rdphostings.com Open in urlscan Pro
172.67.165.205 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rdphostings.com/rdp/aff%20php?aff=3157
Submission: On October 09 via manual (October 9th 2023, 12:48:00 pm UTC) from NG — Scanned from DE

Summary HTTP 62 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 10 domains to perform 62 HTTP transactions. The main IP is 172.67.165.205, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdphostings.com.
TLS certificate: Issued by E1 on September 18th 2023. Valid for: 3 months.

This is the only time rdphostings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	172.67.165.205 172.67.165.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 20	2606:4700:303... 2606:4700:3030::6815:49c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
5	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
2	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
2	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.193 172.217.16.193	() ()
62	17

6 172.67.165.205 (United States)

ASN13335 (CLOUDFLARENET, US)

rdphostings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3030::6815:49c6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rdphostings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.136 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.193 (None, )

ASN- ()

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	rdphostings.com 1 redirects rdphostings.com	465 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	108 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	231 KB
5	gstatic.com fonts.gstatic.com	291 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	10 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 518	17 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	5 KB
1	googleusercontent.com lh3.googleusercontent.com	4 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	606 B
0	clipperroutesevere.com Failed clipperroutesevere.com Failed
62	10

	Domain	Requested by
26	rdphostings.com	1 redirects rdphostings.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	rdphostings.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ssl.google-analytics.com	1 redirects rdphostings.com
2	fonts.googleapis.com	rdphostings.com
1	lh3.googleusercontent.com
1	www.google.com	tpc.googlesyndication.com
1	stats.g.doubleclick.net	rdphostings.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	clipperroutesevere.com Failed	rdphostings.com
62	13

This site contains links to these domains. Also see Links.

Domain
googiehost.com

Subject Issuer	Validity	Valid
rdphostings.com E1	`2023-09-18` - `2023-12-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://rdphostings.com/rdp/aff%20php?aff=3157
Frame ID: EC4D3784577AAC6814A37B0EA881EED4
Requests: 53 HTTP requests in this frame

Frame: https://rdphostings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 8388634C92C0FB98237820BF4981B730
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 473F1E6F15898C415C9359BD141B7AAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9542790106739145&output=html&adk=1812271804&adf=3025194257&lmt=1696848474&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frdphostings.com%2Frdp%2Faff%2520php%3Faff%3D3157&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696855674403&bpp=4&bdt=557&idt=295&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6067755584734&frm=20&pv=2&ga_vid=377348669.1696855675&ga_sid=1696855675&ga_hid=1797449299&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31078600%2C44795922%2C44801485%2C44804783%2C44805099%2C31078301%2C31078630%2C21065725&oid=2&pvsid=1804692502461001&tmod=19438939&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359
Frame ID: 34F39507E86E01F40E42B26D2D1E214B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CCF042625F290669F4432AC4DAB0DED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F85D1A036FD1E6D0525B48D14A178D84
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 - Page Not Found - Free RDP Hosting

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

62
Requests

95 %
HTTPS

25 %
IPv6

10
Domains

13
Subdomains

17
IPs

2
Countries

1132 kB
Transfer

2892 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://googiehost.com/disable-adblock.html
Title: Disable Ad Block!!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://rdphostings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rdphostings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 34

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=563216559&utmhn=rdphostings.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=404%20-%20Page%20Not%20Found%20-%20Free%20RDP%20Hosting&utmhid=1797449299&utmr=-&utmp=%2Frdp%2Faff%252520php%3Faff%3D3157&utmht=1696855674890&utmac=UA-210520794-1&utmcc=__utma%3D11195383.377348669.1696855675.1696855675.1696855675.1%3B%2B__utmz%3D11195383.1696855675.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1404432316&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-210520794-1&cid=377348669.1696855675&jid=1404432316&_v=5.7.2&z=563216559

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request aff%20php Show response
rdphostings.com/rdp/ 25 KB
7 KB 1234ms
780ms Document
text/html 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ae449ac37bc1806655a808bf65bfe83f597c254f7a3e1dcf389598973d2f67b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8136bc14bab08fd7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 12:47:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxKOkFCQriankejTctqrCqHjLNHyMph%2FcTbW2KnbCiKu2FLThsFzvkvVQvDL7gKkPEKU3EdRuAifz%2FPhpk31WV0rVrjmNEefC1dx2sQiPCGjUe66TTdv03EEpO3QZewlMrs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 351ms
18ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Requested by

Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

8d42d05fa73f73458e9be063ef29bebae75eda640d092e0641e07f2b214ef3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 11:58:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 12:47:54 GMT

GET
H2 200 all.min.css
rdphostings.com/rdp/templates/rdp/css/ 278 KB
41 KB 21ms
20ms Stylesheet
text/css 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/templates/rdp/css/all.min.css?v=9842f4
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46428909efb2abaded26aad0e51eab2d3aff007fc2fee260d7d558239f654717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 05:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5117322
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqIOCaO1n9NgtUnq9LQnONzra2fffOFOHyAoo0UZCG%2B1X4IjOJfuDcvTGyof8NmH4IW18Ev6rZj4JahKCJjJU9assvAUDR1NR%2FSbrzjq4ThrpvvGsBGG0irjOEQ4lfOeSk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc19887a8fd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:19:08 GMT

