urlscan.io logo urlscan.io
SecurityTrails logo

1921681254.info Open in urlscan Pro
2606:4700:3033::681b:9e76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1921681254.info/
Effective URL: https://1921681254.info/
Submission: On January 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 12 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3033::681b:9e76, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1921681254.info.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 16th 2019. Valid for: 6 months.
This is the only time 1921681254.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2606:4700:3033::681b:9e76 (United States)

ASN13335 (CLOUDFLARENET, US)
1921681254.info
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
ipinfo.io
Domain Requested by
13 1921681254.info 1 redirects 1921681254.info
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net 1921681254.info
connect.facebook.net
2 www.google-analytics.com 1921681254.info
2 pagead2.googlesyndication.com 1921681254.info
pagead2.googlesyndication.com
2 cdnjs.cloudflare.com 1921681254.info
1 ipinfo.io cdnjs.cloudflare.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com 1921681254.info
31 12

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
192.168.1.254
Subject Issuer Validity Valid
sni208076.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-16 -
2020-03-24		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
ipinfo.io
Let's Encrypt Authority X3		 2019-12-09 -
2020-03-08		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://1921681254.info/
Frame ID: 7E60BECD3A351BFCC2373F1B2E8196BC
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/zrt_lookup.html
Frame ID: 493912EA9527B67538CDF812F1818FA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=90&slotname=1045350256&adk=2360677507&adf=831680713&w=660&fwrn=4&lmt=1580240943&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=660x90_0ads_al&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1580240943607&bpp=20&bdt=238&fdt=63&idt=63&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&correlator=1534163851583&frm=20&pv=2&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=8858366634&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=114&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=t1ujv6NSJn&p=https%3A//1921681254.info&dtd=74
Frame ID: 4C5376D6AFE9390D9ED53F4D6EE32EE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=5023000232&adk=2631323672&adf=2244262783&w=336&lmt=1580240943&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&wgl=1&adsid=NT&dt=1580240943627&bpp=4&bdt=258&fdt=79&idt=79&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=429&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ktA391jz79&p=https%3A//1921681254.info&dtd=81
Frame ID: EDC000C487617B757568243F847A8025
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=9809413709&adk=2511374367&adf=4161790396&w=690&fwrn=4&fwrnh=100&lmt=1580240943&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=690x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1580240943636&bpp=3&bdt=267&fdt=83&idt=83&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=931&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5QwUsFvc4D&p=https%3A//1921681254.info&dtd=85
Frame ID: 94052B2DD2318D8FC08A415D28125414
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&adk=1812271804&adf=3025194257&lmt=1580240943&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F1921681254.info%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580240943645&bpp=3&bdt=277&fdt=81&idt=82&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280%2C690x280&nras=1&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=85
Frame ID: 5D27A92E57945D4C4C5E052B5D39C55E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1921681254.info/ HTTP 301
    https://1921681254.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /Joomla!(?: ([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • meta generator /Joomla!(?: ([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

89 %
IPv6

12
Domains

12
Subdomains

9
IPs

3
Countries

343 kB
Transfer

1011 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1921681254.info/ HTTP 301
    https://1921681254.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1921681254.info/
Redirect Chain
  • http://1921681254.info/
  • https://1921681254.info/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
bcc76f3b25bed97c6efc6530fed5b444f9c966aae756f460600add5ad371612f

Request headers

:method
GET
:authority
1921681254.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Tue, 28 Jan 2020 19:49:03 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc00a5569ed1427cb70f161f5c68c5f371580240943; expires=Thu, 27-Feb-20 19:49:03 GMT; path=/; domain=.1921681254.info; HttpOnly; SameSite=Lax; Secure 6e2e4956967a9ccbd36e251f5af4b6e7=ee0laq3c326akql8is5nn40946; path=/; HttpOnly
x-powered-by
PHP/5.4.16
expires
Mon, 1 Jan 2001 00:00:00 GMT
last-modified
Tue, 28 Jan 2020 19:49:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55c57cc71c9ec2f4-FRA
content-encoding
br

Redirect headers

Date
Tue, 28 Jan 2020 19:49:03 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Tue, 28 Jan 2020 20:49:03 GMT
Location
https://1921681254.info/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
55c57cc6a8b1c2d6-FRA
uv3MN_vlXGZfq6VBNcmhgplXYvQ.js
1921681254.info/cdn-cgi/apps/head/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/cdn-cgi/apps/head/uv3MN_vlXGZfq6VBNcmhgplXYvQ.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9aa1aa86b00d3e4bcb67c70a05cc899d646159111bef2130bf656fc54c36e79

