.250.184.226
142.250.185.130
142.250.186.162
18.203.173.246
185.89.210.180
2600:1f13:800:7780:4c96:3892:23f5:65e3
2600:9000:223f:b200:8:48e:53c0:93a1
2606:4700:3032::6815:1693
2606:4700:3035::ac43:cd55
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
01b53b891f4bb2098d700fc629056d47d3628ecfe3e5707bd6ac327aa9c77bd5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0e68d083466d05a1181adfce4426c7b94d2f98b4fbd264f4e233037eccc1b336
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f1d7b2ef567d0e451f0de6e5f7fa7b0effa13e773f2400027f9566d01a16ffe
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1b80ff1dfd07a83cbababe03f87fd45d5b765d0e591e42fa79f080dbfa8b3e05
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e115d723b30a101fceb5266dd5450c1c4d03e5a796b2476386133044edd5594
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23695b7a3c6321be4eba15114165127101c524aed6d75ad8c15d0b3bdfaffb32
23870ae663b1bf7dfc718dedca013ef2ce8ac1ac491dbef772d45c8978a9c63a
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
24426cdedd8d56226cbe0d700e0858a5c8872552d74ff469a7dffff25b2b71f9
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3204d77f977e684b7d4f767c9ca8324c7db419b261b98dfb93d22edc82d62677
3695bc33a57e5e902c842e4a4a06ad2b9790056d47795deaa24e1875148cb887
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c3b68062c0f9168b9b29ccd09ccf69ba7c4a4161ac8a9906075027984d90923
3d1544a9b774fef3903b864a233a251f4d6ba30ea9cab697779c9fbef14d5b35
3d2cf36f9efab785d612ef41372c00e7805b982761d1084b46842af3925dd851
3ea538dfe3f28e017d4e9a739ef1923f0e42a37d17743050b1b4066d28746357
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47d11000ced885efbf67cdf08f16b2a8de93837fa36e72e3547f8b6bd04f8a74
48874156b08b23611e0a99ee618e3547d6021f78ba6734784af7a4a2145f0b0d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
499bcb2273a9ba8fe7bcfce3a8f267cd9b57c6f45a1cf5219389302a3a533120
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4ea556e03fa35c2015ad933cccfc2a755c6f82c194274b6ac323519a4b3bd200
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
51a19cddf03a65a38be6d6c352c793f72724eb750821325313ea3c93610cef34
52f77ae7a70445cc5e60fbf18243a87c5625eb420dea545d656b8c4ca6518d22
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f050738d440ff6190df4a9b39173cabdd1d3f09d31410ed9ef4966f913985e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d22bbb9d3127ddf5761b5e971956bf10b969155e64da5efcf4367ef2eb08f5
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
59e3967f720601141769a70da6124c3653489e0d7d85b72cbe4c39281d0fa322
5d768634a29c575842036df911561eaffe49035fac81e0c47a1fe09df13511c1
60c39d296b12fb08093447076315442ce1f8211b585d80b324cfd271079eb5ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d74453b8203e490d5712ab998ba1e4539ad3df87472783d3e7fbeb76957384
63479f1131ad66bea4e2d8f496c8c08d5f7dd99085eff6d7b28230daf79bb614
650c50d6ea587e9c07849cf280b303600b485c7964d112403c4f2827a8301bf7
65b54322160ddd621feeb9deb1034fea5ef02812cfa290a99da33c6902fd266c
698951af561933328a292befb875ae8297e520f091c4cc0531e84ce4f5272241
6a9d9a7b9afb473ed83c8b3fd98587aa89c7c6e639d27d41877296cb0d919b3e
6cac16cf52dd483289d5ee5398fc828417e0cc977d4b7f3c46d7bef862b14c39
6da1113b4a73813c466c98e190da4cc3c7a9e45c5d9e5f98b6079dc5981f40d6
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f766d4c399198c06d3bf1096a9731c1b4018d926ec83aaa16a7192f0f7a2e61
72ecfff079f37d8c9d84970d65e9033effcf4e3322776dd13a8697f0562706fd
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
7689b18598c9d487fd7029183dc13e5088586203061722fed9edafa8f8100d43
77f6c0a776001eccfbfc55c058b8978ea04c3d87c3e56930f6f6d51a7004fb20
7d99da2c7cab505c6625f6979f67c7aa71a2569ac793f0018fc4c58526d54dd7
7f4753a69cb1b48c7363d12e776e94aebc6a294e8f7dc50966764b9c2253a833
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
810acd31b7ecd2d4620ecd26aab627950bc81a1773505ab199d0f605f4195a58
82c7caa7395e107279eb68bf8d362fe363f8801524df9951565d125c5a60b187
852cafe3bc46d907eb9f6e99e59f57414d3e1ead6a0b7d068d24c1d476313411
89256d12149c427229478bd706a25f6a6c487489f2fee7790ca3350ff15b20e2
8abc3b73e072a619c447f11a1d49b507566340595a032fc4c683d98b9e2fbf01
8ed3257d9cb0d691c5133c008b5668e92ca9280ba29dee03188e05a8d8a66b06
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ad02f9169900cc21e3bc4e60af9849acae78d7d38f0f89d96a9d13059fe9ea42
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
afffda6f465547f880cceac7c119e79a1afb576482e0f0c853da1a4cdfe9ad50
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
b93a77da724d73e1a165e40b240287637402d304f962331e19a83c10e7f06d57
b9d3ed1ff23eefc1603b609c5f8175919a332e3067f587556ed59f0c535a0e5a
bb37c7265805ccc8f837b766eedfd986e267a2e8989b3af7846fc7c4e98f114a
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
d29c378c2d12029d2022a158ed3ea4c7fd631faffef3da186c77d1d215cd8967
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d681300c99180612df7ed8fa53902393696c6a8febc76a7e6b8cc7781bbea20a
d69d0949085a5cfef9753f76f070df7000ba63c93b8a85d9877f666a4634ac75
d7ed2bdd9648088ab5250da47bb62054fc531ff395b47b5325b1c0e8fcdd1c4a
d856d5e083af25ed0ca838f04091ffd9fa5bc1c77edec8aa87c8e12a3fd69aa5
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
df33ac4ce8c614009fd08651489a912e605f2bfd82ca08db0cc45579550f7997
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebc3d6723e9bc5c602087eb6575ad140db18e787cfc4132a96ccca9ad13222de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07df9a25306b4fcdc6a68e80929073f04e3bb244e144cab4a18fcf56f5c62f0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
fbaec7fa8ba99605d0b49338344dda248bc8adf0c2204242f42005e8fcc7252a
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

19216801.one Open in urlscan Pro 2606:4700:3035::ac43:cd55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

93 %HTTPS

56 %IPv6

18 Domains

25 Subdomains

25 IPs

6 Countries

2448 kBTransfer

5566 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

19216801.one Open in urlscan Pro
2606:4700:3035::ac43:cd55 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

93 %
HTTPS

56 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

2448 kB
Transfer

5566 kB
Size

30
Cookies

161 HTTP transactions
3 data transactions