GET
H2 200 fontawesome-all.min.css
rdphostings.com/rdp/assets/css/ 153 KB
29 KB 29ms
27ms Stylesheet
text/css 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/assets/css/fontawesome-all.min.css
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Feb 2022 04:09:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5117322
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3rUUrpA%2BKjULM6R%2BUoSF47U7GGKACqwhAjonwgN%2F%2FrflQFQN%2F2l7%2FKp0DT5eMbWx%2BXIzgdEZWiyr8udd6N06lmXIEB1MK7eKjoGP%2FG33i9PFulm8mxr6nEUS8nLeGU6Bw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc19887c8fd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:19:08 GMT

GET
H2 200 custom.css
rdphostings.com/rdp/templates/rdp/css/ 19 KB
5 KB 19ms
18ms Stylesheet
text/css 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/templates/rdp/css/custom.css
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cbed38a538864d17cb4e140164e27150f0d7336a0ae7d95840d2afd7f41e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 05:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5117322
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QWF0idclZ5YKBPY1Dk9mgDWvtQt1Dj5AOcG94lJ6Ur4P1Hv9ZDYPk4QzYcIAooB%2BVTYX9IVsvfL9ItaKWli4NIEfv9k9a0T6LVwns1x%2BuCASSncpQqwppVITLSxukamyfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc19887d8fd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:19:08 GMT

GET
H2 200 scripts.min.js Show response
rdphostings.com/rdp/templates/rdp/js/ 590 KB
172 KB 37ms
37ms Script
application/javascript 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/templates/rdp/js/scripts.min.js?v=9842f4
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1a845696d86b171e0c7b618cf62fd575efa59bc97dac3986072a1535f0b547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jul 2021 03:56:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5117322
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEzNg%2BwPgDXbTwHDRBqlMTwfwwMCBiw%2FNDwERYJOV%2BiIIQLkXGAvwrauhUuZm7Uy5ZrEmEsO6NxdQuloB6LjVP3JoeQZgnBuZVTkM3zl1Gu5gUaFZF%2F8ooZPKaFkj4qAejg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1988808fd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:19:08 GMT

GET
H2 200 style.css
rdphostings.com/rdp/modules/addons/ClientNotifications/assets/css/ 2 KB
813 B 19ms
18ms Stylesheet
text/css 172.67.165.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/modules/addons/ClientNotifications/assets/css/style.css
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.165.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85f5393c2995503853d76d3daeedec4a41714d1aa70a73c2957f0d758bf5941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 08:29:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5117322
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy7FVYes5jF%2FmD1rvOyQzh4NNn2MHRLp%2FNbWjoBVtLgY4KthSlWWdixZhO9q%2F18pwWTLzickJ8xq8c9hChbGWkBC0aJ%2B6nY0zwGLG2P2Ev8AXfDBPgHYNNOeRHeOR1ihwFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc19887e8fd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:19:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 417ms
73ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9542790106739145

Requested by

Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

02084e9c73104516947d15031e338652b1cafe1dc823d15752dbecd62ec95a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50948
x-xss-protection: 0
server: cafe
etag: 14384851876389696215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 12:47:54 GMT

GET
H3 200 logo.png
rdphostings.com/rdp/assets/img/ 2 KB
2 KB 22ms
21ms Image
image/png 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/assets/img/logo.png
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ad902559756c19b75a7c9d817c4e89d004caebc11f20c3e76ac322074ac814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5115505
alt-svc: h3=":443"; ma=86400
content-length: 2000
last-modified: Fri, 04 Feb 2022 04:15:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DV%2B75Pbg0VVfhjcOXUV%2BBat7YP%2FoiZQRfLN7yzFcfd%2FKusAIN3HeF2Z3DpOd37n81jost5jmgAXAe4MlToF6p0TchHCOMlBZEf1p0PWQ7QrL2ntL%2F6DLFlyHt5o9qTW3Cw3I8UFmj7vYk9Z9gk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8136bc1bb9ac916e-FRA
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 instant.svg
rdphostings.com/rdp/templates/rdp/img/ 814 B
1 KB 46ms
43ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/instant.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 797962b77628454942bbd21f32a6c21a5f0d65a835e9f0ed48e13722ac9f2fff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:12:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nobw%2BppV2X0LOfHyi1I6PevQg5DydCTQ0ROuKX%2F1N%2FcBzTQf%2BoW0e3puZ8n5rsxrsRzvfsyFEgMFLCxlL6cVa24DI6CV%2BcsxJQ3q34o1IT%2F%2BYulCMT3TdhfdALnE1rqXSKPrra%2FPjp2xWXqLlVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a28916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 root.svg
rdphostings.com/rdp/templates/rdp/img/ 691 B
935 B 23ms
20ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/root.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419ac69c03ca18c43af3640e5bcaa0e8a79be2e64f416289d4c9dc7b5672dc6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:12:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M80l444MJ0esctLbvefG8yhApRgn4tqHCeXQnDbcn78p1Wa3c19QPnZ7rGhSDLrKUS3ibReSRi1OnTsa5Lv%2FC5Za1U5hQJAFyTjBeGDtEFXipvBaMe1H6XonzlmG%2BTTVbO%2BH2a0fhYcpe7hjsEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a2b916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:40:59 GMT