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
age
7822181
status
200
x-amz-request-id
52C74C4021ABFBD2
x-amz-id-2
63dskIxwEpPnsRJZfTxhsRgl5FqMx0KVfgUd6FxWHWYyHf1NFdD4NShRzL99G2iv9eXpS5yYNOk=
last-modified
Sun, 18 Nov 2018 06:26:37 GMT
server
cloudflare
etag
W/"b1b09274e53c58145b0d5606f50d16f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
R39MT_qyW2Z.3NQc3U60f3PhJ7bz38Oq
cf-ray
55c57cc8b9b6c2f4-FRA
template.css
1921681254.info/templates/protostar/css/ 		156 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/templates/protostar/css/template.css
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe67d6b07fdb5908ddae9f9dab244560747c7d336c6adf0c64e1dca8871b33b3

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 05 Aug 2018 08:17:31 GMT
server
cloudflare
age
3776
etag
W/"26e66-572abcacf78ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9c1c2f4-FRA
custom.css
1921681254.info/templates/protostar/css/ 		454 B
329 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/templates/protostar/css/custom.css
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44858c4879b8ac64cb3730b15cea008b811d689bfed2e1617135abe11f88aacd

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Oct 2017 18:47:32 GMT
server
cloudflare
age
3776
etag
W/"1c6-55c2723839b84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9c3c2f4-FRA
jquery.min.js
1921681254.info/media/jui/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/media/jui/js/jquery.min.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
W/"176d5-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9c4c2f4-FRA
jquery-noconflict.js
1921681254.info/media/jui/js/ 		21 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/media/jui/js/jquery-noconflict.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
"15-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55c57cc8b9c6c2f4-FRA
content-length
21
jquery-migrate.min.js
1921681254.info/media/jui/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/media/jui/js/jquery-migrate.min.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
W/"1c1f-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9cac2f4-FRA
caption.js
1921681254.info/media/system/js/ 		491 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/media/system/js/caption.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
W/"1eb-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9ccc2f4-FRA
bootstrap.min.js
1921681254.info/media/jui/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/media/jui/js/bootstrap.min.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebe64de8e1c2f92400a03a97250c8b2f7443025d53fa42df90cb0589350c233

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
W/"71e4-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9cdc2f4-FRA
template.js
1921681254.info/templates/protostar/js/ 		1 KB
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/templates/protostar/js/template.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6134d90ad4ea1911a38db6992cfec98cdf868270f17105d1c99bb29f0028d4a2

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2015 18:51:58 GMT
server
cloudflare
age
3776
etag
W/"53c-527a95552cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9d0c2f4-FRA
css
fonts.googleapis.com/ 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 28 Jan 2020 19:49:03 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 28 Jan 2020 19:49:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 28 Jan 2020 19:49:03 GMT
combo.js
1921681254.info/templates/protostar/js/ 		3 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1921681254.info/templates/protostar/js/combo.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc3d601acc649485b64a10391126fb76fa68c04bd49a46466dd2388f84451ac

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Oct 2017 18:46:35 GMT
server
cloudflare
age
3776
etag
W/"b35-55c2720116077"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55c57cc8b9d2c2f4-FRA
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
age
6886851
cf-ray
55c57cc8b92bbed3-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 17 Jan 2021 19:49:03 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
br
cf-cache-status
HIT
age
7822290
cf-ray
55c57cc8b92dbed3-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 17 Jan 2021 19:49:03 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
header_info.jpg
1921681254.info/images/headers/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1921681254.info/images/headers/header_info.jpg
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024368bc5113744832eee8010ef717f44089d31f552221984a17128a7477a7d3

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Aug 2018 09:09:58 GMT
server
cloudflare
age
3776
etag
"6223-572ac866a3988"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55c57cc8b9d9c2f4-FRA
content-length
25123
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		105 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de7a31498c4638e60f5e7773828e2d616c1f2c2199296e007c9d494a83b96f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37809
x-xss-protection
0
server
cafe
etag
50804368473941343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Jan 2020 19:49:03 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/cdn-cgi/apps/head/uv3MN_vlXGZfq6VBNcmhgplXYvQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4530
date
Tue, 28 Jan 2020 18:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 28 Jan 2020 20:33:33 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=376047389&t=pageview&_s=1&dl=https%3A%2F%2F1921681254.info%2F&ul=en-us&de=UTF-8&dt=192.168.1.254%20Admin%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUAB~&jid=1908297474&gjid=1922176554&cid=1917621740.1580240944&tid=UA-129396698-1&_gid=1793170042.1580240944&_r=1&z=932205622
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jan 2020 19:49:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 1921681254.info
URL: https://1921681254.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3c09ca7249980ca4c8d0070655f191cbb088ba061351a5a9ff870e60e8379b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Vb2bKfi2tElbGj97ZL2Dcw==
status
200
date
Tue, 28 Jan 2020 19:49:03 GMT, Tue, 28 Jan 2020 19:49:03 GMT
expires
Tue, 28 Jan 2020 20:08:52 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1781
x-fb-debug
1FwQsqxZAhyU3Bvu1G3yA5IXBgA7BX3Hy6UiSr52g1tpGEuDGndj53RPgwEerPDPNP/KqJFnU+gRhEWVpd/Wbg==
x-fb-trip-id
1850256238
x-fb-content-md5
e3505051e3956549d373d4dbb050d432
etag
"c000b19e2e5694728af824cbdbec512b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
integrator.js
adservice.google.de/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1921681254.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1921681254.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/ 		220 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c548e1be2e05f58275517fbc9d9fe83f3e4e1cfa2c2bde0d2c4c821320c7b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84107
x-xss-protection
0
server
cafe
etag
1376662113721379642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Jan 2020 19:49:03 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans
Origin
https://1921681254.info