GET
H3 200 live.svg
rdphostings.com/rdp/templates/rdp/img/ 4 KB
2 KB 23ms
20ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/live.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22df888911e56caf6d83907974bfffbfec2843004116a2b1bc2591cabf4a0d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:12:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSGRO1I4Y8JeclLXGpIg%2BSImV81a0a4NPgOkhbDHOSBSLy9CmGyjGO%2Fz0Uhu7Ej4Yc02SIqxhORYrQussmIDOv1O3hVIS7vVLYplak0aYxoHgR8HCKqzMHKPnaKUMNb1RRfMNxTcmf9c7mCMRXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a2f916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 uptime.svg
rdphostings.com/rdp/templates/rdp/img/ 958 B
1 KB 25ms
21ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/uptime.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3156a01febac110b21c33b0b1050758431e9a1bb120e32e2dc0fec75041fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:12:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zw0NFzhnToYFPV9dnI9bb8crdO%2BJa2PJJ31tGxQwvnOELxgUVRtC3Ax5BKIrjg1rxVzOkRlpjOEqr2ABNMX%2BouAehtheXrpkHo3jEFHzWH4xcNVuHxlM3ohBS%2FNAfSegPTGuOpm4hH%2B1PEPRN2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a31916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 hardware.svg
rdphostings.com/rdp/templates/rdp/img/ 2 KB
1 KB 33ms
30ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/hardware.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d3157dbbd95754ab778e865e28ac0dc1d3b60a980677cba2d2023d8553be88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHeGzrXbxyZ2MzNzqA4Q9BrW01QWfXZdzs5utBGmqHBf6KmaTzOK0f3O87kYPGyu8c4TuCQZzbUZPQkRD6aTXVU8dMhaKvu9Zr1hrDsQuME0zw9Ebu9S7LrXipx1rFO8fpvPKnhcl32c60WVrHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a33916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 support.svg
rdphostings.com/rdp/templates/rdp/img/ 2 KB
1 KB 23ms
20ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/support.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9aaea831d542193daecb4bf45e14058b5bcde133922cc36f3e385e64a27ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 06:12:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zKdIqRK30hv8hEvZ%2FphsxP9B96r5x4Ix4VNfW35jrlMJ0%2FOE7DF5%2Fze7T73Jc562tlrOxUfv7cdmsgqHNXdM36O6yd3SB2zug98borC1hsfHuVJ4sK%2BxlwXws2Fssn5Ep%2B%2Ft6NcENY62Ae0AoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a34916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 form.svg
rdphostings.com/rdp/templates/rdp/img/ 19 KB
12 KB 33ms
30ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/form.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6a3a7006aaf17e9fe7ce4c73cb11b31bf11d6c3b0bbda0ed89bf0c40cb7530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Me1qqbpmefQpfiiRZLNSKbwI%2BAxVXsJufbUbGDWzhh795dKqcTdAnEpYDnNpUXE4bWG3E6weut0n4ugIO6aIL5foUNhicOZlpGdymoy1Eag8S4lbKS56vd%2B55VFwz6r9uyXh0PRBZ1EvqFPXHRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a37916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 panel.svg
rdphostings.com/rdp/templates/rdp/img/ 17 KB
12 KB 25ms
22ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/panel.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b7a3f70e272571de48876348bae6b263cfed351fd7542616790064672963549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8qsuicr8njuHiGThfxkXd%2BO5RDBcsRIhG6txfj7ufrNTd6V1idBB%2FURhcszuND3xRmFJNiWCMfplqJloKS9h5OMpF79fBXFQh9nprPdDLZleP1MrihyOip1vZysERldROBnf6pecvC62h9okhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a38916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 website.svg
rdphostings.com/rdp/templates/rdp/img/ 16 KB
11 KB 37ms
34ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/website.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9467de7f6fbcca2cbab6f5a99ab7d173ac899076303eb0e41d45ee251500f486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIQ7zi3bWZP3zGqHoULHpAApDuaN6NAt1VBPOeOldDR6yUbJyiArA1Qmp4fbDZpQEv1aChVrigH%2FaiqunKEoymkdggF4uKzuDYjOwEt1yNoMKfpy7wZyNM09UycKOL3bX1ZR%2BLhVgkIHneNo0m8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a3b916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 overlay-spinner.svg
rdphostings.com/rdp/assets/img/ 711 B
929 B 46ms
44ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/assets/img/overlay-spinner.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Feb 2022 04:09:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI4Sf1dPaUEnyVxBORCz4rKdv%2BPfZ9XbGezHEtDeG7xlvOKJXcFdKH5xhfcCVzLirTnnihpK9QbCPycfVGAkGCFP%2BthrJJhZg86Ckihr0z2LW9P1YZSMXyomddWuPjA9tUgxBAnBNH6bSZ7B8Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a3c916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 clippy.svg
rdphostings.com/rdp/assets/img/ 519 B
843 B 24ms
21ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/assets/img/clippy.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Feb 2022 04:09:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stj9xPFhE9Xd166zIIQlUnbY7OUwUSunaj76PcmTk9L0BeZvJCFiYy98RDpwVFWsHqcgmPxSSqekvWEA0rnczKzvdBhq0HGwQGuWdH8lT5fp2sUDr3Hte3cqlJaE%2BWYyTI%2BBKxaYGcjiLg9J9rY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c0a3e916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET invoke.js
clipperroutesevere.com/9c801b7e621caf75b9a6026060c1a358/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 490ms
21ms Script
text/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 11:19:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 09 Oct 2023 13:19:59 GMT