Response headers

date
Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
5884536
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/ Frame 4939 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200123/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://1921681254.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 23 Jan 2020 14:39:01 GMT
expires
Thu, 06 Feb 2020 14:39:01 GMT
content-type
text/html; charset=UTF-8
etag
4350393549794053402
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6578
x-xss-protection
0
cache-control
public, max-age=1209600
age
450602
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
sdk.js
connect.facebook.net/en_US/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2352d301d44860add87871dc0bc430f7&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bb4ed858c88ac71603844375910c3c849c0aec07331239398f1d37a9dc93528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/
Origin
https://1921681254.info

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iWzBwKouMN4EC7VVqHohvw==
status
200
date
Tue, 28 Jan 2020 19:49:03 GMT, Tue, 28 Jan 2020 19:49:03 GMT
expires
Wed, 27 Jan 2021 19:29:34 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
60549
x-fb-debug
krrQbUFB9pj8isXrGhSacq1IbZGy+TyVzipvkRmRFFruA1N6ibaEQSBPKCx4qRIKj2Py4mpy4HTrbg4wV75FxQ==
x-fb-trip-id
2000377899
x-fb-content-md5
2887c0435018be75afb99a3c16091f17
etag
"32358d7b69c8c591aea9cf432f2b41f1"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
ads
googleads.g.doubleclick.net/pagead/ Frame 4C53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=90&slotname=1045350256&adk=2360677507&adf=831680713&w=660&fwrn=4&lmt=1580240943&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=660x90_0ads_al&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1580240943607&bpp=20&bdt=238&fdt=63&idt=63&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&correlator=1534163851583&frm=20&pv=2&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=8858366634&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=114&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=t1ujv6NSJn&p=https%3A//1921681254.info&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7040956516949208&output=html&h=90&slotname=1045350256&adk=2360677507&adf=831680713&w=660&fwrn=4&lmt=1580240943&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=660x90_0ads_al&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1580240943607&bpp=20&bdt=238&fdt=63&idt=63&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&correlator=1534163851583&frm=20&pv=2&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=8858366634&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=114&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=t1ujv6NSJn&p=https%3A//1921681254.info&dtd=74
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://1921681254.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 28 Jan 2020 19:49:03 GMT
server
cafe
content-length
5799
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 28-Jan-2020 20:04:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 28 Jan 2020 19:49:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48db482e657fcf98aa556a1b6318cafe94fff32756b2a4c20e51c95547f42c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1921681254.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 28 Jan 2020 19:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1580158369636768"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28051
x-xss-protection
0
expires
Tue, 28 Jan 2020 19:49:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EDC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=5023000232&adk=2631323672&adf=2244262783&w=336&lmt=1580240943&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&wgl=1&adsid=NT&dt=1580240943627&bpp=4&bdt=258&fdt=79&idt=79&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=429&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ktA391jz79&p=https%3A//1921681254.info&dtd=81
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=5023000232&adk=2631323672&adf=2244262783&w=336&lmt=1580240943&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&wgl=1&adsid=NT&dt=1580240943627&bpp=4&bdt=258&fdt=79&idt=79&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=429&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ktA391jz79&p=https%3A//1921681254.info&dtd=81
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://1921681254.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 28 Jan 2020 19:49:04 GMT
server
cafe
content-length
20976
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 28-Jan-2020 20:04:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 28 Jan 2020 19:49:04 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9405 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=9809413709&adk=2511374367&adf=4161790396&w=690&fwrn=4&fwrnh=100&lmt=1580240943&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=690x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1580240943636&bpp=3&bdt=267&fdt=83&idt=83&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=931&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5QwUsFvc4D&p=https%3A//1921681254.info&dtd=85
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7040956516949208&output=html&h=280&slotname=9809413709&adk=2511374367&adf=4161790396&w=690&fwrn=4&fwrnh=100&lmt=1580240943&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=690x280&url=https%3A%2F%2F1921681254.info%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1580240943636&bpp=3&bdt=267&fdt=83&idt=83&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=931&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5QwUsFvc4D&p=https%3A//1921681254.info&dtd=85
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://1921681254.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 28 Jan 2020 19:49:04 GMT
server
cafe
content-length
23576
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 28-Jan-2020 20:04:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 28 Jan 2020 19:49:04 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5D27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7040956516949208&output=html&adk=1812271804&adf=3025194257&lmt=1580240943&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F1921681254.info%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580240943645&bpp=3&bdt=277&fdt=81&idt=82&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280%2C690x280&nras=1&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=85
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7040956516949208&output=html&adk=1812271804&adf=3025194257&lmt=1580240943&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2F1921681254.info%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580240943645&bpp=3&bdt=277&fdt=81&idt=82&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=660x90_0ads_al%2C336x280%2C690x280&nras=1&correlator=1534163851583&frm=20&pv=1&ga_vid=1917621740.1580240944&ga_sid=1580240944&ga_hid=376047389&ga_fc=0&iag=0&icsg=146297320106&dssz=25&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=727733816354142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=85
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://1921681254.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1921681254.info/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 28 Jan 2020 19:49:03 GMT
server
cafe
content-length
532
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 28-Jan-2020 20:04:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 28 Jan 2020 19:49:03 GMT
cache-control
private
/
ipinfo.io/ 		185 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/
Resource Hash
b9141ee6c3eb0e349a535d836fd319a5adc642a3ea4487debb923426e02e73f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://1921681254.info/
Origin
https://1921681254.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Jan 2020 19:49:04 GMT
via
1.1 google
referrer-policy
strict-origin-when-cross-origin
x-xss-protection
1; mode=block
status
429
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
3a29463d20a26e0864a870b26aa0deb7/12801244260108200100
content-length
185
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| $ function| jQuery function| JCaption object| jQuery111306999022613535584 object| routers object| cookieconsent object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| FB function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.1921681254.info/ Name: _gat
Value: 1
.1921681254.info/ Name: _gid
Value: GA1.2.1793170042.1580240944
.1921681254.info/ Name: _ga
Value: GA1.2.1917621740.1580240944
.doubleclick.net/ Name: IDE
Value: AHWqTUmKP6yPSSeTvlGds9wznoaRaBhUl0H5TPMcQdwardtjFWk9p-CKL-JC1NPq
1921681254.info/ Name: 6e2e4956967a9ccbd36e251f5af4b6e7
Value: ee0laq3c326akql8is5nn40946
.1921681254.info/ Name: __cfduid
Value: dc00a5569ed1427cb70f161f5c68c5f371580240943