GET
H3 200 custom.css
rdphostings.com/rdp/templates/rdp/css/ 19 KB
5 KB 41ms
41ms Stylesheet
text/css 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/templates/rdp/css/custom.css
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cbed38a538864d17cb4e140164e27150f0d7336a0ae7d95840d2afd7f41e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 05:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115506
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3Um03%2FO7hCLrJ%2Fd6W8La575xqssvQK6ODT3v8Rc81gvDXFBnyQnf3saco%2B7QVixwsx1m7X36yCmSQEmsYrPnUXHS2HAxy0zd%2FFd%2F0UW6%2FYJ%2FOUpnc8VVyKOE%2FlM7feTioeRCiMawfJABbs%2F78U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c1a44916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Aug 2024 07:41:56 GMT

GET
H3 200 fa-solid-900.woff2
rdphostings.com/rdp/assets/webfonts/ 120 KB
121 KB 32ms
31ms Font
font/woff2 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/rdp/assets/webfonts/fa-solid-900.woff2
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/assets/css/fontawesome-all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c

Request headers

Referer: https://rdphostings.com/rdp/assets/css/fontawesome-all.min.css
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5115505
alt-svc: h3=":443"; ma=86400
content-length: 123132
last-modified: Wed, 16 Feb 2022 04:09:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DwwBNBImZ75WUaHz2bQFDTswQtFgfyY0QsU80ffSVpcmyXbOdYzEeQs9MGq7GCxrakzr%2Fm3GwD5Xh00FwZX70J%2FTUN3K9EVDhzgcaPRGV8O4KUL8e%2FepIFEeXVD6MazQ8OgSvPz%2FpOwybt1NdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8136bc1c2a59916e-FRA
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 489ms
37ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:18:14 GMT
x-content-type-options: nosniff
age: 325780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:18:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 474ms
22ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 325895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:16:19 GMT

GET
H3 200 form.svg
rdphostings.com/rdp/templates/rdp/img/ 19 KB
12 KB 22ms
21ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/form.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6a3a7006aaf17e9fe7ce4c73cb11b31bf11d6c3b0bbda0ed89bf0c40cb7530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ33avNoo%2F2RjMvCvG1pnUyzpbwNGLYuWWW03fpS3GnLSeqQBoKY2AQlENBZhcEWt7LTt75Jz6hukpqGlQg%2FbNWtqRrpLUIowwcrxUI%2F8PUN%2FK%2FkMImffIkEmZ%2BVLGdx3crZzi1UUQGA8W6qZlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c6ac7916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 panel.svg
rdphostings.com/rdp/templates/rdp/img/ 17 KB
12 KB 33ms
32ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/panel.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b7a3f70e272571de48876348bae6b263cfed351fd7542616790064672963549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE14D2nAypseaQNdnYuZNUcrzaEx9cnB3AgRkPjEj3NoFfOmz23DTH3eXqM04nXIjoOCwuzi0C0BgBoEhrxVuzsccq9aeIb11v6KLy6Mfpd5jpUY2o4YOj4jFdndhgo%2BGMq%2FVPWoAgZ8mNFzCcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c6aca916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3 200 website.svg
rdphostings.com/rdp/templates/rdp/img/ 16 KB
11 KB 35ms
34ms Image
image/svg+xml 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdphostings.com/rdp/templates/rdp/img/website.svg
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9467de7f6fbcca2cbab6f5a99ab7d173ac899076303eb0e41d45ee251500f486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/rdp/aff%20php?aff=3157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 04:33:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5115505
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq2q3W8YbJsArxLLT91AYZa76AP1XQien%2F0mxFCxYL66y6fVUc1CVUxAVALOwd2V2yPE6eL9VaFEKnuEFJxRFkB5I2nQN31qY6Sdin%2BSiAA5a%2BPv6ufmuXesrHldgGPNgdAPPyJYBEJJcDqCOTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
cf-ray: 8136bc1c6acb916e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 07:41:58 GMT

GET
H3

200

main.js Show response
rdphostings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 8388
Redirect Chain

https://rdphostings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rdphostings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

16ms
15ms

Script
application/javascript

2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rdphostings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157

Protocol

Server

2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4bc3c13e93882da5bb7ae29d62ee33774a28c5fceb920e116fb25fa87a91886

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSPPcHw04BSH4GMiMLR2Yho0mRykiEfPGvykb17r54Mu8LAqlNGs%2BahY7EJ1fKzbLCVQy4e4g9ZXXe5hwijegOKKENuLbCzn9VUGzjqTzEPTLZlPLYQNldDPiXYewRxgZHZhfKdfvmVjiTYp4gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8136bc1d2c12916e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 09 Oct 2023 12:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DlZ5u0kYaD7s355VoWIlFKnkDXHPUvIg5obEA46DxdT%2FPHA9heA41X9PKUqda9JALs1wJHE4uQfNQ31lH9Z0kEfoYKIB954am4hXZot%2FiU3ZpOBCjXJ5wHsNPVccsW1mtM8Vw9sfZRAk8EV2xU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 8136bc1ceba3916e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 149ms
117ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9542790106739145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b27e0ef16b13afcc2f555c90f120095c144d29d2a731d8b419539b91c28e905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135152
x-xss-protection: 0
server: cafe
etag: 12386448848409753153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 12:47:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 473F 10 KB
5 KB 430ms
44ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9542790106739145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Sun, 22 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 8136bc14bab08fd7 Show response
rdphostings.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8388 0
567 B 59ms
51ms XHR
text/plain 2606:4700:3030::6815:49c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdphostings.com/cdn-cgi/challenge-platform/h/g/jsd/r/8136bc14bab08fd7
Requested by: Host: rdphostings.com
URL: https://rdphostings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:49c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 12:47:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3gGTyDrPJ1vjoyMogGbUbUo%2FZTZn7RhI%2FL2gl9F1XDP6X4IsN3OwTUih7lDowY4kOwBPfJQ0hX%2FVbj5vv9j0%2F3OJVX5mteWPU%2FXq%2FclsejX9PP3HOACmUPqj6kPbhb7uRH%2BI6DXqbIdpwr28Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8136bc1e3d9b916e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
606 B 398ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rdphostings.com&callback=_gfp_s_&client=ca-pub-9542790106739145

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d924ff4fc0e535f5134e9d78a9dfe508be67451519ddb599414a89947369316b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F3 22 KB
5 KB 523ms
492ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9542790106739145&output=html&adk=1812271804&adf=3025194257&lmt=1696848474&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frdphostings.com%2Frdp%2Faff%2520php%3Faff%3D3157&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696855674403&bpp=4&bdt=557&idt=295&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6067755584734&frm=20&pv=2&ga_vid=377348669.1696855675&ga_sid=1696855675&ga_hid=1797449299&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31078600%2C44795922%2C44801485%2C44804783%2C44805099%2C31078301%2C31078630%2C21065725&oid=2&pvsid=1804692502461001&tmod=19438939&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

67e7f0cb920778d38c5aac53f414baa300b0ec0aca5dbefc1c1fbdd703ff8ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:47:55 GMT
expires: Mon, 09 Oct 2023 12:47:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=563216559&utmhn=rdphostings.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=404%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-210520794-1&cid=377348669.1696855675&jid=1404432316&_v=5.7.2&z=563216559

35 B
337 B

436ms
26ms

Image
image/gif

64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-210520794-1&cid=377348669.1696855675&jid=1404432316&_v=5.7.2&z=563216559

Requested by

Host: rdphostings.com
URL: https://rdphostings.com/rdp/aff%20php?aff=3157

Protocol

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Oct 2023 12:47:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 12:47:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-210520794-1&cid=377348669.1696855675&jid=1404432316&_v=5.7.2&z=563216559
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-9542790106739145 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 589ms
74ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9542790106739145?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

5ce5f538aae30c038e387b3c8c565ca98d663a007a9ef498d3bd2a84b9bfbc9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oeDIoRzwvF1ROMj_n-79Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-oeDIoRzwvF1ROMj_n-79Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUxUWrYtrPzfgWWi99wG6Yx-Hf1qX5XrrXUc5--Drznxb-TFUlirTuJAslJNiPmf2Pm1HEQpLGJeNc4GjGu-rzs65y9OPDloUAeRpW8Zd2ZuvHl2MkgwKXb7Nk8P4iiigyIRDs5aA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 66ms
66ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUxUWrYtrPzfgWWi99wG6Yx-Hf1qX5XrrXUc5--Drznxb-TFUlirTuJAslJNiPmf2Pm1HEQpLGJeNc4GjGu-rzs65y9OPDloUAeRpW8Zd2ZuvHl2MkgwKXb7Nk8P4iiigyIRDs5aA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2ODU1Njc2LDM3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3JkcGhvc3RpbmdzLmNvbS9yZHAvYWZmJTIwcGhwIixudWxsLFtbOCwiSVN1QV9GTFMwdUkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/am=ggE/d=1/rs=AJlcJMzwaUy1AEc2c7_89HySqFvNL-gSlg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