1 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js(Line 1)
Message:
The service[0] (//ipinfo.io) responded with the following error Error: Error [UNKNOWN]: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1921681254.info
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipinfo.io
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
216.239.32.21
2606:4700:3033::681b:9e76
2606:4700::6811:4004
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:815::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2003
2a03:2880:f01c:8012:face:b00c:0:3
024368bc5113744832eee8010ef717f44089d31f552221984a17128a7477a7d3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0dc3d601acc649485b64a10391126fb76fa68c04bd49a46466dd2388f84451ac
1bb4ed858c88ac71603844375910c3c849c0aec07331239398f1d37a9dc93528
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
44858c4879b8ac64cb3730b15cea008b811d689bfed2e1617135abe11f88aacd
48db482e657fcf98aa556a1b6318cafe94fff32756b2a4c20e51c95547f42c60
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
6134d90ad4ea1911a38db6992cfec98cdf868270f17105d1c99bb29f0028d4a2
6c548e1be2e05f58275517fbc9d9fe83f3e4e1cfa2c2bde0d2c4c821320c7b2c
6ebe64de8e1c2f92400a03a97250c8b2f7443025d53fa42df90cb0589350c233
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b3c09ca7249980ca4c8d0070655f191cbb088ba061351a5a9ff870e60e8379b4
b9141ee6c3eb0e349a535d836fd319a5adc642a3ea4487debb923426e02e73f1
bcc76f3b25bed97c6efc6530fed5b444f9c966aae756f460600add5ad371612f
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
d9aa1aa86b00d3e4bcb67c70a05cc899d646159111bef2130bf656fc54c36e79
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de7a31498c4638e60f5e7773828e2d616c1f2c2199296e007c9d494a83b96f69
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
fe67d6b07fdb5908ddae9f9dab244560747c7d336c6adf0c64e1dca8871b33b3