7b383394fbb2909d375ffe97e197ecc016b00f943c3955ed25e9deb52660d357

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hV_XXsFiDmiEbZWrHp4TEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-hV_XXsFiDmiEbZWrHp4TEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 130ms
124ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

78aeb00032067e328e12d5518b79cf8c4f0c262bd819762a072aeaa2eee53a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12083
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 431ms
25ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 12:47:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CCF 13 KB
5 KB 24ms
13ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 11:52:49 GMT
expires: Tue, 08 Oct 2024 11:52:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F85D 829 B
1 KB 1195ms
789ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f4.1e100.net

Software

GSE /

Resource Hash

8c03849e9fbf420f78472264f16282124973fa518a891cd9a55b701e03c46217

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hDkXIX-98PeXc4FYUESWpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rdphostings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hDkXIX-98PeXc4FYUESWpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:47:57 GMT
expires: Mon, 09 Oct 2023 12:47:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CCF 37 KB
14 KB 72ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 11:52:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CCF 0
10 B 93ms
92ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qC2BYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 639ms
637ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.719339744719061

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iyMFDw8USFJIW4b89A7qUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-iyMFDw8USFJIW4b89A7qUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 655ms
653ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.738112468976437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JS2otfmkh6v7qff1aqMgNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JS2otfmkh6v7qff1aqMgNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 335ms
334ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1804692502461001&bg=!h4SlhMvNAAbjlzx0w5c7ADQBe5WfOFzmeahI8c5Aq2NXjEBXzHOI5CP9J9IsHNcS8MIB69GHrndDiquTk0WXJZg8g2juAgAAAJtSAAAACGgBB5kCvcBLn-b4ELc4S1YCg_uIExNh9ROEzybTzwD2HpTzwEUj1D71Zbtu-UFTVu0vaV2NkWENtMRHEVcd4dBvO5hECpLARa_vcFpCd4SVDJFqqsLn26rPh4CBft9YggKBS7LE9sQm09K3IY5-OY5L38PjbQbKfKWBY_OTFwHm42gEmZAbspLz3SstODQmiE92CNIe0GWR2U_we3JyEZ4pkzyqXiQjHHv0XracSzQ0c_j5mONfMJCLU5e0GVBF_vC8WhpBAZx_neB5Qfo0J_2VJ-ZbNl2tkICE3Yzu5vX3EsMBQ-4nC2JydubErd-5yesaIK9mozf8PmhKDBCONdGEHnjyRtgj8rUUtrWWCm2byEx9kBpyWmjYtrg8sENW9tV5vYPkMdEv4uy_pgmHQUk9bQXLUWCWwPlcHnN7bUhtgphyzTOUcxLBk-5qN-1sHO545DDpE2N8_gv2M-tCsmHfTE9ziSEzzHZIlBl7lT7zT_JjkCFpWJoNxbT47DHFQwRDcX3F5OIhKFTkRFwjR_SzOcBUJPXw35CEH7M7YCdCainCbS49PXVbv7RnF7mioIVZmmAajifaGjoLih881NaADARB9mafm0XF_5s6xakAWwOEGKOjxvbm_P612ebYF7wlCONAR3jlHWFuyeZjBCyAmy81_WUItgrER78yPgXz4nqVH_fruA7V2XiQnLrtkNYCCs-AYPHWtraKm7FQ9ifqmI8kUXEDCvVoMQedgONPYhSEBniuZxPKxGVUD_8Jihzc4uJhX9FeXrsuwLS0IMDtzIMKoAVqizJFAY4amEIQ7RQni0dkMhkrn3WxS4-U1j8yng_Oo4R4con7hPxCMKIn2wKw7fHZzl7gd6ftl3lzV_B_gLhB2PNw4T8bezfdEKHGhISYvYnw8D5hxvGEpItNYG0iPKCkwuelW9-QXgQcC_FE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 319ms
140ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BVerHrsGKor2jW3GsNlUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-BVerHrsGKor2jW3GsNlUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rdphostings.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F85D 0
0 172ms
144ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1804692502461001&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 acc_random=_730x60__fbadbookingsystem& Show response
fundingchoicesmessages.google.com/f/AGSKWxUQtWgQdqC3mWg0CzYrosFbHLeWTrzPnlBBTFkoubhvNjNnuTCAnLa7pqTPvlBRDecCXNOxnr6mcG674T33y3tWGBH67_nO_yvc4K_o2CpOtaV4IhMquNIMKQByKyVN_ohHTx0bSWkrHagmwoBEXbgZo4I8X... 54 B
109 B 221ms
205ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQtWgQdqC3mWg0CzYrosFbHLeWTrzPnlBBTFkoubhvNjNnuTCAnLa7pqTPvlBRDecCXNOxnr6mcG674T33y3tWGBH67_nO_yvc4K_o2CpOtaV4IhMquNIMKQByKyVN_ohHTx0bSWkrHagmwoBEXbgZo4I8X_CBsH7bXhQDBX3q5PVR7GBR2a-GzFnZ/_/advobj./blogadsbg./acc_random=_730x60__fbadbookingsystem&

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGPEcEyM__geJv35PaUEFtF_ef3Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dd3607e50de9e53a5e7ed09cec67b1f7e8f5b887fdbb71725e7db5372388d0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jrgP84NoB4wcNq3VicIWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-jrgP84NoB4wcNq3VicIWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 29 KB
11 KB 133ms
118ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aba26831a6efe421d112d56df8a2bdc7b733b2fb84d9ff1c0ada0a5feca5cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0
server: cafe
etag: 8483358422572587102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:29:47 GMT

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 218ms
213ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7WqiPAbSnIDRviJkuFsUBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7WqiPAbSnIDRviJkuFsUBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rdphostings.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
79ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmcqrkHC5PUn2jeW8hq_kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-FmcqrkHC5PUn2jeW8hq_kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rdphostings.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
43ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kJnIp-4Cfd2EsvVRfB5kqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kJnIp-4Cfd2EsvVRfB5kqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rdphostings.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
37ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WQZ4QMf0UYH_bkw2Wi5plA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-WQZ4QMf0UYH_bkw2Wi5plA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rdphostings.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXFu8jq8dGw5oQH0w30rtsOhin0G5msmEkM92B7_DctTc1DYkwYg04oGRRyUoIDAxgmsM33R8krQxY3973Kb2agPA9UpCFZH3qjMQ5wUcfpriU-uSj0urRYcJT27DvddpZASPxsUg== Show response
fundingchoicesmessages.google.com/f/ 293 KB
48 KB 156ms
155ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFu8jq8dGw5oQH0w30rtsOhin0G5msmEkM92B7_DctTc1DYkwYg04oGRRyUoIDAxgmsM33R8krQxY3973Kb2agPA9UpCFZH3qjMQ5wUcfpriU-uSj0urRYcJT27DvddpZASPxsUg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2ODU1Njc4LDYxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcmRwaG9zdGluZ3MuY29tL3JkcC9hZmYlMjBwaHAiLG51bGwsW1s4LCJJU3VBX0ZMUzB1SSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e8e5c92c805e20adb1c586a86ab6c944760f03a8ac4ca596244099b253a016

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lGntHDtI6FgEaEIHn7wItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lGntHDtI6FgEaEIHn7wItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 83ms
68ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/d=1/exm=ad_blocking_detection_executable,kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGPEcEyM__geJv35PaUEFtF_ef3Q/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 12:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:47:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 12:47:58 GMT

GET
H2 200 1d4SdLiZaTYIVxQWre_qGpKQ2agpsmxImdjKviCulkvN-Y5QWPWOjpcAa7ZVtaeCIFCQCOoPzniidUepf2BRdSjcznWEzozg0dCCva0k4U1t5Ely7nYK=h60
lh3.googleusercontent.com/ 4 KB
4 KB 542ms
43ms Image
image/png 172.217.16.193

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1d4SdLiZaTYIVxQWre_qGpKQ2agpsmxImdjKviCulkvN-Y5QWPWOjpcAa7ZVtaeCIFCQCOoPzniidUepf2BRdSjcznWEzozg0dCCva0k4U1t5Ely7nYK=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

6062fa1720884ad83416607bdc73e7fa67981ab671713dcd1273ec66e1c085f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rdphostings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:47:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4231
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 10 Oct 2023 12:47:59 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 137ms
109ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 277963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 07:35:16 GMT

POST
H3 204 AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 140ms
135ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVJBcks3Q4-qguNVGLa2McBpli0GqfjJFlgNrrsQe5oJjpWzDBBgafesmLsyZxP48VzOkp0z3VDWy8Hhds8teXCTbBnoUke6F9PdRlSfEOqfxCa0SNK0v4jvw0xwuV1GogIy_OBLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v_7MBCUSpFywL_w4p4QdeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rdphostings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 12:47:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v_7MBCUSpFywL_w4p4QdeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://rdphostings.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 181ms
180ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 374902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 04:39:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 174ms
174ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rdphostings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 325900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:16:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clipperroutesevere.com
URL: https://clipperroutesevere.com/9c801b7e621caf75b9a6026060c1a358/invoke.js

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rdphostings.com/	1969-12-31 23:59:59	Name: WHMCSGQpYd5KblT7D Value: 3a7c669573d4779f317fa7a958131c2c
.rdphostings.com/	1970-01-21 00:06:31	Name: cf_clearance Value: Q9unl6hXShHWx5F_aWHwjTmWvYjxoGGxIU2HMsNEIbw-1696855674-0-1-da26fcbb.476783f3.97f36aec-0.2.1696855674
.rdphostings.com/	1969-12-31 23:59:59	Name: __utmc Value: 11195383
.rdphostings.com/	1970-01-20 19:43:43	Name: __utmz Value: 11195383.1696855675.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.rdphostings.com/	1970-01-20 15:20:56	Name: __utmt Value: 1
.rdphostings.com/	1970-01-21 00:56:55	Name: __utma Value: 11195383.377348669.1696855675.1696855675.1696855675.1
.rdphostings.com/	1970-01-20 15:20:57	Name: __utmb Value: 11195383.1.10.1696855675
.rdphostings.com/	1970-01-21 00:42:31	Name: __gads Value: ID=30424224c6e44b15-22d6633c43df0099:T=1696855675:RT=1696855675:S=ALNI_MbTU-HS3vAKf90vR4vJq-a3rvaaEQ
.rdphostings.com/	1970-01-21 00:42:31	Name: __gpi Value: UID=00000c931aa68195:T=1696855675:RT=1696855675:S=ALNI_MYFqem_BfdtYr9t1PJfUGBv4BrT6w
.doubleclick.net/	1970-01-20 15:20:56	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rdphostings.com/rdp/aff%20php?aff=3157 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://clipperroutesevere.com/9c801b7e621caf75b9a6026060c1a358/invoke.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clipperroutesevere.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
pagead2.googlesyndication.com
partner.googleadservices.com
rdphostings.com
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
clipperroutesevere.com
142.250.185.136
142.250.185.138
142.250.185.194
142.250.186.130
142.250.186.66
172.217.16.193
172.217.18.1
172.217.18.3
172.67.165.205
216.58.206.36
216.58.206.46
2606:4700:3030::6815:49c6
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:82b::2002
64.233.184.157
02084e9c73104516947d15031e338652b1cafe1dc823d15752dbecd62ec95a01
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0dd3607e50de9e53a5e7ed09cec67b1f7e8f5b887fdbb71725e7db5372388d0e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1aba26831a6efe421d112d56df8a2bdc7b733b2fb84d9ff1c0ada0a5feca5cf6
22df888911e56caf6d83907974bfffbfec2843004116a2b1bc2591cabf4a0d44
2b6a3a7006aaf17e9fe7ce4c73cb11b31bf11d6c3b0bbda0ed89bf0c40cb7530
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31cbed38a538864d17cb4e140164e27150f0d7336a0ae7d95840d2afd7f41e97
419ac69c03ca18c43af3640e5bcaa0e8a79be2e64f416289d4c9dc7b5672dc6e
46428909efb2abaded26aad0e51eab2d3aff007fc2fee260d7d558239f654717
4b27e0ef16b13afcc2f555c90f120095c144d29d2a731d8b419539b91c28e905
53d3157dbbd95754ab778e865e28ac0dc1d3b60a980677cba2d2023d8553be88
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce5f538aae30c038e387b3c8c565ca98d663a007a9ef498d3bd2a84b9bfbc9b
6062fa1720884ad83416607bdc73e7fa67981ab671713dcd1273ec66e1c085f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
67e7f0cb920778d38c5aac53f414baa300b0ec0aca5dbefc1c1fbdd703ff8ba3
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71
78972e26a47ce2f3fe151170b4e1270debcc9fec0d1e56f88f3898f77c905405
78aeb00032067e328e12d5518b79cf8c4f0c262bd819762a072aeaa2eee53a81
797962b77628454942bbd21f32a6c21a5f0d65a835e9f0ed48e13722ac9f2fff
7b383394fbb2909d375ffe97e197ecc016b00f943c3955ed25e9deb52660d357
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e8e5c92c805e20adb1c586a86ab6c944760f03a8ac4ca596244099b253a016
8c03849e9fbf420f78472264f16282124973fa518a891cd9a55b701e03c46217
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d42d05fa73f73458e9be063ef29bebae75eda640d092e0641e07f2b214ef3af
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9467de7f6fbcca2cbab6f5a99ab7d173ac899076303eb0e41d45ee251500f486
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b7a3f70e272571de48876348bae6b263cfed351fd7542616790064672963549
9d3156a01febac110b21c33b0b1050758431e9a1bb120e32e2dc0fec75041fbe
a85f5393c2995503853d76d3daeedec4a41714d1aa70a73c2957f0d758bf5941
ae449ac37bc1806655a808bf65bfe83f597c254f7a3e1dcf389598973d2f67b4
bf1a845696d86b171e0c7b618cf62fd575efa59bc97dac3986072a1535f0b547
d924ff4fc0e535f5134e9d78a9dfe508be67451519ddb599414a89947369316b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9aaea831d542193daecb4bf45e14058b5bcde133922cc36f3e385e64a27ac0
f4bc3c13e93882da5bb7ae29d62ee33774a28c5fceb920e116fb25fa87a91886
f5ad902559756c19b75a7c9d817c4e89d004caebc11f20c3e76ac322074ac814

rdphostings.com Open in urlscan Pro 172.67.165.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

25 %IPv6

10 Domains

13 Subdomains

17 IPs

2 Countries

1132 kBTransfer

2892 kBSize

10 Cookies

1 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

rdphostings.com Open in urlscan Pro
172.67.165.205 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

25 %
IPv6

10
Domains

13
Subdomains

17
IPs

2
Countries

1132 kB
Transfer

2892 kB
Size

10
Cookies

62 HTTP transactions
0 data transactions